Back to the main page
Analyst Report: KuppingerCole on Oracle Audit Vault and Database Firewall
In February 2013, leading European security analyst firm KuppingerCole issued a snapshot review of the recently launched Oracle Audit Vault and Database Firewall, "a solution that supports the entire stack around the database, from the operating system to custom application log files," writes Martin Kuppinger, the report's author.
Built to monitor both Oracle and non-Oracle database traffic, Oracle Audit Vault and Database Firewall detects and blocks threats. At the same time, it simplifies compliance reporting by consolidating audit data from databases, operating systems, directories, and other sources.
Unified Monitoring and Auditing Platform
The new product represents more than just two products—Oracle Audit Vault and Oracle Database Firewall—offered as a single solution.
"Notably this is about integration, not just about a suite of two different products," the report's author writes. "The new offering has a single administrator console and fully integrates the two products."
As a result of this integration, events generated by the database firewall component are automatically provided to the audit vault component, which securely gathers data from all monitored databases.
Combining Accuracy and Performance
Leading the list of strengths cited by KuppingerCole is Oracle's SQL grammar-based approach to database event filtering. This approach "provides a very high level of accuracy and allows finding a good balance between avoiding false negatives at all and minimizing the number of false positives," the report finds.
To support environments that are highly sensitive to performance restraints, the solution also provides flexible deployment models, remote monitoring, a high-availability mode, and support for inline blocking and monitoring.
Other strengths of Oracle Audit Vault and Database Firewall cited in the KuppingerCole report include
Download the KuppingerCole review.
- Support for leading relational database systems, beyond Oracle Database
- Integration of database firewall and audit/event management, leading to database-specific security information and event management capability
- Support for audit and event sources across most of the stack, including operating systems (currently Microsoft Windows and Oracle Solaris), file systems, and custom audit sources
- Flexibility to monitor, audit, or both
- A strong security approach, including delivery as a hardened soft appliance, separation-of-duty features, and a fine-grained internal security model
Find out more about Oracle Audit Vault and Database Firewall.