Back to the main page
Announcing Oracle Audit Vault and Database Firewall
In December, Oracle announced the availability of Oracle Audit Vault and Database Firewall, the industry's first and only product that protects both Oracle and non-Oracle databases by bringing together network traffic monitoring and audit data analysis into a single software appliance–based platform.
The new offering merges the core capabilities of two previously available products—Oracle Audit Vault and Oracle Database Firewall—and expands protection beyond databases with support for auditing operating systems, directories, and custom sources.
"Combining both Oracle Audit Vault and Oracle Database Firewall is a logical step. It combines the real-time analytics and the ability to do ex-post and forensic analytics on database activities," says Martin Kuppinger, founder and principal analyst at Kuppinger-Cole.
"Oracle also raises the bar with its broad support for heterogeneous database environments. We recommend evaluating this new offering as the baseline solution for database security," adds Kuppinger.
More Than the Sum of Its Parts
“Oracle Audit Vault and Database Firewall is not just an integration of two existing products,” says Vipin Samar, Oracle vice president of database security product development. “This is a new product that provides a unified monitoring and auditing platform that goes beyond databases."
In addition, the new product enables customers to accelerate enterprisewide deployments and simplifies operations. Features include
- Database activity monitoring and firewall. This feature provides SQL traffic monitoring of all certified versions of Oracle and third-party databases including Microsoft SQL Server, SAP Sybase, IBM DB2, and MySQL. A unique approach to SQL grammar analysis and easy-to-create whitelists, blacklists, and exception lists better detect unauthorized activity—including SQL injection attacks.
- Expanded enterprise auditing. This feature provides additional support for collecting and consolidating audit and event logs from Microsoft Windows, Microsoft Active Directory, Oracle Solaris, and Oracle Automatic Storage Management Cluster File System, as well as XML and table-based audit sources through XML-based audit collection plugins.
- Consolidated reporting and alerting. This feature consolidates and centralizes all audit and event logs into a single repository, enabling real-time analysis against predefined policies for unprecedented visibility.
"Customers no longer have to choose between security and compliance,” adds Samar. "They now have a product that lets them more easily achieve both at a lower cost."
Find out more details about Oracle Audit Vault and Database Firewall.