Oracle Audit Vault and Database Firewall brings together all your data auditing platforms no matter where it is from. Audit data coming from your OSs and databases are consolidated into one location. You can make use of a very accurate SQL engine that tracks and blocks any unauthorized traffic even before it gets to your database.
Activity data related to the database originating from your network are also consolidated with audit data. Furthermore, you can use Oracle Audit Vault and Database Firewall to customize your monitoring and auditing controls as required by your business’ security requirements.
Preventive controls
With Oracle Audit Vault and Database Firewall, you will no longer be a victim of attacks that get past your perimeter firewalls. Because your audit logs and monitoring events for your database are consolidated by Oracle Audit Vault and Database Firewall, you are able to ensure that all application behaviors are enforced by policies. This also helps you avoid SQL injection, bypassing of applications and other types of malicious attacks from even reaching your database. More than that, Oracle Audit Vault and Database Firewall also monitors and audits users so that you can avoid attacks from hackers that are pretending to be privileged users.
Compatible with others
Oracle Audit Vault and Database Firewall can also consolidate the audit data that comes from Microsoft Windows, Oracle ASM, Oracle Solaris, Oracle Linux and Microsoft Active Directory. If you have customized data (sourced from other tables or sources), you can still consolidate these because of the Oracle Audit Vault and Database Firewall’s plug-in architecture.
Firewall for your database
Oracle Audit Vault and Database Firewall makes use of an advanced SQL grammar analysis engine to help check SQL statements that reaches your database to see whether to let these SQL statements pass through. It can also log, substitute, alert and even block the SQL statements it processes. It can also support policies that can do black listing, white listing and exception listing. This means that it can come up with a list of approved SQL statements, a list of SQL statements from certain IP addresses or users that are not allowed into the database, and a list that tells it when to override either the black list or the white list.
Audit data consolidation plus lifecycle management
Consolidating your operating system, database and directories’ audit data can help you get a comprehensive view of your database activity – complete with execution context. You can also use the Audit Collection Plugin to collect audit data coming from XML files or application tables and then move them to the Audit Vault Server. You can keep data for any period of time from days to years depending on its source and on compliance requirements.
If you want to learn more about Oracle Audit Vault and Database Firewall and how it could protect your data and database, call Four Cornerstone at 1 (817) 377 1144 today. We have a team of Oracle certified experts who could help you know which Oracle products, tools and software are best for your enterprise.
Photo courtesy of Oracle.
