We performed a comparison between IDERA SQL Compliance Manager, Oracle Audit Vault, and Trustwave DbProtect based on real PeerSpot user reviews.
Find out what your peers are saying about IBM, Imperva, Oracle and others in Database Security."The ability to track activity including the SQL statements is definitely valuable. I really like how the database is laid out. It's straightforward. I can query the back-end tables. I've made a few of my own email alerts based on the data and the tables. It's accessible."
"The initial setup was straightforward."
"The tool can track logins and login failures. I made my own alert so that if there is a certain number of login failures for a server, it emails me. That is really useful. If I want logins to automatically lock out after a certain number of failed attempts, I can know when that happens."
"Technical support is perfect."
"It is a good product for controlling all databases. It is helpful for auditing the data. When people are doing any actions on the databases, they are recorded automatically in the vault. You can work on the collected data to find out exactly what is happening on a database. You can implement database encryption on the databases to control people's access to the database content, such as rows and tables."
"The critical event alerts and reporting features have greatly reduced loss of man hours that would have been spent on going through the whole audit event logs."
"It has provided us with a unique opportunity to automate risk discovery."
"Out-of-the-box policies ensure our compliance with standards like SOX, ISO 27001, and so on."
"Oracle Audit Vault has a lot of great features, but what I find most valuable is the database firewall."
"Our clients can see all of their past actions or the wrong activity done on the network. We can load the diagnostics for the business."
"Our client was scheduled to take a year and a half to set up compliance, but by deploying this product they were able to do the compliance reports within three months."
"Transfer and vulnerability scanning are the most valuable features of this product."
"The most valuable feature of the solution is that you can have a good view which is provided with a proper division of all your databases, which you can see in Trustwave DbProtect."
"This solution helps our clients to monitor their database use, and detect violations of the policy."
"There is an agent that collects the data on SQL Server. Sometimes it will stop collecting. I'm not exactly sure what's happening but I have to go in and manually restart the agent. It would be nice if the central collection server could send a request to the agent to restart."
"The set up is kind of clunky, in my opinion. It's not really intuitive. If they had either a smoother install or better instructions, that would be nice."
"I submitted a ticket (last year) about archiving/grooming of old records because the GUI functionality was not working. Per their recommendation, I ended up using a command line to do it."
"What would really a good thing is if you could refer to an external list or table for filtering on, say, certain applications, IP addresses, or host names; or perhaps even combinations of host name and application name."
"Its filtration and navigation are not the best."
"Some of our customers were asking about latency when the application wants to get to the database."
"They should simplify the integration and work with different vendors and mechanisms."
"The product monitors only the database and not the operating systems."
"Customized reporting is something that we are struggling with, and it is quite tough for us."
"An easy, friendly user interface would be nice to have, since this would enable administrators to identify important events with a prompt response."
"The performance of Oracle Audit Vault could be improved, especially in handling large data collections and generating reports on time."
"Stability could be improved, we have had some challenges"
"One feature that is missing is the ability to have a secret server that is always encrypted."
"I have seen that the tool's installation phase has some problems regarding the versions, specifically the version of SQL."
"We have not been able to integrate this product with a lot of standard incident response solutions, so an open API would help in this regard."
"The product does not have encryption or data masking."