Oracle Audit Vault Review

It monitors SQL traffic, looking for unauthorized or out-of-policy SQL statements.

What is most valuable?

AVDF can monitor SQL traffic to look for alerts on and prevent unauthorized or out-of-policy SQL statements. Because the final target of external attacks is SQL, it's very effective to check SQL level. In addition, this product transparently monitors the traffic; changing the applications is not necessary.

How has it helped my organization?

AVDF not only has an audit function, but it also has a database firewall function that protects the database, which is an important company asset, from external attacks typified by SQL injection. It supports a wide range of databases (Oracle Database, IBM DB2, Microsoft SQL Server and so on).

By integrating two major functions (auditing and database firewall)
into a single product, it became easier to use and the scope is really wide.

What needs improvement?

I would like to see a link-state tracking feature that quickly notices network failures. The benefit would be quick detection of network disconnection in DPE (inline) mode. If there is a network disconnection inline configuration, AVDF notices the network failure, but it cannot pass a link-state to the other side of the network (NIC). The problem currently is that handling of network failure cannot be performed correctly (depending on the point of failure).

For how long have I used the solution?

I have used it for around two years.

What do I think about the stability of the solution?

I actually encountered stability issues in DPE mode, but it was with the first release.

What do I think about the scalability of the solution?

I have not encountered any scalability issues.

How is customer service and technical support?

Technical support is now 8/10. For the first release, it was 5. It took time because technical support was dispatched to overseas teams using translation. Now, a local team can support the technical issues.

Which solutions did we use previously?

We were using the audit product for memory reference types. We chose this product because of its integration with Oracle database and because it has the DB firewall function.

How was the initial setup?

Initial setup was not straightforward, because we should have considered the network environment when we decided the policy configuration. The complexity of AVDF depends on the system (network) environment. If the number of DBs to be protected is high, you should consider organizing the network environment.

What's my experience with pricing, setup cost, and licensing?

AVDF is very reasonable for Oracle products. The license cost is determined by the number of DB servers that will be protected. If you integrate the DB servers or use a multitenant environment, the number of licenses can also be aggregated.

Which other solutions did I evaluate?

Before choosing this product, I did not evaluate other options. Although there're some competitive third-party products for individual functions, as a comprehensive product, there are no other options.

What other advice do I have?

I recommend conducting a performance and availability test before implementing AVDF.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are an Oracle Platinum Partner.
Add a Comment
Sign Up with Email