What is most valuable?
Oracle Database Firewall, Database Vault and Data hiding tools present a layered security approach to protecting, controlling, auditing and hiding sensitive data and access to sensitive data.
The following key features make this product a valuable tool:
- Transparent database activity monitoring over the network - minimum changes to the database client and server configuration, and no additional load on the network or on the database servers being monitored. Hence, it doesn’t affect the performance.
- Capability to block unauthorized database activity (such as SQL injection attacks) using a specialized grammar analysis that allows accurate enforcement of activity whitelists and blacklists.
- Comprehensive database activity based on consolidated database logs, securely stored in a centralized, enterprise-scale repository ensuring ease of monitoring.
- Centralized data security auditing across the enterprise, achieved by consolidating OS, directory, and other logs into the same centralized repository.
- Fine-grained, correlated alerting based on analysis and policy enforcement of consolidated logs
- Out-of-the-box audit reporting across multiple sources (e.g., Oracle and non-Oracle databases, directory and OS) to satisfy common regulatory requirements such as PCI, DSS, SOX and other compliance regimes.
- Custom reports and powerful BI tools that allow organizations to go as deep as necessary for forensic analysis or e-discovery purposes.
- Easy-to-deploy software appliance based on hardened operating system and database that does not require database administrator (DBA) skills, allowing the solution to be owned and managed by IT security staff.
- Alert on suspicious and unauthorized activities in real time. Review user rights, identify dormant users and excessive privileges.
- Detect and monitor changes to stored procedures.
How has it helped my organization?
Oracle Audit Vault and Database Firewall expands protection beyond Oracle and third party databases with support for auditing the operating system, directories and custom sources. Our client needed a product which can provide a holistic approach to the whole enterprise in terms of security, monitoring and auditing security which is exactly what this product provided.
What needs improvement?
Although Oracle Audit Vault and Database Firewall serves as a critical detective and preventive control to protect against the abuse of legitimate access to databases responsible for almost all data breaches and cyber attacks, using Database Firewall to identify and capturing audit logs of real users, especially on applications using generic users to access the database, is an uphill task. More so, to correlate suspicious SQL to the originating end user.
Reduces the complexity of setting up the appliance, especially on large application systems with generic users using CLIENT_IDENTIFIER on the database to capture audit trails.
For how long have I used the solution?
I have managed to interact with this product for a period of two years, working as a consultant to implement for one of our clients in the banking industry.
What do I think about the stability of the solution?
There are not many issues with stability on the latest version of the product.
What do I think about the scalability of the solution?
Since the appliance runs on the enterprise Oracle database, scalability is not an issue unless limited by licensing.
How are customer service and technical support?
Oracle has one of the most robust Oracle support systems to its paid customers. They also provide a lot of documentation, including installation and administration guides.
Which solution did I use previously and why did I switch?
I have not used any other solutions.
How was the initial setup?
Setting up the appliance for the first time can be a little bit difficult. Knowledge of Oracle database setup and use is required.
What's my experience with pricing, setup cost, and licensing?
Oracle Database Security solutions provide you with the most comprehensive and advanced security offerings that help reduce the costs and complexity of securing their business information across the enterprise.
Which other solutions did I evaluate?
I was dealing with a client who already purchased the appliance and was looking for an implementation team to do the setup and maintenance in their environments.