What is most valuable?
The following features of the product provide additional benefits for the user:
- If it's from an Oracle family, we can get quick support from Oracle support.
- Reporting screens are more useful, we can get many summary reports very quickly.
- Compared to previous versions, agent operation logic has been changed. The agent is now managed only, not collector + agent. This makes it easy.
- It has the added advantage of having a database firewall feature that is not in previous versions or other equivalent products.
How has it helped my organization?
Before this product was used in the company, the tables with some critical presets were checked with the triggers on them. The old and new versions of the changing records were written to another table. These triggers caused the database system to incur extra CPU and IO spending. It was also difficult to maintain and manage. We were also unable to provide a wide variety of reports that the audit department wanted.
By using the product, we could log the audit records, generate various reports, send these reports to the relevant administrators by attaching these reports to the mail, without exposing the main database system too much. In this way, it has contributed to accelerate the business processes of the company by providing audit trail requests much faster.
What needs improvement?
We were using Audit Vault 10.3 before and could not migrate to the new version (AVDF 12.1 and 12.2) (because Oracle support said it was not possible) and we continued to get old Audit Vault databases when we needed old audit records, and we could not remove our dependency. Audit records can be migrated from the old system to the new system.
To be able to produce intelligent reports, the ability to analyze the reports must be given.
For how long have I used the solution?
I have been using this solution for one year.
What do I think about the stability of the solution?
In the previous version, when the aud$ and fga_log$ tables reached a certain size, the collectors sometimes shut down and it took too long to get reports from the AV console. So it was not working in a stable manner. I can say that the new versions are stable.
What do I think about the scalability of the solution?
In the Auditor role of about 5 people, this can be scaled for our company as there is no performance problem in getting the report at the same time, but there may be a performance problem depending on the increase in the number of users in the future. This is somewhat in direct proportion to the number of users.
How are customer service and technical support?
There are a few people who are experienced in Audit Vault with local technical support, and I hope this number will increase. In case of problems, we receive global support from Oracle support, but not as fast as the database issues are getting back on their return, so my rate is 3/5.
Which solution did I use previously and why did I switch?
We did a week of PoC work for each of the other equivalent products before purchasing this product. These products were IBM InfoSphere Guardium and Imperva SecureSphere. We have reviewed and compared the capabilities of each product and the reports it produces.
Some of the most basic reasons for choosing Oracle's AVDF product are:
- User friendly (easy to use because it is not complicated to use).
- As a company we also use many different Oracle products. So, if we are blocked by global technical support, we can escalate the situation with local Oracle.
- The price of the product is not higher than the others.
How was the initial setup?
We had problems installing the old version, and since it did not have a lot of resources, the setup took a few days, but there are a lot of radical changes in the new version. Audit Vault's own database and its own operating system come in a single .iso file. There is good documentation out there that describes the process step-by-step and you will not have much difficulty, even in the first installation.
What's my experience with pricing, setup cost, and licensing?
The important thing is to use the most suitable product for our company for many years (every 1-2 years to change the product to force the company). We must make good decisions about our needs, make PoC studies diligently and compare the advantages and disadvantages of the products. If we specify the ideal product for us, pricing and licensing should be important in the second place.
Which other solutions did I evaluate?
We first evaluated other options at the technical level and then at the senior management level. These were: IBM InfoSphere Guardium and Imperva SecureSphere.
What other advice do I have?
My recommendations are:
- Users in the Avadmin and Avauditor roles should be designated so that the maintenance of the product and the database and the daily checks are not neglected.
- Providing added value by generating custom reports for your company other than the default reporting features
- Some reports are sent automatically at certain hours by attaching as .csv, .html or .pdf in mails
- The only source we can log Audit records for is not Oracle, but also MySQL, MS SQL Server, Sybase, IBM DB2, and so on. We need to remember that we can also monitor the source systems.