We just raised a $30M Series A: Read our story

Oracle Audit Vault OverviewUNIXBusinessApplication

Oracle Audit Vault is the #3 ranked solution in our list of top Database Security tools. It is most often compared to IBM Guardium Data Protection: Oracle Audit Vault vs IBM Guardium Data Protection

What is Oracle Audit Vault?
Oracle Audit Vault monitors Oracle and non-Oracle database traffic to detect and block threats, as well as improves compliance reporting by consolidating audit data from databases, operating systems, directories, and other sources.

Oracle Audit Vault is also known as Audit Vault.

Buyer's Guide

Download the Database Security Buyer's Guide including reviews and more. Updated: September 2021

Oracle Audit Vault Customers
Abu Dhabi Department of Finance, Kingdom of Saudi Arabia Ministry of Health, Educational Testing Service, Ryohin Keikaku Co. Ltd., SPC Brasil, REDISA, Qatar Olympic Committee, Seneca College, Hunan Social Insurance Management and Service Bureau,
Oracle Audit Vault Video

Archived Oracle Audit Vault Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Osama Mustafa
Cloud Expert | DevOps | Oracle Consultant at confidential
Consultant
Top 20Leaderboard
One of its most valuable features is the entitlement auditing for Oracle Database and set audit policies and provision them from the Audit Vault Server console

What is our primary use case?

The main reason was to collect audit data, make it available in audit reports, and create custom reports that meet the customer's requirement and set audit policies and provision them from the Audit Vault Server console & For databases, it provides a database firewall that can monitor and/or block SQL statements on the network based on a firewall policy designed by an auditor.

How has it helped my organization?

  • Audit data collection from diverse sources.
  • Integrations with third-party products.
  • ecurity event reporting (malicious activity and hacking attempts).
  • Monitoring everything from one place.
  • SQL workload monitoring

This will improve your infrastructure and make it secure for sure.

What is most valuable?

Different features I have been using in this product:

  • Audit policies for Oracle Database
  • Reports and report schedules
  • Entitlement auditing for Oracle Database
  • Stored procedure auditing
  • Alerts and email notifications

All the above features will allow you to manage and monitor the infrastructure, databases very easily and create custom reports depending on what you want.

What needs improvement?

Different things should be improved: 

  • The migration from an old version to a newer version is not that easy
  •  Database grouping also should be improved, and
  • The reporting.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

So far regarding to my experience with it it's stable but the problem when with the support when are facing a  bug or something you have to keep following all the time. 

What do I think about the scalability of the solution?

It's nice product when it's comes to scalability, 

How are customer service and technical support?

slow and they are asking for a lot of logs, you have to be patient since they will ask you to upload the logs every time the shift will change.

Which solution did I use previously and why did I switch?

No.

How was the initial setup?

to be honest the installation & configuration it's needs a lot of work and reading, the more server you have to audit the more complex and extra work you will have. 

What about the implementation team?

I am working as freelance and having extensive experience with Oracle products so i have been contacted due to this, i implement this solution approximately five or six time.

What was our ROI?

if you are looking for software for auditing, audit Vault Collection Agent provides run-time support for audit data collection by Audit Vault collectors.

What's my experience with pricing, setup cost, and licensing?

  • Setup consumes too much resource and storage. 
  • Also if you need to install Database Firewall, you need another server. 
  • Pricing is expensive.

Which other solutions did I evaluate?

  • Audit Vault Console which consists the following : -
  • Collector management and monitoring
  • Report management
  • Alert management

Disclosure: I am a real user, and this review is based on my own experience and opinions.
MosesMoloi
Director (Core Technology Services) and Partner at Nexim Solutions
Real User
Easy to deploy and use with flexible reporting and automation capabilities

Pros and Cons

  • "It has provided us with a unique opportunity to automate risk discovery."
  • "We would like to see the ability to administer and manage the solution through Enterprise Manager 13c, and development of the dashboards that are generally missing."

What is our primary use case?

We use this solution for regulatory compliance and reporting for the enterprise. This augments regular compliance and risk management solutions.

The organizations and clientele we work with include public sector and private sector businesses in the Financial Services industry, where they host data from global partners. The EU citizens and businesses now demand that GDPR be in place in order to host their data.

How has it helped my organization?

It has provided us with a unique opportunity to automate risk discovery.

The system provides both an audit system and a security solution through the database firewall that protects the data and databases being accessed.

The system uses BU internal risk management and audit teams for ease of IT and systems audits.

What is most valuable?

The most valuable features of this solution are:

  • Autonomous data collection.
  • Ease of deployment to work and integrate with heterogeneous platforms.
  • Reporting infrastructure is awesome and very flexible.
  • The interfaces are intuitive and easy to use and navigate through.
  • The solution has a well designed RBAC for the support of the business and it is secure.

What needs improvement?

We would like to see the ability to administer and manage the solution through Enterprise Manager 13c, and development of the dashboards that are generally missing.

The system needs to be easy to manage, especially in terms of space management.

There is little to no technical references and use cases pointing to the resolution of technical challenges during implementation. Better documentation would be helpful.

For how long have I used the solution?

Five years.

What do I think about the stability of the solution?

The product is stable but extremely sensitive.

What do I think about the scalability of the solution?

It is rather difficult to scale, but it works perfectly.

How are customer service and technical support?

The technical support at Oracle is weak, but the documentation provided is detailed and good.

Unfortunately, there is little information available on Oracle MOS.

Which solution did I use previously and why did I switch?

We have always used the product alongside Imperva.

How was the initial setup?

This initial setup of this solution is straightforward.

What about the implementation team?

Our solution was delivered through an Oracle partner, Nexim Solutions.

What was our ROI?

Our ROI was almost immediate.

What's my experience with pricing, setup cost, and licensing?

It is affordable but technical skills are required to architect and set up the system.

Which other solutions did I evaluate?

We evaluated Imperva and Tivoli before choosing this solution.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are an Oracle Gold Partner
Find out what your peers are saying about Oracle, IBM, Imperva and others in Database Security. Updated: September 2021.
542,608 professionals have used our research since 2012.
CA
Senior Database Administrator at ITGStore
Real User
Enables our clients to see all of their past actions or the wrong activity done on the network

Pros and Cons

  • "Our clients can see all of their past actions or the wrong activity done on the network. We can load the diagnostics for the business."
  • "Some of our customers were asking about latency when the application wants to get to the database."

What is our primary use case?

We use Oracle Audit Vault to have a view of what is present on our network behind the firewall system. We use it to block threats and audit data for clients.

How has it helped my organization?

After we activate Oracle Audit Vault, our clients can see all of their past actions or the wrong activity done on the network. We can load most of the diagnostics for the business.

What is most valuable?

We have a situation for a bank as a client. We were able to deploy Oracle Audit Vault for them. The end-user is a key part of the system in the information department. 

For maintenance, only one person is required and he's an admin. Oracle Audit Vault was used extensively and our clients are quite comfortable with it.

We believe the product will be used for a long time.

What needs improvement?

One feature that was missing when we tried to update was the network activity analyzer. We found a request going through the database file before reaching the database. 

We don't have a database file in the middle. If it's possible to have that database file to analyze what's going on inside the network, it would be better.

Some of our customers were asking about the latency. When the application wants to get to the database, the database file is going to give some latency in operations.

The additional features we need are to be able to have the database firewall to scan the network to get the information from the database. 

I also want the database firewall to be able to block services with more granularity.

For how long have I used the solution?

We have been using the solution around one year.

How are customer service and technical support?

We have used Oracle technical support maybe twice. The support is nice. It was fast to install. The customer support is good.

Which solution did I use previously and why did I switch?

We didn't have a previous solution. We had a company come in with IBM to produce a proprietary solution. We also did a demo. 

How was the initial setup?

The initial set up was straightforward. It wasn't challenging. The implementation strategy for new customers doesn't take long. 

Our strategy is to increase the value of the software.

What about the implementation team?

We used a reseller.

What's my experience with pricing, setup cost, and licensing?

For the bank, the license was $48,000 last time. That was the licensing for the bank on just one license.

Which other solutions did I evaluate?

We had to do a demo to show management how the solution functions. That was useful for them to decide to go with Oracle Audit Vault over IBM.

What other advice do I have?

Anyone can go to with Oracle Audit Vault, but be sure you know what is going on to be comfortable with it.

On a scale from one to ten, I would rate this product at 8.5. Some of the database functionality is not too good.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
AM
Information Technology and Services Professional at Independent
Real User
A powerful, full-featured network data security solution

Pros and Cons

  • "A powerful, flexible solution for database traffic monitoring."
  • "The product monitors only the database and not the operating systems."

What is our primary use case?

Our primary use case is to filter the database traffic internally and to know who is doing what in the database and why they are doing it at any point in time.

How has it helped my organization?

Generally, security is enhanced and monitoring traffic and data became possible using this solution rather than others. You can audit and configure notifications so that you get notified when somebody accesses particular objects within the database. It's one of the key features. 

What is most valuable?

The ability to isolate the view and who has the rights to view the audit logs is valuable to us. Senior executives can check the system, the IT team, the IT individuals, and the administrators. 

Another interesting feature is the ability to view the traffic by the IT, as well as individual machines. This can help scale down trailing traffic on the network. It makes it possible to look into a traffic jam from a particular machine by MAC and IP address.

Also, address administrators cannot go in and delete audit trails which would otherwise allow users to circumvent the audit trail. In the implementation of the Oracle Audit Vault, we can monitor not only Oracle Databases, but also monitoring, server databases that within the environment. It isn't only specific Oracle Database.

What needs improvement?

This kind of solution should supply more analytical data for the traffic that comes in. I think that that side is not as strong as some other products. However, it is stronger in other areas and superior in some ways for security. The Oracle product monitors the database and not the operating system as well which is an area that can use improvement.

What do I think about the stability of the solution?

The solution itself is stable, but if there is a skills gap within the department and none of the IT guys understand that in Oracle Audit Vault and Database Firewall solution things can go wrong. If customers don't train the in-house employees properly as to how the solution is deployed limited skills can result in stability issues.

After the deployment, I recommend designating two or three people to get training. I do provide a bit of information into a general report to help clients but it may not always be enough. There is also the possibility of falling back into bad habits after a while when making changes in the system.

What do I think about the scalability of the solution?

The product is highly scalable. You can grow it by adding on multiple nodes and those nodes would definitely be able to be monitored in a server upon which you deploy an application. So there is really not any limitation on scalability. You can just add on or reduce other services within the environment. The fewer servers, the more efficient the logging. More servers may create problems for users coming through.

The Audit Vault server is isolated from the production server environment configuration, so ideally there's not any interference in terms of scalability. You could grow on demand. 

How are customer service and technical support?

My technical expertise allows me to handle many technical trainings, in Blackberry and other solutions for Oracle, for Oracle customers in Nigeria, in Ghana, in Zambia, in Tanzania, and in Kenya. I handle many Oracle customers. They purchase through a local Technology Associate which is an Oracle partner here. Oracle has contacted me in the past to handle issues because I am able to deploy that solution. 

Which solution did I use previously and why did I switch?

As a consultant, I install different products based on client need. I have experience also with Imperva SecureSphere Database Security and IBM Guardian which are products I still recommend and deploy.

How was the initial setup?

This product is not very easy to set up. You set up separate machines and it's isolated from the production environment and the other system which you're auditing. After that, you just point the IP addresses on which production cybers are running. Then it starts monitoring them. 

Sometimes there have to be additional changes within the database, within the production server, and some other basic configurations. For example, in 12C you have unified audit trail, and in other versions of Oracle like 9-9, 10G, 11G, you don't have the unified auditing. Unified auditing in 12C is a bit complex so you have to configure it to log the traffic activities. Another example is doing what we call a 'petition auditing' whereby you use triggers to audit.

If a client wants to capture all database traffic to all the servers for both successful logins and unsuccessful logins and store a complete audit trail data and that cannot be tampered with by the administrators, this takes additional setup. Assigning user privileges can take some time to do correctly so users cannot misuse their privileges.

Generation of distributional reports, tracking the sign off of those reports, encryption of tentative data in the database all need to be configured since Oracle has other features such as Transparent Database Encryption, TDE. 

Because of my experience with the solution, I am able to deploy within three to five days. But the whole system needs to be considered. Machines must have enough processing power and the storage for the audit trail data because that data can grow rapidly if not monitored well. Storage can become a challenge. 

With deep knowledge and understanding of these technologies, I can seamlessly and quickly deploy the solution. It will be far more difficult for users who are not already familiar with the solution.

What was our ROI?

I've seen a return on investment for many customers though it is hard to tell exactly. For me, having clients with successful, useful deployments means my business continues to be successful. For clients the superior security, power, customizability and reasonable ease of use return in time savings and secure data.

What's my experience with pricing, setup cost, and licensing?

On licensing, Oracle is very expensive. Oracle handles the licensing. I just do the deployment. Especially now that they are moving towards the cloud, cloud licensing becomes very expensive. Maybe sales guys do not always advise customers better as to the advantages, but customers generally have a fear of the costs of licensing for Oracle specifically.

In terms of cost, in addition to the standard licensing fees, there are add-ons. It costs in resources and software as well as deployment to create and manage a complete set of Cloud services, including infrastructure as a service, creditors service, customer service, etc. 

I've recommended that for monitoring purposes and management capability and even for non-Oracle databases approach to go for Enterprise Manager Cloud Control. Just deployment of this firewall without Cloud Control will not get most users optimal value. 

Technology keeps evolving all the time. I think one needs to really do a lot of research and innovation to get to know what's new in different products before they can acquire any product at all. It's very important. For me, before I advise the customer on the product or upgrade, I do comprehensive research.

Which other solutions did I evaluate?

Again, as a consultant, our job is to provide the best solution for a particular client's needs. We are constantly evaluating products to keep flexible and make the base deployments. For example, if the client basically uses everything purely Oracle it usually makes sense to go with Oracle Audit Vault.

What other advice do I have?

I would rate Oracle Audit Vault an eight out of ten. The features are there, but the users don't know how to take full advantage of them. I would strongly recommend that, when evaluating products, they need to understand the key features to leverage them. 

But again, at the end of the day, it's the mandate of the sales guy to get the customers to understand the product as they go to buy. If a sales guy is not selling well then there's a challenge. I'll pick out the key important features that will provide the most value. 

I always try to educate clients and tell them to spread out and do a proper proof of concept. If another product is better for resolving specific issues, it is the one they should deploy.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
AC
Solution Architect at a tech services company with 201-500 employees
Real User
Separation of duty helps us to properly delineate between security and administration

Pros and Cons

  • "The solution is very stable and reliable."
  • "One feature that is missing is the ability to have a secret server that is always encrypted."

What is our primary use case?

We use this solution to provide for separation of duties based on database encryption.

What is most valuable?

We use the separation of duty feature because part of the database is encrypted, and the database administrators, such as myself, should have no access to this area. It belongs to the security team.

What needs improvement?

Right now, the ownership of the database is automatically given to the database administrator. I would like to have a software solution, separate from the Oracle product itself, to assign ownership of the database to a specific team, being our security team, rather than the default owner.

One feature that is missing is the ability to have a secret server that is always encrypted. I would like to see this in the next release of this solution.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

The solution is very stable and reliable.

What do I think about the scalability of the solution?

I would say that the scalability of this solution is medium.

The users include the database team, which has fifteen people, and in some areas of the business, there are in excess of fifty.

We are not currently planning to expand the use of this product.

How are customer service and technical support?

Technical support for this solution is very good. It is strong.

How was the initial setup?

I would say that the initial setup was of medium difficulty.

What about the implementation team?

We used an Oracle consultant to assist us with the implementation.

What other advice do I have?

I use this solution once or twice per month.

I would rate this solution an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Manish Khanijo
Lead Network and Security at Qatar Credit Bureau
Real User
Integration with our SIM facilitates auditing by providing us with a complete picture

Pros and Cons

  • "This solution acts as a complete data warehouse for our audit data."
  • "Customized reporting is something that we are struggling with, and it is quite tough for us."

What is our primary use case?

We have a few applications that use the Oracle Audit Vault as a broker service to log into the application. It uses the credentials provided by this solution. We are not using the firewall component.

How has it helped my organization?

This solution acts as a complete data warehouse for our audit data. Anytime we need to search for details about what happened, from a proactive monitoring perspective, or react to see what access permissions were granted or denied, we can look at this.

We have an alert mechanism implemented, and we also use some of the built-in reports. The reports are typically used by management, and we have a risk management dashboard. Management looks at the reports, and the indicators in them, to determine what level the security has been at over the past month. They can tell whether it has improved or gone down.

What is most valuable?

The most valuable feature is that Oracle Access Vault is integrated with our SIM (Security Information Management tool), which gives us a complete picture of what access is being provisioned in our organization. We do not use the interface provided by Oracle Audit Vault, except to export the data into our SIM.

What needs improvement?

The reporting is an area of the solution that needs to be improved.

Customized reporting is something that we are struggling with, and it is quite tough for us. Every time we need to prepare a custom report, we have to involve the vendor. This is unlike other solutions where the reports are easy to customize.

Another problem with reporting emerges on the topic of compliance and certain international standards. The standard set of reports do not provide sufficient details for the PCS and ISO standards.

It is important to have better integration with most of the tools to manage unstructured data or SIM solutions. If we change vendors for our SIM then we want to have the best possible support.

For how long have I used the solution?

More than four years.

What do I think about the stability of the solution?

This product is quite stable and robust. We have not faced any issues with respect to stability in the past few years.

What do I think about the scalability of the solution?

We do not have heavy requirements in terms of scalability on our end, so I am unsure.

We currently have between ten and twelve users. These people are middle management, our database administrator, and I am the Data Center Lead.

This solution is extensively used on a daily basis, as it is one of the pillars of our overall monitoring solution. We have no plans to increase usage at this time.

How are customer service and technical support?

Since our first contact with Mannai, they have been able to resolve most of our issues. Only in cases of problems that they cannot fix will they raise an SR with Oracle. Generally, they are quite capable.

Which solution did I use previously and why did I switch?

We did not use a specific solution prior to this one.

We do not use the database firewall component that is included with this solution. For our database activity monitoring, we rely on IBM Guardium.

How was the initial setup?

The installation itself is quite straightforward, but the configuration does not happen at the same time. We have fine-tuned our configuration over the past year or two, which has reduced the high number of false positives. We now only receive clear, actionable alerts. Most of these kinds of tools require a lot of fine-tuning to be done, based on your environment. It all depends on how fast you can do it, based on your database requirements.

It took approximately three months to deploy this solution and bring it into production.

What about the implementation team?

We used a reseller for assistance with the implementation of this solution. They are the Mannai Corporation, here in Doha, and they are quite good.

The majority of the deployment was handled by them, and we only had two people involved. These people were our DBA and backup DBA, and they are now users of the solution.

For the maintenance of this solution, if we have an issue then we simply call Mannai and they will come and fix it.

What was our ROI?

When it comes to security solutions it is very difficult to calculate ROI. There is no clear cut ROI for which you can put a number in terms of operational effectiveness or security-related components.

What's my experience with pricing, setup cost, and licensing?

This solution is definitely not expensive, and it is a small fraction of the overall database licensing costs. It is a simple add-on license, but it is not perpetual so we have to pay licensing fees every year.

Which other solutions did I evaluate?

We evaluated a lot of solutions before choosing this one, and some of them were used for a very long time. One of these was Imperva. The determining factor was the cost. Since we are already an Oracle customer, we received a large discount on the product.

Other than pricing, most of the solutions in the same space provide a similar type of output. The benefit of going with Oracle is, if you are using an Oracle database then the integration is quite strong internally.

What other advice do I have?

If you are with Oracle completely and you do not have a mix of databases then this is a great solution. However, if you have a solution that includes a mix of databases then it has a lot of limitations.

The advantage of going with Oracle Audit Vault comes from its integration with data encryption, masking, and all of the Oracle security technologies.

Overall, this solution delivers what it is intended to do and we are quite happy with the product. There are, however, improvements required in terms of reporting.

I would rate this solution an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
MosesMoloi
Director (Core Technology Services) and Partner at Nexim Solutions
Real User
Offers inbuilt reports for GDPR and PCI compliance

Pros and Cons

  • "Our client was scheduled to take a year and a half to set up compliance, but by deploying this product they were able to do the compliance reports within three months."
  • "This solution doesn't audit the network."

What is our primary use case?

We use this solution primarily for GDPR and PCI compliance for the bank.

How has it helped my organization?

We were implementing this solution for our client, who was required to do PCI compliance. Their project was initially scheduled to run over a year and a half, but by just deploying this product they were able to do the compliance reports within three months, so the time to roll out was quite significant. The time was very short, which meant the turnaround time for compliance was much shorter and the value was realized, so that is one positive aspect that we experienced with our clients.

What is most valuable?

The most valuable feature is the ability to create inbuilt reports for compliance, which have dealt with the rules made it easier. This means that we don't have to develop them from scratch, which makes life so much easier.

What needs improvement?

One of the biggest challenges that we are facing is the inability to use more than one account for the platform, so the whole organization cannot make their own compliance audits at their own pace. I think that's one feature that really is giving us a bit of a problem. That is one of our biggest challenges.

The fact that it doesn't audit the network is also quite a downfall for the product. Maybe it should be improved to allow one to log on to network devices and do audits to check compliance at that level.

Finally, the ability to integrate with well-known applications like SAP, Microsoft, and common ERP would be helpful. If it included templates that are used for audits that can be used in those platforms and checking compliance, that would be really helpful, because half the time there isn't enough documentation to help someone check the compliances of specific applications. The second bit is the ability to audit middleware, like application servers and spatial and detection platforms. That is quite lacking in this product.

For how long have I used the solution?

We've been using this solution since 2011.

What do I think about the stability of the solution?

It's not a stable product, especially around log management and log generation. There are lots of logs and the administration or management is not as easy as one would expect. So you need a lot of DBA and unique skills in order to handle the virtual appliances. For us it was in our domain, but I don't think for any other organization it would be easy to readminister, especially when cable spaces are full and there are other challenges.

What do I think about the scalability of the solution?

It's very scalable. It can do real application, remote sites, and DR, so it's quite scalable. I think it's very easy to scale from that test; I think they've done well.

We've got at least 60 users, including IT demonstrators, auditors, and the risk department, so it's widely used.

It's currently used extensively at the bank because they have to measure their compliance in real time and they cannot do that without this solution. There were plans to integrate the solution with the ERT to start looking at certain components within ERT, as well as opportunities for them to expand it to be used on their distributions. I'm not too sure how far they have gone because we just deployed and left. We've not been back to these clients for this product so far.

How are customer service and technical support?

Oracle does not have very good documentation on this. I think Oracle abandoned the product, especially on the support side. It's not really one of the most friendly platforms where you can actually find help, but we've hung in there. We hope there will be a lot more opportunities for them to improve the support, half the people you talk to don't really know how to support the product. It's just frustrating, honestly.

The documentation is there, if very basic, but it doesn't help you address some of the more technical challenges.

Which solution did I use previously and why did I switch?

I had not used any other solution before Oracle. We deployed this particular solution because we are required to do PCI compliance. I don't think they could have used any other solution for this, without resorting to using lots of Excel sheets, reports, etc.

How was the initial setup?

It was very straightforward to set up, not too complex.

What about the implementation team?

Deployment took a month, and then the next month we set up the reports. However, the technical deployment took us only two weeks to do, including both the products and the development of the appliances. Our strategy was to deploy as is, using the standard report and customize the report as we go, instead of trying to come up with custom reports before deployment. That made it much easier, while still being adequate to satisfy the compliance department.

We are an integrator and our name is Making Solutions. So we are the ones who did the job. I only have three guys running the platform, so its quite easy to manage. From the client's staff, there are only two guys managing the platform.

What was our ROI?

They have had a good ROI because they were literally being audited and given lots of fines. All those things have disappeared within eight months. They were able to comply, submit reports on time, and actively correct whatever mistakes were picked up by the product. We use Oracle Enterprise Manager, which looks at other components to really add all the valuable information.

What's my experience with pricing, setup cost, and licensing?

For the bank, the licensing cost is about $360,000, annually.

For the value and cost of being compliant, the price is worth paying, because then you don't get auditors coming in left, right and center. Our clients spend a lot of money, but they also get their compliance guaranteed, so I think it's overall saving them money.

There are no additional fees to pay.

Which other solutions did I evaluate?

Our client did check another provider. I forgot the name of that product, but it was a big competitor of Oracle's solution.

What other advice do I have?

Those who want to implement it better have a proper detection in place, especially regarding documents. That's one thing that really drove us nuts because without having reference documentation of the platforms that they were targeting, it became a nightmare.

I would rate this solution as eight out of ten, because of the previous reasons that I gave around some of the features that are important for my clients. If it was not for that I would have given it a ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
AJ
Network Engineer with 11-50 employees
User
It has reduced the stress of collecting database event logs in silos from each database

What is our primary use case?

It is used as a central audit repository and reporting for all my databases, which has reduced the stress of collecting database event logs in silos from each database.

How has it helped my organization?

Out-of-the-box policies ensure our compliance with standards like SOX, ISO 27001, and so on.

What is most valuable?

The critical event alerts and reporting features have greatly reduced loss of man hours that would have been spent on going through the whole audit event logs.

What needs improvement?

An easy, friendly user interface would be nice to have, since this would enable administrators to identify important events with a prompt response.

For how long have I used the solution?

Three to five years.

What is our primary use case?

It is used as a central audit repository and reporting for all my databases, which has reduced the stress of collecting database event logs in silos from each database.

How has it helped my organization?

Out-of-the-box policies ensure our compliance with standards like SOX, ISO 27001, and so on.

What is most valuable?

The critical event alerts and reporting features have greatly reduced loss of man hours that would have been spent on going through the whole audit event logs.

What needs improvement?

An easy, friendly user interface would be nice to have, since this would enable administrators to identify important events with a prompt response.

For how long have I used the solution?

Three to five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user489099
DB Admin with 5,001-10,000 employees
Vendor
It monitors SQL traffic, looking for unauthorized or out-of-policy SQL statements.

What is most valuable?

AVDF can monitor SQL traffic to look for alerts on and prevent unauthorized or out-of-policy SQL statements. Because the final target of external attacks is SQL, it's very effective to check SQL level. In addition, this product transparently monitors the traffic; changing the applications is not necessary.

How has it helped my organization?

AVDF not only has an audit function, but it also has a database firewall function that protects the database, which is an important company asset, from external attacks typified by SQL injection. It supports a wide range of databases (Oracle Database, IBM DB2, Microsoft SQL Server and so on).

By integrating two major functions (auditing and database firewall)
into a single product, it became easier to use and the scope is really wide.

What needs improvement?

I would like to see a link-state tracking feature that quickly notices network failures. The benefit would be quick detection of network disconnection in DPE (inline) mode. If there is a network disconnection inline configuration, AVDF notices the network failure, but it cannot pass a link-state to the other side of the network (NIC). The problem currently is that handling of network failure cannot be performed correctly (depending on the point of failure).

For how long have I used the solution?

I have used it for around two years.

What do I think about the stability of the solution?

I actually encountered stability issues in DPE mode, but it was with the first release.

What do I think about the scalability of the solution?

I have not encountered any scalability issues.

How are customer service and technical support?

Technical support is now 8/10. For the first release, it was 5. It took time because technical support was dispatched to overseas teams using translation. Now, a local team can support the technical issues.

Which solution did I use previously and why did I switch?

We were using the audit product for memory reference types. We chose this product because of its integration with Oracle database and because it has the DB firewall function.

How was the initial setup?

Initial setup was not straightforward, because we should have considered the network environment when we decided the policy configuration. The complexity of AVDF depends on the system (network) environment. If the number of DBs to be protected is high, you should consider organizing the network environment.

What's my experience with pricing, setup cost, and licensing?

AVDF is very reasonable for Oracle products. The license cost is determined by the number of DB servers that will be protected. If you integrate the DB servers or use a multitenant environment, the number of licenses can also be aggregated.

Which other solutions did I evaluate?

Before choosing this product, I did not evaluate other options. Although there're some competitive third-party products for individual functions, as a comprehensive product, there are no other options.

What other advice do I have?

I recommend conducting a performance and availability test before implementing AVDF.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are an Oracle Platinum Partner.
it_user624783
Manager-Oracle Specialist at a tech vendor with 10,001+ employees
MSP
It provides reports that are directly related to the compliance issues.

What is most valuable?

Audit reporting and its user-friendliness that is required by auditors are valuable features.

How has it helped my organization?

It provides reports that are directly related to the compliance issues, i.e., for example SOX Compliance.

What needs improvement?

Policy defining should be more user-friendly. It still should be implemented and handed over to the end users. This policy defining cannot be done by an end user. It should be implemented initially, by a person who knows the Audit Vault along with the implementing business organization and their audit requirements. There should be a system analysis carried out and then this should be implemented. If the Oracle Audit Vault can give the administration interface to the end user itself, then he/she could generate the reports that they need, just by creating the customized report formats.

For how long have I used the solution?

I have used this solution for three years.

What do I think about the stability of the solution?

Some of the earlier versions have not matured enough.

What do I think about the scalability of the solution?

There were no scalability issues.

How are customer service and technical support?

The technical support is good. I would give them a 7 out of 10 rating because there is no as such major implementation help given by the Oracle Support. There are a few people to support the same.

Which solution did I use previously and why did I switch?

It is easy to work with the Oracle ERP and Oracle Database.

How was the initial setup?

It is a little bit complex. The installation, implementation and policy defining should be done by experienced technical staff.

What's my experience with pricing, setup cost, and licensing?

You can use this as a good audit reporting tool and it is worth to use it as a high compliance risk tool.

What other advice do I have?

The installation and configurations should be done by experienced technical people, so as to achieve project success.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are Oracle Partners.
it_user621024
Consultant Analyst DBA at a tech services company with 51-200 employees
Consultant
Provides protection, audit, and security of the database.

What is most valuable?

Protection, audit, and security of the database are valuable features.

How has it helped my organization?

It provides us with access protection. It gives audit access to the data that the user doesn't have permission to access.

What needs improvement?

All departments of this product need to be improved.

The goal of the project was to audit the operation of the departments. However, the other departments, such as sales and finance, were audited during the project too.

We began to audit the database transactions of the operations department software. We saw that it was good. We then implemented the audit in the software for the other departments as well.

For how long have I used the solution?

I have used this solution for a year, as a project for the customer.

What do I think about the stability of the solution?

I had problems with the old versions this product. Today, it's more stable.

What do I think about the scalability of the solution?

There were no scalability issues.

How is customer service and technical support?

I would give the technical support a rating of 9/10.

How was the initial setup?

The setup was complex because you have to understand which data needs protection.

Which other solutions did I evaluate?

We looked at other solutions, such as firewall protection tools and audit triggers in the database.

What other advice do I have?

Learn how to install it and know how to protect your data.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user616053
Database Management Manager at a financial services firm
Vendor
Reporting screens are more useful, we can get many summary reports. There may be performance problems if the number of users increases.

What is most valuable?

The following features of the product provide additional benefits for the user:

  • If it's from an Oracle family, we can get quick support from Oracle support.
  • Reporting screens are more useful, we can get many summary reports very quickly.
  • Compared to previous versions, agent operation logic has been changed. The agent is now managed only, not collector + agent. This makes it easy.
  • It has the added advantage of having a database firewall feature that is not in previous versions or other equivalent products.

How has it helped my organization?

Before this product was used in the company, the tables with some critical presets were checked with the triggers on them. The old and new versions of the changing records were written to another table. These triggers caused the database system to incur extra CPU and IO spending. It was also difficult to maintain and manage. We were also unable to provide a wide variety of reports that the audit department wanted.

By using the product, we could log the audit records, generate various reports, send these reports to the relevant administrators by attaching these reports to the mail, without exposing the main database system too much. In this way, it has contributed to accelerate the business processes of the company by providing audit trail requests much faster.

What needs improvement?

We were using Audit Vault 10.3 before and could not migrate to the new version (AVDF 12.1 and 12.2) (because Oracle support said it was not possible) and we continued to get old Audit Vault databases when we needed old audit records, and we could not remove our dependency. Audit records can be migrated from the old system to the new system.

To be able to produce intelligent reports, the ability to analyze the reports must be given.

For how long have I used the solution?

I have been using this solution for one year.

What do I think about the stability of the solution?

In the previous version, when the aud$ and fga_log$ tables reached a certain size, the collectors sometimes shut down and it took too long to get reports from the AV console. So it was not working in a stable manner. I can say that the new versions are stable.

What do I think about the scalability of the solution?

In the Auditor role of about 5 people, this can be scaled for our company as there is no performance problem in getting the report at the same time, but there may be a performance problem depending on the increase in the number of users in the future. This is somewhat in direct proportion to the number of users.

How are customer service and technical support?

There are a few people who are experienced in Audit Vault with local technical support, and I hope this number will increase. In case of problems, we receive global support from Oracle support, but not as fast as the database issues are getting back on their return, so my rate is 3/5.

Which solution did I use previously and why did I switch?

We did a week of PoC work for each of the other equivalent products before purchasing this product. These products were IBM InfoSphere Guardium and Imperva SecureSphere. We have reviewed and compared the capabilities of each product and the reports it produces.

Some of the most basic reasons for choosing Oracle's AVDF product are:

  • User friendly (easy to use because it is not complicated to use).
  • As a company we also use many different Oracle products. So, if we are blocked by global technical support, we can escalate the situation with local Oracle.
  • The price of the product is not higher than the others.

How was the initial setup?

We had problems installing the old version, and since it did not have a lot of resources, the setup took a few days, but there are a lot of radical changes in the new version. Audit Vault's own database and its own operating system come in a single .iso file. There is good documentation out there that describes the process step-by-step and you will not have much difficulty, even in the first installation.

What's my experience with pricing, setup cost, and licensing?

The important thing is to use the most suitable product for our company for many years (every 1-2 years to change the product to force the company). We must make good decisions about our needs, make PoC studies diligently and compare the advantages and disadvantages of the products. If we specify the ideal product for us, pricing and licensing should be important in the second place.

Which other solutions did I evaluate?

We first evaluated other options at the technical level and then at the senior management level. These were: IBM InfoSphere Guardium and Imperva SecureSphere.

What other advice do I have?

My recommendations are:

  • Users in the Avadmin and Avauditor roles should be designated so that the maintenance of the product and the database and the daily checks are not neglected.
  • Providing added value by generating custom reports for your company other than the default reporting features
  • Some reports are sent automatically at certain hours by attaching as .csv, .html or .pdf in mails
  • The only source we can log Audit records for is not Oracle, but also MySQL, MS SQL Server, Sybase, IBM DB2, and so on. We need to remember that we can also monitor the source systems.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user613578
Oracle Database Consultant, SME Database at a non-tech company with 501-1,000 employees
Vendor
Offers audit setting and configuration control. Sometimes, a few of the installation steps create confusion.

What is most valuable?

  • Audit log collection from a heterogeneous RDBMS environment
  • Offers warehouse-based control over the log DB in a secured and encrypted way

Additionally, it offers a RAC option along with DB vault configuration.

How has it helped my organization?

I am in the training field and I can express my views based on that experience only. This is a configuration-based product that offers you full control of the audit settings and the configurations. It helps in generating all the required reports as per the compliance. It even helps in customizing the reports as per your choice.

There are multiple banks that are either using it or they are going to implement this tool in the Asian and African countries. They are attaching it to their core banking system. The latest version for Audit Vault is 12c and some of the valuable features are:

  • Audit logs are now out of reach: Superusers (SYS), DBAs and OS Admins can’t remove them.

  • Logs are completely safe in the warehouse: Encrypted and protected by the DB vault.

  • Faster access to logs: Partitioning is available.
  • Alert configuration (email-based, desktop)

  • High availability of the log server: Limited use of the RAC option.

  • Compliance-based reporting with attestation option. Customization is also possible.

  • Works transparently with the application. No coding required.

What needs improvement?

There were some bugs in beginning. Oracle has given us some patches for that. Now, we also have the Audit Vault and Database Firewall Product version 12c in the market with more features.

For how long have I used the solution?

I have been using this tool for seven years.

What do I think about the stability of the solution?

We did encounter some stability issues. There are lots of bugs in the starting version but most of them are patched; the latest versions are much stable.

What do I think about the scalability of the solution?

I haven’t tried the scalability option.

How are customer service and technical support?

The support is good. I would give it a rating of 9/10.

Which solution did I use previously and why did I switch?

We were not using any other solution.

How was the initial setup?

Initial setup was complicated. Earlier, when I started working on the product, at that time, there were a lot of bugs in it and even the support and documentation was also not available. Now, things are better but still sometimes a few of the installation steps create confusion.

What's my experience with pricing, setup cost, and licensing?

It’s a value-for-money product. It offers multiple features of the Oracle RDBMS indirectly to you for the Audit Vault repository database.

Which other solutions did I evaluate?

We did not evaluate other options.

What other advice do I have?

I would recommend to compare this product with its competitors. Also, analyze your company requirements, and finally, take the decision based on the need and support you are getting from the vendor.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Ngeno Gabriel
IT Consultant at a tech services company with 10,001+ employees
Real User
Transparent database activity monitoring adds no additional load on the network. The provide a lot of documentation.

What is most valuable?

Oracle Database Firewall, Database Vault and Data hiding tools present a layered security approach to protecting, controlling, auditing and hiding sensitive data and access to sensitive data.

The following key features make this product a valuable tool:

  • Transparent database activity monitoring over the network - minimum changes to the database client and server configuration, and no additional load on the network or on the database servers being monitored. Hence, it doesn’t affect the performance.
  • Capability to block unauthorized database activity (such as SQL injection attacks) using a specialized grammar analysis that allows accurate enforcement of activity whitelists and blacklists.
  • Comprehensive database activity based on consolidated database logs, securely stored in a centralized, enterprise-scale repository ensuring ease of monitoring.
  • Centralized data security auditing across the enterprise, achieved by consolidating OS, directory, and other logs into the same centralized repository.
  • Fine-grained, correlated alerting based on analysis and policy enforcement of consolidated logs
  • Out-of-the-box audit reporting across multiple sources (e.g., Oracle and non-Oracle databases, directory and OS) to satisfy common regulatory requirements such as PCI, DSS, SOX and other compliance regimes.
  • Custom reports and powerful BI tools that allow organizations to go as deep as necessary for forensic analysis or e-discovery purposes.
  • Easy-to-deploy software appliance based on hardened operating system and database that does not require database administrator (DBA) skills, allowing the solution to be owned and managed by IT security staff.
  • Alert on suspicious and unauthorized activities in real time. Review user rights, identify dormant users and excessive privileges.
  • Detect and monitor changes to stored procedures.

How has it helped my organization?

Oracle Audit Vault and Database Firewall expands protection beyond Oracle and third party databases with support for auditing the operating system, directories and custom sources. Our client needed a product which can provide a holistic approach to the whole enterprise in terms of security, monitoring and auditing security which is exactly what this product provided.

What needs improvement?

Although Oracle Audit Vault and Database Firewall serves as a critical detective and preventive control to protect against the abuse of legitimate access to databases responsible for almost all data breaches and cyber attacks, using Database Firewall to identify and capturing audit logs of real users, especially on applications using generic users to access the database, is an uphill task. More so, to correlate suspicious SQL to the originating end user.

Reduces the complexity of setting up the appliance, especially on large application systems with generic users using CLIENT_IDENTIFIER on the database to capture audit trails.

For how long have I used the solution?

I have managed to interact with this product for a period of two years, working as a consultant to implement for one of our clients in the banking industry.

What do I think about the stability of the solution?

There are not many issues with stability on the latest version of the product.

What do I think about the scalability of the solution?

Since the appliance runs on the enterprise Oracle database, scalability is not an issue unless limited by licensing.

How are customer service and technical support?

Oracle has one of the most robust Oracle support systems to its paid customers. They also provide a lot of documentation, including installation and administration guides.

Which solution did I use previously and why did I switch?

I have not used any other solutions.

How was the initial setup?

Setting up the appliance for the first time can be a little bit difficult. Knowledge of Oracle database setup and use is required.

What's my experience with pricing, setup cost, and licensing?

Oracle Database Security solutions provide you with the most comprehensive and advanced security offerings that help reduce the costs and complexity of securing their business information across the enterprise.

Which other solutions did I evaluate?

I was dealing with a client who already purchased the appliance and was looking for an implementation team to do the setup and maintenance in their environments.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user595740
Oracle Technical Engineer at a tech services company with 501-1,000 employees
Consultant
Audit graphs include details such as time, query, and objects. We can create custom alerts for transactions, and monitor and block incoming requests.

What is most valuable?

The two most valuable features of this product are:

  • Database access control
  • Auditing of users

First of all, it is very easy to configure users and their appropriate roles and permissions on a database. The product allows us to set rules and restrictions at very minute levels.

Secondly, it audits user activities and presents relevant information in graphs and tabular formats; includes details, such as time, query and objects. We can create custom alerts for transactions and monitor and block incoming requests.

It also helps in IT auditing as we can retrieve required information in a matter of clicks.

How has it helped my organization?

Information technology outsourcing: Audit Vault and Database Firewall has helped us in many ways; specifically, to restrict and control access to data. It also has helped us identify/recover from many accidental transactions. The product has helped us to organize and monitor different applications and their transactions.

Using the features provided by this product, we have implemented restrictions on data access for individual users accessing the application to perform activities on the database. Restrictions/monitoring can be configured for column/row level as well. With Oracle Audit Vault and Database Firewall, you can create alerts for suspicious activity, create changes to privileged users, create historical reports on schema changes and data-level access. Audit Vault also can audit OS and network events. It can also be used to audit other databases (such as MYSQL, IBM, etc.) and databases in the cloud.

What needs improvement?

According to Oracle, the best practice is that Audit Vault Server and DB Firewall should be deployed on different boxes (servers). There is no option to co-locate them together. If you wish to deploy AV server and Database Firewall, you will need two servers; one dedicated to Database Firewall and the other dedicated to AV Server.

For how long have I used the solution?

I have been using this product for over 1.5 years.

What do I think about the stability of the solution?

We haven’t had any stability issues as yet, as you can even configure for HA (High Availability) as well.

What do I think about the scalability of the solution?

Security controls can be customized with in-line monitoring and blocking on some databases and monitoring only on other databases. The Database Firewall can be deployed in-line, out-of-band, or in proxy mode to work with the available network configurations.

For monitoring remote servers, the Audit Vault Agent on the database server can forward the network traffic to the Database Firewall. Delivered as a soft appliance, a single Audit Vault Server can consolidate audit logs and firewall events from thousands of databases.

Both Audit Vault Server and the Database Firewall can be configured in a HA mode for fault tolerance.

How are customer service and technical support?

Technical support, both online at support.oracle.com and the ability to contact and create service requests with Oracle, gives a lot of room for the end user to play with. Oracle is also a very mature solution and has support for all kinds of implementations and administration tasks, and even has mature documentation regarding errors and possible alerts that may arise.

Which solution did I use previously and why did I switch?

Previously, we were using Oracle Database default auditing and security measures, but always faced problems in reading audit data and creating custom alerts and reports. It is also limited to the amount of data to restriction that can be applied, such as auditing of unknown connections.

How was the initial setup?

Installation and configuration of Oracle Audit Vault and Database Security is very simple and a server can be deployed in a matter of minutes once the media is in hand.

What's my experience with pricing, setup cost, and licensing?

Oracle provides highly stable and well-documented products and their support assures value for your money.

What other advice do I have?

If an organization is interested in additional security over their Oracle database, this is the best option available, as it is easy to deploy and configure.

Disclosure: My company has a business relationship with this vendor other than being a customer: My current employer is a Platinum partner of Oracle and has implemented this, as well as many other products, over the years.
Subhash Kasundra
Senior Consultant at a tech services company with 10,001+ employees
Consultant
Custom alerts give us traceability of non-DBAs accessing databases as a power user.

What is most valuable?

Reports and alerts are most valuable to us. Management wanted complete traceability of non-DBAs accessing databases using a database power user account. With the help of Audit Vault custom alerts, we were able to control this with 100% compliance.

How has it helped my organization?

Some major improvements in organizational operations:

  • Our organization has a complete alert and control mechanism to identify unauthorized access of PROD databases.
  • Compliance with United States government security and audit standards.
  • Proactive control of audited parameters, like failed log-on attempts, to avoid Denial of Service (DoS) attacks.
  • Improved management awareness about database compliance metrics using Audit Vault.

What needs improvement?

Large scope of improvements:

  • A method to group targets (databases generating audit files) logically is missing; for example, PROD, QA, UAT & DEV targets.
  • An alert mechanism based on logical grouping is missing.
  • A simplified graphic mechanism for the management team.
  • Remote start and stop of the Audit Vault collector agent.
  • Sophisticated audit file management tools to control growth of audit files on the target server.

For how long have I used the solution?

We started our journey in mid-2010 and it’s still in live production.

What do I think about the stability of the solution?

This product is not stable for large environments with more than 50 targets. Also, it is not recommended for the Audit Vault data warehouse database to be a RAC. It seems that the product is not tested with more than 50 targets, so be ready for performance and usability surprises. To overcome these limitations, we worked with a core designer Audit Vault team and suggested product improvements for future releases. I hope they have incorporated these suggestions in the 12.1/12.2 versions.

What do I think about the scalability of the solution?

This product has scalability issues, which we resolved after working with a Audit Vault core designer. Some of the major issues are:

  • This product runs a dynamic partition creation DDL on core warehouse tables at runtime, which is not recommended. The problem escalates when you introduce RAC as a warehouse database. This feature simply kills the warehouse RAC database from a performance point of view.
  • The Audit Vault collector process on warehouse databases is designed to consume more memory to speed up processing and avoid a CPU spike. This holds good when collectors are limited, but when your target base grows, this kills the database server and results in frequent database restarts due to full memory capacity.
  • The collector process on target servers is not able to identify abrupt Audit Vault server reboots and freezes. To resolve the same, you need to restart all collectors, one-by-one, manually.
  • While adding a new target, if you have old Audit Vault files (say one or two years old) and if the agent captures that file, then the internal Audit Vault mechanism starts day-wise partition creation. That results in shared pool locks and it gets worse in the case of RAC. The workaround is to clean up all existing audit files and then reinstall the agent.

How are customer service and technical support?

I love Oracle support because of its flexible nature. We faced many major roadblocks during implementation, from a scalability point of view. It gave us pleasure to work directly with an Oracle core designer team to address all issues within our timeline. So, the support is excellent.

Which solution did I use previously and why did I switch?

This was our first solution.

How was the initial setup?

Initial setup is very simple. There are not many components. Our only worry was the collector process, which runs on the target environment. Also, management of the same is a bit tedious, as remote agent start/stop is not available.

Which other solutions did I evaluate?

There are not many products available in this segment. We evaluated a couple of products from small organizations, but this is the only solution available for enterprise-class organizations.

What other advice do I have?

Go ahead and implement the latest version. The product is really good with many built-in features and controls.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user592347
Database & Middleware at a tech services company with 51-200 employees
Consultant
You can customize report templates. Audit report generation is automated.

What is most valuable?

I like the audit report. This product has a lot of report templates and you can customize them.

One of the useful reports is the activity report. Our customer is an insurance company. They want to log every detail regarding financial transaction activities (insert, update and delete). If something happens with the data, they can trace it to the person who performed the activity, and where and when they did it.

How has it helped my organization?

Before we implemented this product, our client had to query the database to create an audit report. With this product, audit report generation is automated.

What needs improvement?

I would like to see better DB firewall documentation. We still don't understand how to configure the DB firewall.

For how long have I used the solution?

We have used Audit Vault for around two years.

What do I think about the stability of the solution?

It's very stable and runs smoothly. Our servers have never been restarted since the first installation.

What do I think about the scalability of the solution?

We have not had any issues with scalability.

How is customer service and technical support?

The level of technical support was very low. They sent us an inexperienced technician.

How was the initial setup?

Audit Vault was very easy to install, but not with the DB firewall. That's why we have dropped the DB firewall.

What other advice do I have?

Do the correct hardware sizing, especially if you want to generate detailed audit reports that include the SYS user.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user592350
Oracle DBA at a insurance company with 1,001-5,000 employees
Real User
The tool audits database usage. It took the onus off of the database and put it on a separate machine. Creating a report requires advanced coding skills and is not intuitive.

What is most valuable?

One of the most valuable features is the ability to audit database use. It conformed well. We set it up the way we wanted it.

How has it helped my organization?

It took the onus off of the database and put it on a separate machine.

What needs improvement?

I see room for improvement in almost all areas. The most important area is with custom reports. It was extremely difficult to create a report. The process to customize the reports requires a lot of research into how to code it. It takes advanced coding skills and is not intuitive. I couldn’t get them to work and I have a background in code writing.

The page for creating custom reports didn’t have an interface. The default reports did not suit our needs. There was no easy way to create reports – I had to look at the code that created the default reports and figure out how to change them to get the information we needed.

For how long have I used the solution?

I worked with this solution for two years.

What do I think about the stability of the solution?

We constantly have stability issues. The product puts an agent on each managed server to process audit information. The agents were constantly going down without warning and missed auditing data.

What do I think about the scalability of the solution?

Any upgrade or patch required a complete reinstall. This was inconvenient.

How is customer service and technical support?

We have used technical support. The SRs we opened with Oracle were ignored because no one had any experience with the product. A Level 1 (production down) ticket went unanswered for weeks.

How was the initial setup?

The installation took a blank server and installed Oracle Linux, Oracle Database 11.2.0.4, and the web-based application at once. Setting it up was an adventure and the documentation was poor.

What other advice do I have?

Good luck.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user562536
Database & Flexcube System Administrator at a financial services firm with 501-1,000 employees
Vendor
Out-of-the-box reports covers most of the auditing features that you might need. In earlier versions, there were some configuration bugs.

What is most valuable?

The out-of-the-box reports feature is most valuable because it covers most of the useful auditing features that you might need.

How has it helped my organization?

I haven’t used this product at my current job but I implemented it at a couple of other organizations, as a technical consultant. What they really wanted to do was to be able to check who is doing what with their sensitive data and they achieved that.

What needs improvement?

I am not sure for the latest version but for previous versions, there were some configuration bugs when connecting Audit Vault Agent with Audit Vault Server.

For how long have I used the solution?

I have used this product for five years.

What do I think about the stability of the solution?

If you use the DB AUD$ option, you have to be careful because this table might fill up your database without any notifications.

What do I think about the scalability of the solution?

I have not encountered any scalability issues.

How are customer service and technical support?

I would give the technical support a 7/10 rating.

Which solution did I use previously and why did I switch?

We previously did not use any other solution.

How was the initial setup?

The initial setup was a bit complex for versions 10-11. However, the setup for version 12 is straightforward.

What's my experience with pricing, setup cost, and licensing?

In my opinion, the license cost is worth the work that the product is doing.

Which other solutions did I evaluate?

I haven’t evaluated other options because there were only Oracle environments.

What other advice do I have?

If you are implementing this product, I would advise not to audit the whole database since that will cause you a lot of trouble. You need to plan very well of what needs to be audited.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user560259
IT Solutions Architect at a tech services company with 51-200 employees
Consultant
The PL/SQL auditing feature helps to control code updates. In data-sensitive environments, leveraging the inbuilt compliance reports can be valuable.

What is most valuable?

The most valuable features of this product are:

  • PL/SQL auditing: It helps to control the code updates in a sensitive environment.

  • Inbuilt compliance reports - In data-sensitive environments where auditing teams require generation of reports for specific database such as SOX-compliant financial databases, HIPAA-compliant healthcare databases or PCI-compliant databases, leveraging these inbuilt reports in Oracle Audit Vault 12c can be of great value.

How has it helped my organization?

We are the implementers of the product to our clients.

What needs improvement?

This product should improve capturing more auditing information for database sessions that connect via applications and also through database links. When the database sessions are generated from the applications that use database links from other databases, by nature the target database won't capture relevant information of the remote sessions. Also in the audit trails, it is of utmost importance who are the data consumers so as to track and control the appropriate use of the information.

There is need to improve capturing of more auditing information for OS logins as well.

For how long have I used the solution?

I have used this solution for three years.

What do I think about the stability of the solution?

I have not encountered any stability issues.

What do I think about the scalability of the solution?

I have not encountered any scalability issues.

How are customer service and technical support?

I would give the technical support a 7/10, i.e., an above-average rating.

Which solution did I use previously and why did I switch?

We have not used any other solution.

How was the initial setup?

The setup for Audit Vault is relatively simple.

However, configuring personalized reports is a nasty task. There are many variables involved and the documentation is not very good. The way the reports can be personalized must be more visual and requires a drag-and-drop feature rather than creating it in a rudimentary manner.

What's my experience with pricing, setup cost, and licensing?

It is an expensive solution. For those customers who do not have any ULA agreements with Oracle, the solution is practically impossible to acquire.

Which other solutions did I evaluate?

We did not evaluate other options.

What other advice do I have?

Those who have already acquired the product, the implementation and use of the product is dependent on its daily use so as to get acquainted with all the features. If they have installed the platform and don't use it regularly, it’s a waste of time and energy.

One day when somebody asks about the audit reports, the database auditors will be in a big problem if they don't know how to generate the requested reports.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are Oracle GOLD Partners.
it_user427872
Sr. Lead Consultant - Database at a tech company with 501-1,000 employees
Vendor
The REDO_COLL function captures all changed values in the audited tables of a database.

What is most valuable?

The most valuable features of this product are auditing the old and new values after each change in the database, REDO_COLL and capturing application context functionalities.

REDO_COLL is a function provided by Oracle Audit Vault where the system captures all values that are changed in the audited tables of a database. So if someone fires an update in a table, the auditing system will not only capture the value which was enforced as part of the update, but will also capture the old value (before the update was done).

Application Context is an interesting implementation, where we can pass additional information about front-desk application users in the audit trail. So, when we look at an audit log we not only see the database user but also the application user who has viewed/changed the data.

How has it helped my organization?

Auditing as an imperative function of any Enterprise company. We require the audit logs for compliance needs and for tighter control of the infrastructure. Being in the Health Insurance industry and handling PHI & PII data, there are compliance mandates enforced by HIPAA. Oracle audit Vault helps us implement the control points enlisted under "Audit Requirements". HIPAA mandates us to track any/all access to ePHI data in our system, even if it is just a READ ONLY access. With Oracle Audit Vault, we have a centralized system to access all Audit Trails for sensitive data access.

What needs improvement?

The price factor makes it “out of reach" for small players in the IT industry. Even the SaaS model is very expensive. SaaS is an alternative hosting model where Oracle hosts the audit vault in their data center and installs audit collection agents on client data center. They host these appliances in their HIPAA-complaint data center where all controls are active. They work with the client to set-up secure channels for audit data and then sign BAA with the client. This auditing feature is made available as a service for which Oracle charges on a pro-rated basis.

Also, Audit Vault is not yet licensed to run with Other Cloud offerings like Amazon AWS, which makes it difficult to implement incase your existing tech-stack is on AWS or any other non-Oracle-Cloud Infrastructure.

For how long have I used the solution?

I have used this product for almost a year.

What was my experience with deployment of the solution?

Yes, its not certified to run with Amazon AWS.

What do I think about the stability of the solution?

I did not encounter any such issues. The product was both stable and scalable.

What do I think about the scalability of the solution?

I did not encounter any scalability issues either.

How are customer service and technical support?

The technical support is great.

Which solution did I use previously and why did I switch?

We did not use any other solutions. Our company needed a full auditing suite for our database along with capturing application context and REDO_COLL functionality. This product was our first choice.

How was the initial setup?

It has an appliance setup which is not supported on Amazon or any other third party cloud, making the process very cumbersome.

What's my experience with pricing, setup cost, and licensing?

The pricing policy is quite aggressive. We must equal the number of processors on DB in accordance with this appliance, thus making it very expensive.

Which other solutions did I evaluate?

We evaluated the IBM Guardium solution.

What other advice do I have?

If this product falls under your budget, then there is nothing like it in the market.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user1221
Database Expert at a healthcare company with 501-1,000 employees
Vendor
Great Oracle Database Security Management Tool, minimal processing overhead and great GUI .

Valuable Features:

Audit Vault is a good Oracle Tool to collect all Database Audit Information in a single database repository for managing Database Security. I have used it to collect DB login info , Server access info, SQL statements , before and after images of Data using OS, DB and REDO collectors. Provides and easy to use browser based GUI to generate Standard Reports for Compliance purposes - SOX(Sabanes Oxley) and PCI(Payment Card Industry) compliance and allows custom report generation too.

Room for Improvement:

The underlying Mechanism for collect SQL statements (REDO collector) is still based on Oracle Streams technology. Data in Audit Vault needs to Selected properly and purged at regular intervals else it grows too much to manage. Increases network traffic especially between Audit Vault Server and Source Databases.

Other Advice:

DBA skills needed for proper setup. Also, there are situations when the DBA needs to run Oracle streams commands to manage the streams data flows and also monitor Streams propagation and apply activities. Next release probably will use Golden Gate as the underlying technology instead of Streams.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Product Categories
Database Security
Buyer's Guide
Download our free Database Security Report and find out what your peers are saying about Oracle, IBM, Imperva, and more!
Quick Links