Oracle on Wednesday launched Oracle Audit Vault and Database Firewall, part of the database giant’s answer to help protect Oracle and non-Oracle databases by monitoring network traffic and analyzing audit data.
The new Oracle Audit Vault and Database Firewall product essentially merges its Oracle Audit Vault and Oracle Database Firewall products into one, and expands protection to third party (non-Oracle) databases, and adds other enhancements.
By monitoring database traffic, Oracle Audit Vault and Database Firewall helps detect unauthorized activity including SQL injection attacks, and blocks both internal and external threats targeting enterprise databases. It also is able to audit the operating system, directories and custom sources.
Oracle Audit Vault and Database Firewall serves as a “critical detective and preventive control” to protect against the abuse of legitimate access to databases responsible for almost all data breaches and cyber attacks, the company said.
Key features in the product outlined by the company include:
• Database Activity Monitoring and Firewall: SQL Traffic monitoring of all certified versions of Oracle and third party databases including Microsoft SQL Server, SAP Sybase, IBM DB2, and MySQL; SQL grammar analysis that helps to reduce millions of SQL statements into “clusters” for improved accuracy and scalability; and easy to create whitelists, blacklists and exception lists to better detect unauthorized database activity including SQL injection attacks.
• Expanded Enterprise Auditing: Capabilities to collect, consolidate, and manage native audit and event logs from Oracle and third party databases; additional support for collecting and consolidating audit and event logs from Microsoft Windows, Microsoft Active Directory, Oracle Solaris and Oracle Automatic Storage Management Cluster File System, as well as XML and table-based audit sources through XML-based Audit Collection Plugins.
• Consolidated Reporting and Alerting: Consolidated, centralized repository for all audit and event logs to be analyzed in real-time against pre-defined policies; unprecedented visibility into stored procedure execution, recursive SQL and operational activities; dozens of built-in reports to meet compliance requirements; and powerful alerting capabilities including multi-event alerts and alert thresholds.
“Oracle Audit Vault and Database Firewall is not just an integration of two existing products,” said Vipin Samar, vice president of Database Security Product Development at Oracle. “This is a new product that provides a unified monitoring and auditing platform that goes beyond databases.”
Additionally, the company said that by offering the solution through a software appliance-based platform, customers are able to accelerate enterprise-wide deployments and simplify operations.
Oracle reminded that the product is not a one-shot solution, but complements its Oracle Advanced Security, Oracle Audit Vault and Oracle Database Vault products.