KuppingerCole on Oracle Audit Vault and Database Filewall
KuppingerCole just released a Snapshot report on Oracle Audit Vault and Database Firewall. Â It provides a good overview of this product, which recently merged into one combined product, encompassing the functionality previously in two products. Â Can you guess their names? Â Yep – Oracle Audit Vault and Oracle Database Firewall.
With the new product, Oracle combines these offerings. Notably this is about integration, not just about a suite of two different products.
For example:
The new offering has a single administrator console and fully integrates the two products.  Events generated by the database firewall component are automatically provided to the audit vault component.
Primary features include:
- Database firewall: detecting and blocking database attacks, including SQL injection attacks, the most common web application threat.
- Database and “stack†auditing: auditing across the stack, including operating system events, file system events (Oracle ACFS), the databases themselves, and custom audit logs.
- Separation of duties: segregation between administrators and auditors to avoid fraud on collected audit data; supported by a fine-grain security model.
- Alerting: flexible configuration of complex alerting conditions, including multi-event alerts with thresholds and group-by.
- Flexible deployment models: support for a wide range of deployment models, from out-of-band monitoring to full in-line high availability mode.
- Single administration console: unified administration console to manage all features and policies through a single interface.
- Compliance reporting: dozens of out of the box reports that can be easily customized through the user interface.
The databases currently supported are Oracle Database, MySQL, SAP Sybase, IBM DB2, and Microsoft SQL Server
Â