SlideShare une entreprise Scribd logo

Introducing Oracle Audit Vault and Database Firewall

Télécharger en tant que PPTX, PDF
T
Troy Kitch

Join us to hear about a new Oracle product that monitors Oracle and non-Oracle database traffic, detects unauthorized activity including SQL injection attacks, and blocks internal and external threats from reaching the database. In addition this new product collects and consolidates audit data from databases, operating systems, directories, and any custom template-defined source into a centralized, secure warehouse. This new enterprise security monitoring and auditing platform allows organizations to quickly detect and respond to threats with powerful real-time policy analysis, alerting and reporting capabilities. Based on proven SQL grammar analysis that ensures accuracy, performance, and scalability, organizations can deploy with confidence in any mode. You will also hear how organizations such as TransUnion Interactive and SquareTwo Financial rely on Oracle today to monitor and secure their Oracle and non-Oracle database environments.

Technologie
1  sur  28
1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Introducing Oracle Audit Vault and Database Firewall
Billions of Database Records Breached Globally 97% of Breaches Were Avoidable with Basic Controls 98% records stolen from databases 84% records breached using stolen credentials 71% fell within minutes 92% discovered by third party 3 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Why are Databases so Vulnerable? 80% of IT Security Programs Don’t Address Database Security Forrester Research Network Security “Enterprises are taking on risks Authentication SIEM & User Security that they may not even be aware of. Especially as more and more Email Security Endpoint attacks against databases exploit Database Security Security legitimate access.” Web Application Firewall 5 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Database Security Solutions Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 6 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Database Security Solutions Detect and Block Threats, Alert, Audit and Report PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 7 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall New Solution for Oracle and Non-Oracle Databases Database Firewall Users Allow Log Alert Applications Substitute Block Firewall Events Auditor Reports Audit Data Alerts ! Security Manager Policies OS, Directory, File System & Custom Audit Logs Audit Vault 8 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall SQL Injection Protection with Positive Security Model SELECT * from stock White List where catalog-no='PHE8131' Allow Block Applications SELECT * from stock where catalog-no=‘ Databases ' union select cardNo,0,0 from Orders --’ • “Allowed” behavior can be defined for any user or application • Automated white list generation for any application • Out-of-policy database transaction detected and blocked/alerted 9 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Enforcing Database Activity with Negative Security Model SELECT * FROM v$session Black List Block DBA activity from Application? SELECT * FROM Allow + Log DBA activity from v$session Approved Workstation • Stop specific unwanted SQL interactions, user or schema access • Blacklisting can be done on factors such as time of day, day of week, network, application, user name, OS user name etc • Provide flexibility to authorized users while still monitoring activity 10 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Comprehensive Enterprise Audit and Log Consolidation  Databases: Oracle, SQL Server, DB2 LUW, Sybase ASE  New Audit Sources – Operating Systems: Microsoft Windows, Solaris – Directory Services: Active Directory – File Systems: Oracle ACFS  Audit Collection Plugins for Custom Audit Sources – XML file maps custom audit elements to canonical audit elements – Collect and map data from XML audit file and database tables 11 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Audit and Event Repository  Based on proven Oracle Database technology – Includes compression, partitioning, scalability, high availability, etc. – Open schema for flexible reporting  Information lifecycle management for target specific data retention  Centralized web console for easy administration  Command line utility for automation and scripting 12 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Audit and Event Data Security  Software appliance based on hardened OS and pre- configured database  Fine-grained administrative groups – Sources can be grouped for access authorization – Individual auditor reports limited to data from the „grouped‟ sources  Separation of duties  Powerful multi-event alerting with thresholds and group-by 13 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Single Administrator Console 14 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Default Reports 15 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Out-of-the Box Compliance Reporting 16 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Report with Data from Multiple Source Types 17 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Auditing Stored Procedure Calls – Not Visible on the Network 18 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Extensive Audit Details 19 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Blocking SQL Injection Attacks 20 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Powerful Alerting Filter Conditions 21 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Flexible Deployment Architectures In-Line Blocking and Monitoring Remote Monitoring Out-of-Band Monitoring Applications and Users HA Mode Inbound SQL Traffic Audit Agents Audit Vault Audit Data Audit Vault Primary Standby Software Appliances 22 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Audit Vault and Database Firewall Performance and Scalability  Audit Vault – Supports monitoring and auditing multiple hundreds of heterogeneous database and non-database targets – Supports wide range of hardware to meet load requirements  Database Firewall – Decision time is independent of the number of rules in the policy – Multi-device / multi-process / multi-core scalability – 8 core can handle between 30K – 60K transactions/second 23 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
T-Mobile Protecting Customer Data in Oracle and non-Oracle Databases Challenge  Protect sensitive data – PCI, CPNI, SPII – in both Oracle and non- Oracle Databases  Monitor database threats, including SQL injection attacks and data Provider of wireless voice, harvesting, without having to change application code messaging, and data  Full visibility into database activity services throughout the U.S. Fourth largest wireless  Understand what types of changes are being made to sensitive data company in the U.S. with Solution more than 35 million subscribers  Addresses data security with Database Firewall, TDE, Data Masking Industry: Telecom as comprehensive database security defense-in-depth strategy  Database activity monitoring prevents insider and external threats  Deployed and setup within a few hours; already protected against a few compromised accounts that were harvesting data 24 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
SquareTwo Financial Addresses Regulatory Compliance, Enables Separation of Duties Challenge  Comply with a number of regulations: GLBA, HIPAA, SOX, and PCI  Prove separation of duties for Sarbanes-Oxley compliance  Quickly scale IT Security to address fast 37% company growth Leader in $100 billion asset recovery and management  Minimal disruption to 5.9 million accounts while maintaining growth industry  Secure Exadata Database Machine with no application changes Partner Network used by Fortune 500 companies in Solution banking, credit card, and  Addresses compliance with Database Firewall, TDE, Data Masking health care as comprehensive database security defense-in-depth strategy Industry: Financial Services  Database activity monitoring to protect against insider and external threats, including SQL injection attacks  Securing Exadata and SQL Server database activity 25 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
TransUnion Interactive Addresses Regulatory Compliance, Secures Sensitive Data Challenge  Maintain PCI DSS, SOX, and GLBA compliance  Increase database traffic visibility; detect and monitor activity  Increase database security and monitor for application SQL Consumer subsidiary of injection attacks TransUnion, a global leader in credit information  Detect and prevent application by-pass and data harvesting Maintains credit histories on Solution over 500 million consumers globally  Deployed Database Firewall in one month; monitor database traffic Industry: Financial Services  Achieved 10k transactions/sec while maintaining performance  Using reports to monitor traffic and manage workloads and capacity  Use Oracle Advanced Security to encrypt tablespaces 26 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
For More Information Oracle Audit Vault and Database Firewall 27 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Q&A 28 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
29 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.

Recommandé

AV/DF Advanced Security Option
AV/DF Advanced Security OptionAV/DF Advanced Security Option
AV/DF Advanced Security OptionDLT Solutions
 
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdfPpt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdfMelody Liu
 
Presentation database security audit vault & database firewall
Presentation database security audit vault & database firewallPresentation database security audit vault & database firewall
Presentation database security audit vault & database firewallxKinAnx
 
What to Expect From Oracle database 19c
What to Expect From Oracle database 19cWhat to Expect From Oracle database 19c
What to Expect From Oracle database 19cMaria Colgan
 
Oracle Audit vault
Oracle Audit vaultOracle Audit vault
Oracle Audit vaultuzzal basak
 
Oracle Active Data Guard: Best Practices and New Features Deep Dive
Oracle Active Data Guard: Best Practices and New Features Deep Dive Oracle Active Data Guard: Best Practices and New Features Deep Dive
Oracle Active Data Guard: Best Practices and New Features Deep Dive Glen Hawkins
 
Backup and recovery in oracle
Backup and recovery in oracleBackup and recovery in oracle
Backup and recovery in oraclesadegh salehi
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 

Recommandé

AV/DF Advanced Security Option
AV/DF Advanced Security OptionAV/DF Advanced Security Option
AV/DF Advanced Security OptionDLT Solutions
 
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdfPpt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdfMelody Liu
 
Presentation database security audit vault & database firewall
Presentation database security audit vault & database firewallPresentation database security audit vault & database firewall
Presentation database security audit vault & database firewallxKinAnx
 
What to Expect From Oracle database 19c
What to Expect From Oracle database 19cWhat to Expect From Oracle database 19c
What to Expect From Oracle database 19cMaria Colgan
 
Oracle Audit vault
Oracle Audit vaultOracle Audit vault
Oracle Audit vaultuzzal basak
 
Oracle Active Data Guard: Best Practices and New Features Deep Dive
Oracle Active Data Guard: Best Practices and New Features Deep Dive Oracle Active Data Guard: Best Practices and New Features Deep Dive
Oracle Active Data Guard: Best Practices and New Features Deep Dive Glen Hawkins
 
Backup and recovery in oracle
Backup and recovery in oracleBackup and recovery in oracle
Backup and recovery in oraclesadegh salehi
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 
Oracle Database Vault
Oracle Database VaultOracle Database Vault
Oracle Database VaultMarco Alamanni
 
What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1Satishbabu Gunukula
 
Oracle RAC 19c and Later - Best Practices #OOWLON
Oracle RAC 19c and Later - Best Practices #OOWLONOracle RAC 19c and Later - Best Practices #OOWLON
Oracle RAC 19c and Later - Best Practices #OOWLONMarkus Michalewicz
 
Oracle Real Application Clusters 19c- Best Practices and Internals- EMEA Tour...
Oracle Real Application Clusters 19c- Best Practices and Internals- EMEA Tour...Oracle Real Application Clusters 19c- Best Practices and Internals- EMEA Tour...
Oracle Real Application Clusters 19c- Best Practices and Internals- EMEA Tour...Sandesh Rao
 
Dataguard presentation
Dataguard presentationDataguard presentation
Dataguard presentationVimlendu Kumar
 
Oracle Extended Clusters for Oracle RAC
Oracle Extended Clusters for Oracle RACOracle Extended Clusters for Oracle RAC
Oracle Extended Clusters for Oracle RACMarkus Michalewicz
 
Oracle R12 EBS Performance Tuning
Oracle R12 EBS Performance TuningOracle R12 EBS Performance Tuning
Oracle R12 EBS Performance TuningScott Jenner
 
Make Your Application “Oracle RAC Ready” & Test For It
Make Your Application “Oracle RAC Ready” & Test For ItMake Your Application “Oracle RAC Ready” & Test For It
Make Your Application “Oracle RAC Ready” & Test For ItMarkus Michalewicz
 
Backup & recovery with rman
Backup & recovery with rmanBackup & recovery with rman
Backup & recovery with rmanitsabidhussain
 
Oracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret InternalsOracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret InternalsAnil Nair
 
Oracle Database Security
Oracle Database SecurityOracle Database Security
Oracle Database SecurityTroy Kitch
 
Oracle data guard for beginners
Oracle data guard for beginnersOracle data guard for beginners
Oracle data guard for beginnersPini Dibask
 
Oracle RAC features on Exadata
Oracle RAC features on ExadataOracle RAC features on Exadata
Oracle RAC features on ExadataAnil Nair
 
Oracle sql high performance tuning
Oracle sql high performance tuningOracle sql high performance tuning
Oracle sql high performance tuningGuy Harrison
 
Oracle ASM Training
Oracle ASM TrainingOracle ASM Training
Oracle ASM TrainingVigilant Technologies
 
Oracle RAC Internals - The Cache Fusion Edition
Oracle RAC Internals - The Cache Fusion EditionOracle RAC Internals - The Cache Fusion Edition
Oracle RAC Internals - The Cache Fusion EditionMarkus Michalewicz
 
MAA Best Practices for Oracle Database 19c
MAA Best Practices for Oracle Database 19cMAA Best Practices for Oracle Database 19c
MAA Best Practices for Oracle Database 19cMarkus Michalewicz
 
Oracle Cloud is Best for Oracle Database - High Availability
Oracle Cloud is Best for Oracle Database - High AvailabilityOracle Cloud is Best for Oracle Database - High Availability
Oracle Cloud is Best for Oracle Database - High AvailabilityMarkus Michalewicz
 
Oracle運用Tips大放出! ~ RAC環境のRMANのパラレル化を極める 編 ~ @2016-02-23 JPOUG
Oracle運用Tips大放出! ~ RAC環境のRMANのパラレル化を極める 編 ~ @2016-02-23 JPOUG Oracle運用Tips大放出! ~ RAC環境のRMANのパラレル化を極める 編 ~ @2016-02-23 JPOUG
Oracle運用Tips大放出! ~ RAC環境のRMANのパラレル化を極める 編 ~ @2016-02-23 JPOUG Yuya Ohta
 
How to Use Oracle RAC in a Cloud? - A Support Question
How to Use Oracle RAC in a Cloud? - A Support QuestionHow to Use Oracle RAC in a Cloud? - A Support Question
How to Use Oracle RAC in a Cloud? - A Support QuestionMarkus Michalewicz
 
Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationIBM Danmark
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud finalOracleIDM
 

Contenu connexe

Tendances

What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1Satishbabu Gunukula
 
Oracle RAC 19c and Later - Best Practices #OOWLON
Oracle RAC 19c and Later - Best Practices #OOWLONOracle RAC 19c and Later - Best Practices #OOWLON
Oracle RAC 19c and Later - Best Practices #OOWLONMarkus Michalewicz
 
Oracle Real Application Clusters 19c- Best Practices and Internals- EMEA Tour...
Oracle Real Application Clusters 19c- Best Practices and Internals- EMEA Tour...Oracle Real Application Clusters 19c- Best Practices and Internals- EMEA Tour...
Oracle Real Application Clusters 19c- Best Practices and Internals- EMEA Tour...Sandesh Rao
 
Dataguard presentation
Dataguard presentationDataguard presentation
Dataguard presentationVimlendu Kumar
 
Oracle Extended Clusters for Oracle RAC
Oracle Extended Clusters for Oracle RACOracle Extended Clusters for Oracle RAC
Oracle Extended Clusters for Oracle RACMarkus Michalewicz
 
Oracle R12 EBS Performance Tuning
Oracle R12 EBS Performance TuningOracle R12 EBS Performance Tuning
Oracle R12 EBS Performance TuningScott Jenner
 
Make Your Application “Oracle RAC Ready” & Test For It
Make Your Application “Oracle RAC Ready” & Test For ItMake Your Application “Oracle RAC Ready” & Test For It
Make Your Application “Oracle RAC Ready” & Test For ItMarkus Michalewicz
 
Backup & recovery with rman
Backup & recovery with rmanBackup & recovery with rman
Backup & recovery with rmanitsabidhussain
 
Oracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret InternalsOracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret InternalsAnil Nair
 
Oracle Database Security
Oracle Database SecurityOracle Database Security
Oracle Database SecurityTroy Kitch
 
Oracle data guard for beginners
Oracle data guard for beginnersOracle data guard for beginners
Oracle data guard for beginnersPini Dibask
 
Oracle RAC features on Exadata
Oracle RAC features on ExadataOracle RAC features on Exadata
Oracle RAC features on ExadataAnil Nair
 
Oracle sql high performance tuning
Oracle sql high performance tuningOracle sql high performance tuning
Oracle sql high performance tuningGuy Harrison
 
Oracle RAC Internals - The Cache Fusion Edition
Oracle RAC Internals - The Cache Fusion EditionOracle RAC Internals - The Cache Fusion Edition
Oracle RAC Internals - The Cache Fusion EditionMarkus Michalewicz
 
MAA Best Practices for Oracle Database 19c
MAA Best Practices for Oracle Database 19cMAA Best Practices for Oracle Database 19c
MAA Best Practices for Oracle Database 19cMarkus Michalewicz
 
Oracle Cloud is Best for Oracle Database - High Availability
Oracle Cloud is Best for Oracle Database - High AvailabilityOracle Cloud is Best for Oracle Database - High Availability
Oracle Cloud is Best for Oracle Database - High AvailabilityMarkus Michalewicz
 
Oracle運用Tips大放出! ~ RAC環境のRMANのパラレル化を極める 編 ~ @2016-02-23 JPOUG
Oracle運用Tips大放出! ~ RAC環境のRMANのパラレル化を極める 編 ~ @2016-02-23 JPOUG Oracle運用Tips大放出! ~ RAC環境のRMANのパラレル化を極める 編 ~ @2016-02-23 JPOUG
Oracle運用Tips大放出! ~ RAC環境のRMANのパラレル化を極める 編 ~ @2016-02-23 JPOUG Yuya Ohta
 
How to Use Oracle RAC in a Cloud? - A Support Question
How to Use Oracle RAC in a Cloud? - A Support QuestionHow to Use Oracle RAC in a Cloud? - A Support Question
How to Use Oracle RAC in a Cloud? - A Support QuestionMarkus Michalewicz
 

Tendances (20)

Oracle Database Vault
Oracle Database VaultOracle Database Vault
Oracle Database Vault
 
What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1What’s New in Oracle Database 19c - Part 1
What’s New in Oracle Database 19c - Part 1
 
Oracle RAC 19c and Later - Best Practices #OOWLON
Oracle RAC 19c and Later - Best Practices #OOWLONOracle RAC 19c and Later - Best Practices #OOWLON
Oracle RAC 19c and Later - Best Practices #OOWLON
 
Oracle Real Application Clusters 19c- Best Practices and Internals- EMEA Tour...
Oracle Real Application Clusters 19c- Best Practices and Internals- EMEA Tour...Oracle Real Application Clusters 19c- Best Practices and Internals- EMEA Tour...
Oracle Real Application Clusters 19c- Best Practices and Internals- EMEA Tour...
 
Dataguard presentation
Dataguard presentationDataguard presentation
Dataguard presentation
 
Oracle Extended Clusters for Oracle RAC
Oracle Extended Clusters for Oracle RACOracle Extended Clusters for Oracle RAC
Oracle Extended Clusters for Oracle RAC
 
Oracle R12 EBS Performance Tuning
Oracle R12 EBS Performance TuningOracle R12 EBS Performance Tuning
Oracle R12 EBS Performance Tuning
 
Make Your Application “Oracle RAC Ready” & Test For It
Make Your Application “Oracle RAC Ready” & Test For ItMake Your Application “Oracle RAC Ready” & Test For It
Make Your Application “Oracle RAC Ready” & Test For It
 
Backup & recovery with rman
Backup & recovery with rmanBackup & recovery with rman
Backup & recovery with rman
 
Oracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret InternalsOracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret Internals
 
Oracle Database Security
Oracle Database SecurityOracle Database Security
Oracle Database Security
 
Oracle data guard for beginners
Oracle data guard for beginnersOracle data guard for beginners
Oracle data guard for beginners
 
Oracle RAC features on Exadata
Oracle RAC features on ExadataOracle RAC features on Exadata
Oracle RAC features on Exadata
 
Oracle sql high performance tuning
Oracle sql high performance tuningOracle sql high performance tuning
Oracle sql high performance tuning
 
Oracle ASM Training
Oracle ASM TrainingOracle ASM Training
Oracle ASM Training
 
Oracle RAC Internals - The Cache Fusion Edition
Oracle RAC Internals - The Cache Fusion EditionOracle RAC Internals - The Cache Fusion Edition
Oracle RAC Internals - The Cache Fusion Edition
 
MAA Best Practices for Oracle Database 19c
MAA Best Practices for Oracle Database 19cMAA Best Practices for Oracle Database 19c
MAA Best Practices for Oracle Database 19c
 
Oracle Cloud is Best for Oracle Database - High Availability
Oracle Cloud is Best for Oracle Database - High AvailabilityOracle Cloud is Best for Oracle Database - High Availability
Oracle Cloud is Best for Oracle Database - High Availability
 
Oracle運用Tips大放出! ~ RAC環境のRMANのパラレル化を極める 編 ~ @2016-02-23 JPOUG
Oracle運用Tips大放出! ~ RAC環境のRMANのパラレル化を極める 編 ~ @2016-02-23 JPOUG Oracle運用Tips大放出! ~ RAC環境のRMANのパラレル化を極める 編 ~ @2016-02-23 JPOUG
Oracle運用Tips大放出! ~ RAC環境のRMANのパラレル化を極める 編 ~ @2016-02-23 JPOUG
 
How to Use Oracle RAC in a Cloud? - A Support Question
How to Use Oracle RAC in a Cloud? - A Support QuestionHow to Use Oracle RAC in a Cloud? - A Support Question
How to Use Oracle RAC in a Cloud? - A Support Question
 

Similaire à Introducing Oracle Audit Vault and Database Firewall

Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationIBM Danmark
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud finalOracleIDM
 
Secure Enterprise Cloud
Secure Enterprise CloudSecure Enterprise Cloud
Secure Enterprise CloudIndu Kodukula
 
HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010Andris Soroka
 
Projecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the CloudProjecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the CloudScientia Groups
 
Best Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security ProductsBest Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security ProductsEstuate, Inc.
 
SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011Satish Hemachandran
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Securityebuc
 
Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Oracle BH
 
Tänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraTänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraORACLE USER GROUP ESTONIA
 
High Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerHigh Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerNovell
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1OracleIDM
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Anindya Ghosh,
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012Symantec
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonUlf Mattsson
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec
 

Similaire à Introducing Oracle Audit Vault and Database Firewall (20)

Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig information
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud final
 
Secure Enterprise Cloud
Secure Enterprise CloudSecure Enterprise Cloud
Secure Enterprise Cloud
 
QualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
QualysGuard InfoDay 2012 - Secure Digital Vault for QualysQualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
QualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
 
HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010
 
Oracle a TBIZ2011
Oracle a TBIZ2011Oracle a TBIZ2011
Oracle a TBIZ2011
 
Projecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the CloudProjecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the Cloud
 
Best Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security ProductsBest Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security Products
 
SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
 
Sw keynote
Sw keynoteSw keynote
Sw keynote
 
Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2Ppt security-database-overview-11g r2
Ppt security-database-overview-11g r2
 
Tänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraTänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi Tara
 
High Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerHigh Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log Manager
 
Securityinsideout
SecurityinsideoutSecurityinsideout
Securityinsideout
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12
 

Dernier

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 

Dernier (20)

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 

Introducing Oracle Audit Vault and Database Firewall

  • 1. 1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 2. Introducing Oracle Audit Vault and Database Firewall
  • 3. Billions of Database Records Breached Globally 97% of Breaches Were Avoidable with Basic Controls 98% records stolen from databases 84% records breached using stolen credentials 71% fell within minutes 92% discovered by third party 3 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 4. Why are Databases so Vulnerable? 80% of IT Security Programs Don’t Address Database Security Forrester Research Network Security “Enterprises are taking on risks Authentication SIEM & User Security that they may not even be aware of. Especially as more and more Email Security Endpoint attacks against databases exploit Database Security Security legitimate access.” Web Application Firewall 5 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 5. Oracle Database Security Solutions Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 6 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 6. Oracle Database Security Solutions Detect and Block Threats, Alert, Audit and Report PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 7 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 7. Oracle Audit Vault and Database Firewall New Solution for Oracle and Non-Oracle Databases Database Firewall Users Allow Log Alert Applications Substitute Block Firewall Events Auditor Reports Audit Data Alerts ! Security Manager Policies OS, Directory, File System & Custom Audit Logs Audit Vault 8 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 8. Oracle Audit Vault and Database Firewall SQL Injection Protection with Positive Security Model SELECT * from stock White List where catalog-no='PHE8131' Allow Block Applications SELECT * from stock where catalog-no=‘ Databases ' union select cardNo,0,0 from Orders --’ • “Allowed” behavior can be defined for any user or application • Automated white list generation for any application • Out-of-policy database transaction detected and blocked/alerted 9 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 9. Oracle Audit Vault and Database Firewall Enforcing Database Activity with Negative Security Model SELECT * FROM v$session Black List Block DBA activity from Application? SELECT * FROM Allow + Log DBA activity from v$session Approved Workstation • Stop specific unwanted SQL interactions, user or schema access • Blacklisting can be done on factors such as time of day, day of week, network, application, user name, OS user name etc • Provide flexibility to authorized users while still monitoring activity 10 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 10. Oracle Audit Vault and Database Firewall Comprehensive Enterprise Audit and Log Consolidation  Databases: Oracle, SQL Server, DB2 LUW, Sybase ASE  New Audit Sources – Operating Systems: Microsoft Windows, Solaris – Directory Services: Active Directory – File Systems: Oracle ACFS  Audit Collection Plugins for Custom Audit Sources – XML file maps custom audit elements to canonical audit elements – Collect and map data from XML audit file and database tables 11 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 11. Oracle Audit Vault and Database Firewall Audit and Event Repository  Based on proven Oracle Database technology – Includes compression, partitioning, scalability, high availability, etc. – Open schema for flexible reporting  Information lifecycle management for target specific data retention  Centralized web console for easy administration  Command line utility for automation and scripting 12 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 12. Oracle Audit Vault and Database Firewall Audit and Event Data Security  Software appliance based on hardened OS and pre- configured database  Fine-grained administrative groups – Sources can be grouped for access authorization – Individual auditor reports limited to data from the „grouped‟ sources  Separation of duties  Powerful multi-event alerting with thresholds and group-by 13 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 13. Oracle Audit Vault and Database Firewall Single Administrator Console 14 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 14. Oracle Audit Vault and Database Firewall Default Reports 15 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 15. Oracle Audit Vault and Database Firewall Out-of-the Box Compliance Reporting 16 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 16. Oracle Audit Vault and Database Firewall Report with Data from Multiple Source Types 17 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 17. Oracle Audit Vault and Database Firewall Auditing Stored Procedure Calls – Not Visible on the Network 18 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 18. Oracle Audit Vault and Database Firewall Extensive Audit Details 19 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 19. Oracle Audit Vault and Database Firewall Blocking SQL Injection Attacks 20 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 20. Oracle Audit Vault and Database Firewall Powerful Alerting Filter Conditions 21 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 21. Oracle Audit Vault and Database Firewall Flexible Deployment Architectures In-Line Blocking and Monitoring Remote Monitoring Out-of-Band Monitoring Applications and Users HA Mode Inbound SQL Traffic Audit Agents Audit Vault Audit Data Audit Vault Primary Standby Software Appliances 22 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 22. Oracle Audit Vault and Database Firewall Performance and Scalability  Audit Vault – Supports monitoring and auditing multiple hundreds of heterogeneous database and non-database targets – Supports wide range of hardware to meet load requirements  Database Firewall – Decision time is independent of the number of rules in the policy – Multi-device / multi-process / multi-core scalability – 8 core can handle between 30K – 60K transactions/second 23 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 23. T-Mobile Protecting Customer Data in Oracle and non-Oracle Databases Challenge  Protect sensitive data – PCI, CPNI, SPII – in both Oracle and non- Oracle Databases  Monitor database threats, including SQL injection attacks and data Provider of wireless voice, harvesting, without having to change application code messaging, and data  Full visibility into database activity services throughout the U.S. Fourth largest wireless  Understand what types of changes are being made to sensitive data company in the U.S. with Solution more than 35 million subscribers  Addresses data security with Database Firewall, TDE, Data Masking Industry: Telecom as comprehensive database security defense-in-depth strategy  Database activity monitoring prevents insider and external threats  Deployed and setup within a few hours; already protected against a few compromised accounts that were harvesting data 24 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 24. SquareTwo Financial Addresses Regulatory Compliance, Enables Separation of Duties Challenge  Comply with a number of regulations: GLBA, HIPAA, SOX, and PCI  Prove separation of duties for Sarbanes-Oxley compliance  Quickly scale IT Security to address fast 37% company growth Leader in $100 billion asset recovery and management  Minimal disruption to 5.9 million accounts while maintaining growth industry  Secure Exadata Database Machine with no application changes Partner Network used by Fortune 500 companies in Solution banking, credit card, and  Addresses compliance with Database Firewall, TDE, Data Masking health care as comprehensive database security defense-in-depth strategy Industry: Financial Services  Database activity monitoring to protect against insider and external threats, including SQL injection attacks  Securing Exadata and SQL Server database activity 25 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 25. TransUnion Interactive Addresses Regulatory Compliance, Secures Sensitive Data Challenge  Maintain PCI DSS, SOX, and GLBA compliance  Increase database traffic visibility; detect and monitor activity  Increase database security and monitor for application SQL Consumer subsidiary of injection attacks TransUnion, a global leader in credit information  Detect and prevent application by-pass and data harvesting Maintains credit histories on Solution over 500 million consumers globally  Deployed Database Firewall in one month; monitor database traffic Industry: Financial Services  Achieved 10k transactions/sec while maintaining performance  Using reports to monitor traffic and manage workloads and capacity  Use Oracle Advanced Security to encrypt tablespaces 26 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 26. For More Information Oracle Audit Vault and Database Firewall 27 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 27. Q&A 28 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 28. 29 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.

Notes de l'éditeur

  1. Last updated December 12, 2012
  2. Introducing Oracle Audit Vault and Database Firewallhttps://event.on24.com/eventRegistration/EventLobbyServlet?target=registration.jsp&eventid=541890&sessionid=1&key=E38B905176AAA94A27C94F87B829007A&partnerref=ocom_sec_db12122012&sourcepage=registerJoin us to hear about a new Oracle product that monitors Oracle and non-Oracle database traffic, detects unauthorized activity including SQL injection attacks, and blocks internal and external threats from reaching the database. In addition this new product collects and consolidates audit data from databases, operating systems, directories, and any custom template-defined source into a centralized, secure warehouse. This new enterprise security monitoring and auditing platform allows organizations to quickly detect and respond to threats with powerful real-time policy analysis, alerting and reporting capabilities. Based on proven SQL grammar analysis that ensures accuracy, performance, and scalability, organizations can deploy with confidence in any mode. Hear how organizations such as TransUnion Interactive and SquareTwo Financial rely on Oracle today to monitor and secure their Oracle and non-Oracle database environments.
  3. http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf
  4. http://joelbrenner.com/america-the-vulnerable/#excerpthttp://joelbrenner.com/wordpress/wp-content/uploads/2011/09/AMERICA_THE_VULNERABLE_JOEL_BRENNER_EXCERPT.pdf
  5. Key point to communicate:This new product provides customers the operational flexibility to deploy the monitoring they need based on the sensitivity and security requirements of their databases.Key features includeMonitor and control database activity on the network. Firewall can allow, log, alert, substitute and block on SQL statements on the networkFirewall uses a SQL grammar analysis engine for high performance and accuracy, an approach that is superior to 1st generation database firewalls that relied on regular expressionsPrevent SQL injections, unauthorized database access, misuse of database privilegeCapture and log database interactions on the network for forensic analysis and compliance reportingConsolidate database audit data from Oracle and non-Oracle into secure centralized repositoryConsolidate audit data from MSFT Active directory and SolarisConsolidate application specific audit Detect and alert on suspicious activities, including privileged userOut-of-the box compliance reports for SOX, PCI, and other regulationsStreamline audits: report generation, notification, attestation, archiving
  6. High performanceDecision time is not influenced by the number of rules in the policyMulti-device / multi-process / multi-core scalabilityMinimal maintenance impactDeployed independently of secured databases and their hosts
  7. Oracle Customers Address Data Security and Compliance with Database FirewallHear how T-Mobile, TransUnion Interactive, and SquareTwo Financial protect sensitive enterprise data and meet regulatory compliance with ease using Oracle Database FirewallVideo:T-Mobile Protects 35 Million Subscribers with Oracle Database SecurityPodcast:T-Mobile Secures Enterprise Data with Defense-in-Depth Security for Oracle and non-Oracle DatabasesT-Mobile USA provides wireless voice, messaging, and data services throughout the United States and protects sensitive enterprise data with Oracle Database defense-in-depth security solutions. Alex MacKnight, principal architect of corporate information security, explains how they use Oracle Database Firewall, Oracle Advanced Security, and Oracle Data Masking to secure sensitive data across the organization in both Oracle and non-Oracle databases.
  8. Video: SquareTwo Enables Development Efficiency and Compliance with OraclePodcast: SquareTwo Financial Enables Compliance and Fast Growth with Oracle Database SecuritySquareTwo Financial, a leader in the $100 billion asset recovery and management industry, enables fast growth and regulatory compliance with Oracle Database Security defense-in-depth solutions. Hear J-T Gaietto, manager of information security, discuss how they use Oracle Database Firewall, Oracle Data Masking, and Oracle Advanced Security.
  9. TransUnion Interactive Uses Database Firewall for ComplianceHear how TransUnion Interactive protects customer data and meets regulatory compliance with database activity monitoring using Oracle Database Firewall