Product Report: Oracle Database Vault/Oracle Audit Vault - 70112
Report Details
The market for Database Security involves a number of different technical solution approaches which are not covered by a single product, but instead require a set of different products and features in order to secure content in databases. As a result, there are many different solutions on offer in the market today. In this report we will focus on Oracle Database Vault and Oracle Audit Vault which are two products covering two distinct areas of database security, the first one focusing on preventive controls and the other on detective controls.
Oracle Database Vault deals with privileged access to data by implementing policies which restrict and control access of privileged users and thus mitigate the associated security risks. Oracle tightly integrated Database Vault with the Oracle Database kernel to ensure policies cannot be by-passed and performance overhead is neglible. Privileged users are now considered to be one of the biggest threats to database security for companies, organizations and government agencies. Database administrators (DBAs) are the most prevalent type of privileged users with potential access to all information in databases, besides application/technical users which have frequently somewhat limited access. Having their accounts being abused thus imposes the biggest risk.
Oracle Audit Vault is a second key product in Oracle’s database security portfolio. It also supports da-tabases from different vendors, including Microsoft SQL Server, IBM DB2 UDB, and SAP Sybase. Audit Vault consolidates audit data from different database servers. These can be analyzed in reports through a large number of out-of-the-box reports. The product also supports alerts on security threats.
As a detective control for different databases, Oracle Audit Vault can be used in a pretty straightfor-ward way. Oracle Database Vault, however, requires a good deal of planning. The pre-configured integration with several core business applications can help reduce the effort involved. Nevertheless, adequate organizational policies must be in place for deployment to be successful.
KuppingerCole strongly recommends defining a holistic security strategy in order to identify the necessary database security technologies beforehand. Within their separate technical categories, we consider Oracle Database Vault and Oracle Audit Vault to be products well worthy of further evaluation.
| Date | Title | Price | |
|---|---|---|---|
| Apr 27, 2011 |
Product Report: Oracle Database Vault/Oracle Audit Vault - 70112The market for Database Security involves a number of different technical solution approaches which are not covered by a single product, but instead require a set of different products and features in order to secure content in databases. As a result, there are many different solutions on… |
€95.00 |
Get Access
|
|
|||
Latest Related Reports
Discover KuppingerCole
KuppingerCole Select
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.
Blog
Beyond simplistic: Achieving compliance through standards and interoperability
"There is always an easy solution to every problem - neat, plausible, and wrong. (H.L. Mencken) Finally, it's beginning: GDPR gains more and more visibility. Do you also get more and more GDPR-related marketing communication from IAM and security vendors, consulting firms and, ehm, analyst [...]
Latest Insights
Hot Topics
Spotlight
Learn more
Connected Consumer
When dealing with consumers and customers directly the most important asset for any forward-thinking organisation is the data provided and collected for these new type of identities. The appropriate management of consumer identities is of utmost importance. Handing over personal data to a commercial organisation the consumer typically does this with two contrasting expectations. On one hand the consumer wants to benefit from the organisation as a contract partner for goods or services. Customer-facing organizations get into direct contact with their customers today as they are accessing their [...]