Your SlideShare is downloading. ×
0
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Ppt dbsec-oow2013-avdf

333

Published on

Oracle Open World 2013 session …

Oracle Open World 2013 session
Database Security
Oracle Audit Vault and Database Firewall

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
333
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
21
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Oracle Audit Vault and Database Firewall : First Line of Defense In Data Security Melody Liu Senior Principal Product Manager Oracle Database Security
  • 2. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.2 Program Agenda  Introduction  Overview of Oracle Audit Vault and Database Firewall  Key Features  Demo  Q&A
  • 3. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.3 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
  • 4. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.4 Oracle Audit Vault and Database Firewall Overview
  • 5. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.5 Oracle Database Security Solutions Defense-in-Depth for Maximum Security Activity Monitoring Database Firewall Auditing and Reporting DETECTIVE Redaction and Masking Privileged User Controls Encryption PREVENTIVE ADMINISTRATIVE Sensitive Data Discovery Configuration Management Privilege Analysis
  • 6. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.6 Oracle Audit Vault and Database Firewall APPS Users AUDIT VAULT Firewall Events Database Firewall AUDIT DATA Operating Systems File Systems Directories Custom Audit Data Reports !Alerts Policies Auditor Security Manager
  • 7. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.7 Heterogeneous Enterprise Auditing Collection with Audit Vault Server
  • 8. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.8 Heterogeneous Enterprise Auditing Collection with Audit Vault Server AUDIT VAULT
  • 9. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.9 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
  • 10. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.10 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
  • 11. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.11 Audit Vault Server Central Repository of Audit Event Data
  • 12. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.12 Audit Vault Server Central Repository of Audit Event Data
  • 13. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.13 Audit Vault Server Central Repository of Audit Event Data
  • 14. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.14 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
  • 15. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.15 Audit Vault Server Extensive and Customizable Reporting Dozens of predefined reports Flexible interactive browsing Customizable reporting Scheduling, notification & attestation
  • 16. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.16 Audit Vault Server Extensive and Customizable Reporting – Entitlement Report Create meaningful users. Remove snapshot time, tablespace
  • 17. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.17 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
  • 18. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.18 Audit Vault Server Powerful Alerting
  • 19. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.19
  • 20. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.20 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
  • 21. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.21 Audit Vault Server  Built on Proven Oracle Technology  Secure – Fine-grained security groups – Strict separation of Duty  Life Cycle Management for Audit Event Data  3rd Party Integration & Custom Collection plug-in Enterprise Scale Deployment
  • 22. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.22 Audit Vault Server Summary Heterogeneous Enterprise Audit Collection AUDIT VAULT
  • 23. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.23  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Audit Vault Server Summary Heterogeneous Enterprise Audit Collection
  • 24. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.24 Database Monitoring with Database Firewall
  • 25. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.25 SQL Injection #1 Risks on OWASP Most Critical Application Security Risks - 2013 • Anyone who can sent untrusted data to the database including external users, internal users, and administrators Threat Agent • EASY • Attacker sends text based attacks that exploit the uncleansed syntax Attack Vector • SEVERE • Injection can result in data loss or corruption, lack of accountability or complete host takeover Impact
  • 26. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.26 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
  • 27. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.27 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
  • 28. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.28 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
  • 29. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.29 Database Firewall Flexible Deployment Models
  • 30. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.30 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
  • 31. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.31 Database Firewall SQL Injection Protection with Positive Policing Model White List Applications Block Allow SELECT * from stock where catalog-no='PHE8131' SELECT * from stock where catalog-no=‘ ' union select cardNo,0,0 from Orders --’ • Define “allowed” behavior for any user or application • Automated whitelist generation for any application • Out-of-policy Database network interactions instantly blocked Databases
  • 32. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.32 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
  • 33. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.33 Database Firewall Constraining Activity with Negative Policing Model • Stop specific “non-authorized” SQL interactions, user or schema access • Blacklisting can be done on IP address, application, DB user, OS user • Provide flexibility to authorized users while still monitoring activity Black List Block Allow LogSELECT * from stock SELECT * from stock Databases Non-authorized user activity Legitimate data access
  • 34. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.34 Other Key AVDF Features  Distributed as Soft Appliance  One Web UI Management Console for Admin and Auditor  Fine-Grained Security Groups  Strict Separation of Duty  Command Line Client for Automation and Scripting Easy Installation & Administration
  • 35. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.35 Enterprise Manager Cloud Control 12c Integration  EM integration Database plugin 12.1.0.5
  • 36. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.36 Summary in 1 Slide
  • 37. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.37 Oracle Audit Vault and Database Firewall APPS Users AUDIT VAULT Firewall Events Database Firewall Reports !Alerts Policies Auditor Security Manager AUDIT DATA Operating Systems File Systems Directories Custom Audit Data
  • 38. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.38 Oracle Database Security Sessions Time Session Title Monday 12:15 - 1:15 pm Security Inside-Out with Oracle Database 12c Monday 1:45 - 2:45 pm Oracle Database 12c Real Application Security for Oracle Application Express Monday 1:45 - 2:45 pm Oracle Audit Vault and Database Firewall: First Line of Defense in Data Security Monday 4:45 – 5:45 pm Introducing Oracle Key Vault: Enterprise Database Encryption Key Management Tuesday 3:45 – 4:45 New security capabilities in Oracle Database 12c Tuesday 5:15 – 6:15 pm Oracle Audit Vault and Database Firewall: Deployment Best Practices Wednesday 11:45 – 12:45 pm Oracle Database Security Solutions Customer Panel: Real-World Case Studies Wednesday 3:30 – 4:30 pm DBA Best Practices for Protecting Data Privacy with Oracle’s Data Masking Wednesday 5:00 – 6:00 pm Sensitive Data Redaction with Oracle Database 12c
  • 39. Complimentary eBook Register Now www.mhprofessional.com/dbsec Use Code: db12c
  • 40. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.40

×