Your SlideShare is downloading. ×
Introducing Oracle Audit Vault and Database Firewall
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Introducing Oracle Audit Vault and Database Firewall

2,947
views

Published on

Join us to hear about a new Oracle product that monitors Oracle and non-Oracle database traffic, detects unauthorized activity including SQL injection attacks, and blocks internal and external threats …

Join us to hear about a new Oracle product that monitors Oracle and non-Oracle database traffic, detects unauthorized activity including SQL injection attacks, and blocks internal and external threats from reaching the database. In addition this new product collects and consolidates audit data from databases, operating systems, directories, and any custom template-defined source into a centralized, secure warehouse. This new enterprise security monitoring and auditing platform allows organizations to quickly detect and respond to threats with powerful real-time policy analysis, alerting and reporting capabilities. Based on proven SQL grammar analysis that ensures accuracy, performance, and scalability, organizations can deploy with confidence in any mode. You will also hear how organizations such as TransUnion Interactive and SquareTwo Financial rely on Oracle today to monitor and secure their Oracle and non-Oracle database environments.

Published in: Technology

0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,947
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
207
Comments
0
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Last updated December 12, 2012
  • Introducing Oracle Audit Vault and Database Firewallhttps://event.on24.com/eventRegistration/EventLobbyServlet?target=registration.jsp&eventid=541890&sessionid=1&key=E38B905176AAA94A27C94F87B829007A&partnerref=ocom_sec_db12122012&sourcepage=registerJoin us to hear about a new Oracle product that monitors Oracle and non-Oracle database traffic, detects unauthorized activity including SQL injection attacks, and blocks internal and external threats from reaching the database. In addition this new product collects and consolidates audit data from databases, operating systems, directories, and any custom template-defined source into a centralized, secure warehouse. This new enterprise security monitoring and auditing platform allows organizations to quickly detect and respond to threats with powerful real-time policy analysis, alerting and reporting capabilities. Based on proven SQL grammar analysis that ensures accuracy, performance, and scalability, organizations can deploy with confidence in any mode. Hear how organizations such as TransUnion Interactive and SquareTwo Financial rely on Oracle today to monitor and secure their Oracle and non-Oracle database environments.
  • http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf
  • http://joelbrenner.com/america-the-vulnerable/#excerpthttp://joelbrenner.com/wordpress/wp-content/uploads/2011/09/AMERICA_THE_VULNERABLE_JOEL_BRENNER_EXCERPT.pdf
  • Key point to communicate:This new product provides customers the operational flexibility to deploy the monitoring they need based on the sensitivity and security requirements of their databases.Key features includeMonitor and control database activity on the network. Firewall can allow, log, alert, substitute and block on SQL statements on the networkFirewall uses a SQL grammar analysis engine for high performance and accuracy, an approach that is superior to 1st generation database firewalls that relied on regular expressionsPrevent SQL injections, unauthorized database access, misuse of database privilegeCapture and log database interactions on the network for forensic analysis and compliance reportingConsolidate database audit data from Oracle and non-Oracle into secure centralized repositoryConsolidate audit data from MSFT Active directory and SolarisConsolidate application specific audit Detect and alert on suspicious activities, including privileged userOut-of-the box compliance reports for SOX, PCI, and other regulationsStreamline audits: report generation, notification, attestation, archiving
  • High performanceDecision time is not influenced by the number of rules in the policyMulti-device / multi-process / multi-core scalabilityMinimal maintenance impactDeployed independently of secured databases and their hosts
  • Oracle Customers Address Data Security and Compliance with Database FirewallHear how T-Mobile, TransUnion Interactive, and SquareTwo Financial protect sensitive enterprise data and meet regulatory compliance with ease using Oracle Database FirewallVideo:T-Mobile Protects 35 Million Subscribers with Oracle Database SecurityPodcast:T-Mobile Secures Enterprise Data with Defense-in-Depth Security for Oracle and non-Oracle DatabasesT-Mobile USA provides wireless voice, messaging, and data services throughout the United States and protects sensitive enterprise data with Oracle Database defense-in-depth security solutions. Alex MacKnight, principal architect of corporate information security, explains how they use Oracle Database Firewall, Oracle Advanced Security, and Oracle Data Masking to secure sensitive data across the organization in both Oracle and non-Oracle databases.
  • Video: SquareTwo Enables Development Efficiency and Compliance with OraclePodcast: SquareTwo Financial Enables Compliance and Fast Growth with Oracle Database SecuritySquareTwo Financial, a leader in the $100 billion asset recovery and management industry, enables fast growth and regulatory compliance with Oracle Database Security defense-in-depth solutions. Hear J-T Gaietto, manager of information security, discuss how they use Oracle Database Firewall, Oracle Data Masking, and Oracle Advanced Security.
  • TransUnion Interactive Uses Database Firewall for ComplianceHear how TransUnion Interactive protects customer data and meets regulatory compliance with database activity monitoring using Oracle Database Firewall
  • Transcript

    • 1. 1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 2. IntroducingOracle Audit Vault andDatabase Firewall
    • 3. Billions of Database Records Breached Globally 97% of Breaches Were Avoidable with Basic Controls 98% records stolen from databases 84% records breached using stolen credentials 71% fell within minutes 92% discovered by third party3 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 4. Why are Databases so Vulnerable? 80% of IT Security Programs Don’t Address Database SecurityForrester Research Network Security “Enterprises are taking on risks Authentication SIEM & User Security that they may not even be aware of. Especially as more and more Email Security Endpoint attacks against databases exploit Database Security Security legitimate access.” Web Application Firewall 5 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 5. Oracle Database Security Solutions Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management6 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 6. Oracle Database Security Solutions Detect and Block Threats, Alert, Audit and Report PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management7 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 7. Oracle Audit Vault and Database Firewall New Solution for Oracle and Non-Oracle Databases Database Firewall Users Allow Log Alert Applications Substitute Block Firewall Events Auditor Reports Audit Data Alerts ! Security Manager Policies OS, Directory, File System & Custom Audit Logs Audit Vault8 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 8. Oracle Audit Vault and Database Firewall SQL Injection Protection with Positive Security Model SELECT * from stock White List where catalog-no=PHE8131 Allow Block Applications SELECT * from stock where catalog-no=‘ Databases union select cardNo,0,0 from Orders --’ • “Allowed” behavior can be defined for any user or application • Automated white list generation for any application • Out-of-policy database transaction detected and blocked/alerted9 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 9. Oracle Audit Vault and Database Firewall Enforcing Database Activity with Negative Security Model SELECT * FROM v$session Black List Block DBA activity from Application? SELECT * FROM Allow + Log DBA activity from v$session Approved Workstation • Stop specific unwanted SQL interactions, user or schema access • Blacklisting can be done on factors such as time of day, day of week, network, application, user name, OS user name etc • Provide flexibility to authorized users while still monitoring activity10 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 10. Oracle Audit Vault and Database Firewall Comprehensive Enterprise Audit and Log Consolidation  Databases: Oracle, SQL Server, DB2 LUW, Sybase ASE  New Audit Sources – Operating Systems: Microsoft Windows, Solaris – Directory Services: Active Directory – File Systems: Oracle ACFS  Audit Collection Plugins for Custom Audit Sources – XML file maps custom audit elements to canonical audit elements – Collect and map data from XML audit file and database tables11 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 11. Oracle Audit Vault and Database Firewall Audit and Event Repository  Based on proven Oracle Database technology – Includes compression, partitioning, scalability, high availability, etc. – Open schema for flexible reporting  Information lifecycle management for target specific data retention  Centralized web console for easy administration  Command line utility for automation and scripting12 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 12. Oracle Audit Vault and Database Firewall Audit and Event Data Security  Software appliance based on hardened OS and pre- configured database  Fine-grained administrative groups – Sources can be grouped for access authorization – Individual auditor reports limited to data from the „grouped‟ sources  Separation of duties  Powerful multi-event alerting with thresholds and group-by13 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 13. Oracle Audit Vault and Database Firewall Single Administrator Console14 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 14. Oracle Audit Vault and Database Firewall Default Reports15 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 15. Oracle Audit Vault and Database Firewall Out-of-the Box Compliance Reporting16 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 16. Oracle Audit Vault and Database Firewall Report with Data from Multiple Source Types17 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 17. Oracle Audit Vault and Database Firewall Auditing Stored Procedure Calls – Not Visible on the Network18 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 18. Oracle Audit Vault and Database Firewall Extensive Audit Details19 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 19. Oracle Audit Vault and Database Firewall Blocking SQL Injection Attacks20 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 20. Oracle Audit Vault and Database Firewall Powerful Alerting Filter Conditions21 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 21. Oracle Audit Vault and Database Firewall Flexible Deployment Architectures In-Line Blocking and Monitoring Remote Monitoring Out-of-Band Monitoring Applications and Users HA Mode Inbound SQL Traffic Audit Agents Audit Vault Audit Data Audit Vault Primary Standby Software Appliances22 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 22. Oracle Audit Vault and Database Firewall Performance and Scalability  Audit Vault – Supports monitoring and auditing multiple hundreds of heterogeneous database and non-database targets – Supports wide range of hardware to meet load requirements  Database Firewall – Decision time is independent of the number of rules in the policy – Multi-device / multi-process / multi-core scalability – 8 core can handle between 30K – 60K transactions/second23 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 23. T-Mobile Protecting Customer Data in Oracle and non-Oracle Databases Challenge  Protect sensitive data – PCI, CPNI, SPII – in both Oracle and non- Oracle Databases  Monitor database threats, including SQL injection attacks and data Provider of wireless voice, harvesting, without having to change application code messaging, and data  Full visibility into database activity services throughout the U.S. Fourth largest wireless  Understand what types of changes are being made to sensitive data company in the U.S. with Solution more than 35 million subscribers  Addresses data security with Database Firewall, TDE, Data Masking Industry: Telecom as comprehensive database security defense-in-depth strategy  Database activity monitoring prevents insider and external threats  Deployed and setup within a few hours; already protected against a few compromised accounts that were harvesting data24 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 24. SquareTwo Financial Addresses Regulatory Compliance, Enables Separation of Duties Challenge  Comply with a number of regulations: GLBA, HIPAA, SOX, and PCI  Prove separation of duties for Sarbanes-Oxley compliance  Quickly scale IT Security to address fast 37% company growth Leader in $100 billion asset recovery and management  Minimal disruption to 5.9 million accounts while maintaining growth industry  Secure Exadata Database Machine with no application changes Partner Network used by Fortune 500 companies in Solution banking, credit card, and  Addresses compliance with Database Firewall, TDE, Data Masking health care as comprehensive database security defense-in-depth strategy Industry: Financial Services  Database activity monitoring to protect against insider and external threats, including SQL injection attacks  Securing Exadata and SQL Server database activity25 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 25. TransUnion Interactive Addresses Regulatory Compliance, Secures Sensitive Data Challenge  Maintain PCI DSS, SOX, and GLBA compliance  Increase database traffic visibility; detect and monitor activity  Increase database security and monitor for application SQL Consumer subsidiary of injection attacks TransUnion, a global leader in credit information  Detect and prevent application by-pass and data harvesting Maintains credit histories on Solution over 500 million consumers globally  Deployed Database Firewall in one month; monitor database traffic Industry: Financial Services  Achieved 10k transactions/sec while maintaining performance  Using reports to monitor traffic and manage workloads and capacity  Use Oracle Advanced Security to encrypt tablespaces26 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 26. For More Information Oracle Audit Vault and Database Firewall27 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 27. Q&A28 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
    • 28. 29 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.