Ppt dbsec-oow2013-avdf

685 views

Published on

Oracle Open World 2013 session
Database Security
Oracle Audit Vault and Database Firewall

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
685
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
39
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Ppt dbsec-oow2013-avdf

  1. 1. Oracle Audit Vault and Database Firewall : First Line of Defense In Data Security Melody Liu Senior Principal Product Manager Oracle Database Security
  2. 2. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.2 Program Agenda  Introduction  Overview of Oracle Audit Vault and Database Firewall  Key Features  Demo  Q&A
  3. 3. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.3 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
  4. 4. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.4 Oracle Audit Vault and Database Firewall Overview
  5. 5. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.5 Oracle Database Security Solutions Defense-in-Depth for Maximum Security Activity Monitoring Database Firewall Auditing and Reporting DETECTIVE Redaction and Masking Privileged User Controls Encryption PREVENTIVE ADMINISTRATIVE Sensitive Data Discovery Configuration Management Privilege Analysis
  6. 6. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.6 Oracle Audit Vault and Database Firewall APPS Users AUDIT VAULT Firewall Events Database Firewall AUDIT DATA Operating Systems File Systems Directories Custom Audit Data Reports !Alerts Policies Auditor Security Manager
  7. 7. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.7 Heterogeneous Enterprise Auditing Collection with Audit Vault Server
  8. 8. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.8 Heterogeneous Enterprise Auditing Collection with Audit Vault Server AUDIT VAULT
  9. 9. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.9 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
  10. 10. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.10 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
  11. 11. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.11 Audit Vault Server Central Repository of Audit Event Data
  12. 12. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.12 Audit Vault Server Central Repository of Audit Event Data
  13. 13. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.13 Audit Vault Server Central Repository of Audit Event Data
  14. 14. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.14 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
  15. 15. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.15 Audit Vault Server Extensive and Customizable Reporting Dozens of predefined reports Flexible interactive browsing Customizable reporting Scheduling, notification & attestation
  16. 16. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.16 Audit Vault Server Extensive and Customizable Reporting – Entitlement Report Create meaningful users. Remove snapshot time, tablespace
  17. 17. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.17 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
  18. 18. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.18 Audit Vault Server Powerful Alerting
  19. 19. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.19
  20. 20. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.20 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
  21. 21. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.21 Audit Vault Server  Built on Proven Oracle Technology  Secure – Fine-grained security groups – Strict separation of Duty  Life Cycle Management for Audit Event Data  3rd Party Integration & Custom Collection plug-in Enterprise Scale Deployment
  22. 22. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.22 Audit Vault Server Summary Heterogeneous Enterprise Audit Collection AUDIT VAULT
  23. 23. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.23  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Audit Vault Server Summary Heterogeneous Enterprise Audit Collection
  24. 24. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.24 Database Monitoring with Database Firewall
  25. 25. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.25 SQL Injection #1 Risks on OWASP Most Critical Application Security Risks - 2013 • Anyone who can sent untrusted data to the database including external users, internal users, and administrators Threat Agent • EASY • Attacker sends text based attacks that exploit the uncleansed syntax Attack Vector • SEVERE • Injection can result in data loss or corruption, lack of accountability or complete host takeover Impact
  26. 26. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.26 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
  27. 27. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.27 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
  28. 28. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.28 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
  29. 29. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.29 Database Firewall Flexible Deployment Models
  30. 30. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.30 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
  31. 31. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.31 Database Firewall SQL Injection Protection with Positive Policing Model White List Applications Block Allow SELECT * from stock where catalog-no='PHE8131' SELECT * from stock where catalog-no=‘ ' union select cardNo,0,0 from Orders --’ • Define “allowed” behavior for any user or application • Automated whitelist generation for any application • Out-of-policy Database network interactions instantly blocked Databases
  32. 32. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.32 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
  33. 33. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.33 Database Firewall Constraining Activity with Negative Policing Model • Stop specific “non-authorized” SQL interactions, user or schema access • Blacklisting can be done on IP address, application, DB user, OS user • Provide flexibility to authorized users while still monitoring activity Black List Block Allow LogSELECT * from stock SELECT * from stock Databases Non-authorized user activity Legitimate data access
  34. 34. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.34 Other Key AVDF Features  Distributed as Soft Appliance  One Web UI Management Console for Admin and Auditor  Fine-Grained Security Groups  Strict Separation of Duty  Command Line Client for Automation and Scripting Easy Installation & Administration
  35. 35. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.35 Enterprise Manager Cloud Control 12c Integration  EM integration Database plugin 12.1.0.5
  36. 36. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.36 Summary in 1 Slide
  37. 37. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.37 Oracle Audit Vault and Database Firewall APPS Users AUDIT VAULT Firewall Events Database Firewall Reports !Alerts Policies Auditor Security Manager AUDIT DATA Operating Systems File Systems Directories Custom Audit Data
  38. 38. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.38 Oracle Database Security Sessions Time Session Title Monday 12:15 - 1:15 pm Security Inside-Out with Oracle Database 12c Monday 1:45 - 2:45 pm Oracle Database 12c Real Application Security for Oracle Application Express Monday 1:45 - 2:45 pm Oracle Audit Vault and Database Firewall: First Line of Defense in Data Security Monday 4:45 – 5:45 pm Introducing Oracle Key Vault: Enterprise Database Encryption Key Management Tuesday 3:45 – 4:45 New security capabilities in Oracle Database 12c Tuesday 5:15 – 6:15 pm Oracle Audit Vault and Database Firewall: Deployment Best Practices Wednesday 11:45 – 12:45 pm Oracle Database Security Solutions Customer Panel: Real-World Case Studies Wednesday 3:30 – 4:30 pm DBA Best Practices for Protecting Data Privacy with Oracle’s Data Masking Wednesday 5:00 – 6:00 pm Sensitive Data Redaction with Oracle Database 12c
  39. 39. Complimentary eBook Register Now www.mhprofessional.com/dbsec Use Code: db12c
  40. 40. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.40

×