SlideShare una empresa de Scribd logo

Ppt dbsec-oow2013-avdf

Descargar como PPSX, PDF
Melody Liu
Melody Liu

Oracle Open World 2013 session Database Security Oracle Audit Vault and Database Firewall

InternetTecnologíaNoticias y política
1 de 40
Oracle Audit Vault and Database Firewall : First Line of Defense In Data Security Melody Liu Senior Principal Product Manager Oracle Database Security
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.2 Program Agenda  Introduction  Overview of Oracle Audit Vault and Database Firewall  Key Features  Demo  Q&A
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.3 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.4 Oracle Audit Vault and Database Firewall Overview
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.5 Oracle Database Security Solutions Defense-in-Depth for Maximum Security Activity Monitoring Database Firewall Auditing and Reporting DETECTIVE Redaction and Masking Privileged User Controls Encryption PREVENTIVE ADMINISTRATIVE Sensitive Data Discovery Configuration Management Privilege Analysis
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.6 Oracle Audit Vault and Database Firewall APPS Users AUDIT VAULT Firewall Events Database Firewall AUDIT DATA Operating Systems File Systems Directories Custom Audit Data Reports !Alerts Policies Auditor Security Manager
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.7 Heterogeneous Enterprise Auditing Collection with Audit Vault Server
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.8 Heterogeneous Enterprise Auditing Collection with Audit Vault Server AUDIT VAULT
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.9 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.10 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.11 Audit Vault Server Central Repository of Audit Event Data
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.12 Audit Vault Server Central Repository of Audit Event Data
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.13 Audit Vault Server Central Repository of Audit Event Data
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.14 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.15 Audit Vault Server Extensive and Customizable Reporting Dozens of predefined reports Flexible interactive browsing Customizable reporting Scheduling, notification & attestation
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.16 Audit Vault Server Extensive and Customizable Reporting – Entitlement Report Create meaningful users. Remove snapshot time, tablespace
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.17 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.18 Audit Vault Server Powerful Alerting
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.19
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.20 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.21 Audit Vault Server  Built on Proven Oracle Technology  Secure – Fine-grained security groups – Strict separation of Duty  Life Cycle Management for Audit Event Data  3rd Party Integration & Custom Collection plug-in Enterprise Scale Deployment
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.22 Audit Vault Server Summary Heterogeneous Enterprise Audit Collection AUDIT VAULT
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.23  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Audit Vault Server Summary Heterogeneous Enterprise Audit Collection
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.24 Database Monitoring with Database Firewall
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.25 SQL Injection #1 Risks on OWASP Most Critical Application Security Risks - 2013 • Anyone who can sent untrusted data to the database including external users, internal users, and administrators Threat Agent • EASY • Attacker sends text based attacks that exploit the uncleansed syntax Attack Vector • SEVERE • Injection can result in data loss or corruption, lack of accountability or complete host takeover Impact
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.26 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.27 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.28 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.29 Database Firewall Flexible Deployment Models
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.30 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.31 Database Firewall SQL Injection Protection with Positive Policing Model White List Applications Block Allow SELECT * from stock where catalog-no='PHE8131' SELECT * from stock where catalog-no=‘ ' union select cardNo,0,0 from Orders --’ • Define “allowed” behavior for any user or application • Automated whitelist generation for any application • Out-of-policy Database network interactions instantly blocked Databases
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.32 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.33 Database Firewall Constraining Activity with Negative Policing Model • Stop specific “non-authorized” SQL interactions, user or schema access • Blacklisting can be done on IP address, application, DB user, OS user • Provide flexibility to authorized users while still monitoring activity Black List Block Allow LogSELECT * from stock SELECT * from stock Databases Non-authorized user activity Legitimate data access
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.34 Other Key AVDF Features  Distributed as Soft Appliance  One Web UI Management Console for Admin and Auditor  Fine-Grained Security Groups  Strict Separation of Duty  Command Line Client for Automation and Scripting Easy Installation & Administration
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.35 Enterprise Manager Cloud Control 12c Integration  EM integration Database plugin 12.1.0.5
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.36 Summary in 1 Slide
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.37 Oracle Audit Vault and Database Firewall APPS Users AUDIT VAULT Firewall Events Database Firewall Reports !Alerts Policies Auditor Security Manager AUDIT DATA Operating Systems File Systems Directories Custom Audit Data
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.38 Oracle Database Security Sessions Time Session Title Monday 12:15 - 1:15 pm Security Inside-Out with Oracle Database 12c Monday 1:45 - 2:45 pm Oracle Database 12c Real Application Security for Oracle Application Express Monday 1:45 - 2:45 pm Oracle Audit Vault and Database Firewall: First Line of Defense in Data Security Monday 4:45 – 5:45 pm Introducing Oracle Key Vault: Enterprise Database Encryption Key Management Tuesday 3:45 – 4:45 New security capabilities in Oracle Database 12c Tuesday 5:15 – 6:15 pm Oracle Audit Vault and Database Firewall: Deployment Best Practices Wednesday 11:45 – 12:45 pm Oracle Database Security Solutions Customer Panel: Real-World Case Studies Wednesday 3:30 – 4:30 pm DBA Best Practices for Protecting Data Privacy with Oracle’s Data Masking Wednesday 5:00 – 6:00 pm Sensitive Data Redaction with Oracle Database 12c
Complimentary eBook Register Now www.mhprofessional.com/dbsec Use Code: db12c
Copyright © 2013, Oracle and/or its affiliates. All rights reserved.40

Recomendados

Introducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database FirewallIntroducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database FirewallTroy Kitch
 
AV/DF Advanced Security Option
AV/DF Advanced Security OptionAV/DF Advanced Security Option
AV/DF Advanced Security OptionDLT Solutions
 
Presentation database security audit vault & database firewall
Presentation database security audit vault & database firewallPresentation database security audit vault & database firewall
Presentation database security audit vault & database firewallxKinAnx
 
Oracle Database Security
Oracle Database SecurityOracle Database Security
Oracle Database SecurityTroy Kitch
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 
Understanding oracle rac internals part 2 - slides
Understanding oracle rac internals part 2 - slidesUnderstanding oracle rac internals part 2 - slides
Understanding oracle rac internals part 2 - slidesMohamed Farouk
 
Dataguard presentation
Dataguard presentationDataguard presentation
Dataguard presentationVimlendu Kumar
 
Oracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12cOracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12cNabeel Yoosuf
 

Recomendados

Introducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database FirewallIntroducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database FirewallTroy Kitch
 
AV/DF Advanced Security Option
AV/DF Advanced Security OptionAV/DF Advanced Security Option
AV/DF Advanced Security OptionDLT Solutions
 
Presentation database security audit vault & database firewall
Presentation database security audit vault & database firewallPresentation database security audit vault & database firewall
Presentation database security audit vault & database firewallxKinAnx
 
Oracle Database Security
Oracle Database SecurityOracle Database Security
Oracle Database SecurityTroy Kitch
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 
Understanding oracle rac internals part 2 - slides
Understanding oracle rac internals part 2 - slidesUnderstanding oracle rac internals part 2 - slides
Understanding oracle rac internals part 2 - slidesMohamed Farouk
 
Dataguard presentation
Dataguard presentationDataguard presentation
Dataguard presentationVimlendu Kumar
 
Oracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12cOracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12cNabeel Yoosuf
 
Oracle Database Vault
Oracle Database VaultOracle Database Vault
Oracle Database VaultMarco Alamanni
 
Understanding oracle rac internals part 1 - slides
Understanding oracle rac internals part 1 - slidesUnderstanding oracle rac internals part 1 - slides
Understanding oracle rac internals part 1 - slidesMohamed Farouk
 
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best Practices
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best PracticesOracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best Practices
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best PracticesMarkus Michalewicz
 
DB Time, Average Active Sessions, and ASH Math - Oracle performance fundamentals
DB Time, Average Active Sessions, and ASH Math - Oracle performance fundamentalsDB Time, Average Active Sessions, and ASH Math - Oracle performance fundamentals
DB Time, Average Active Sessions, and ASH Math - Oracle performance fundamentalsJohn Beresniewicz
 
How to Use EXAchk Effectively to Manage Exadata Environments
How to Use EXAchk Effectively to Manage Exadata EnvironmentsHow to Use EXAchk Effectively to Manage Exadata Environments
How to Use EXAchk Effectively to Manage Exadata EnvironmentsSandesh Rao
 
Data guard architecture
Data guard architectureData guard architecture
Data guard architectureVimlendu Kumar
 
Oracle RAC Internals - The Cache Fusion Edition
Oracle RAC Internals - The Cache Fusion EditionOracle RAC Internals - The Cache Fusion Edition
Oracle RAC Internals - The Cache Fusion EditionMarkus Michalewicz
 
Oracle Audit vault
Oracle Audit vaultOracle Audit vault
Oracle Audit vaultuzzal basak
 
What's new in Oracle 19c & 18c Recovery Manager (RMAN)
What's new in Oracle 19c & 18c Recovery Manager (RMAN)What's new in Oracle 19c & 18c Recovery Manager (RMAN)
What's new in Oracle 19c & 18c Recovery Manager (RMAN)Satishbabu Gunukula
 
Oracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret InternalsOracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret InternalsAnil Nair
 
Oracle RAC features on Exadata
Oracle RAC features on ExadataOracle RAC features on Exadata
Oracle RAC features on ExadataAnil Nair
 
Active dataguard
Active dataguardActive dataguard
Active dataguardManoj Kumar
 
Oracle architecture ppt
Oracle architecture pptOracle architecture ppt
Oracle architecture pptDeepak Shetty
 
Oracle Database Introduction
Oracle Database IntroductionOracle Database Introduction
Oracle Database IntroductionChhom Karath
 
Oracle RAC 12c Best Practices with Appendices DOAG2013
Oracle RAC 12c Best Practices with Appendices DOAG2013Oracle RAC 12c Best Practices with Appendices DOAG2013
Oracle RAC 12c Best Practices with Appendices DOAG2013Markus Michalewicz
 
DOAG Oracle Unified Audit in Multitenant Environments
DOAG Oracle Unified Audit in Multitenant EnvironmentsDOAG Oracle Unified Audit in Multitenant Environments
DOAG Oracle Unified Audit in Multitenant EnvironmentsStefan Oehrli
 
Oracle 資料庫建立
Oracle 資料庫建立Oracle 資料庫建立
Oracle 資料庫建立Chien Chung Shen
 
153 Oracle dba interview questions
153 Oracle dba interview questions153 Oracle dba interview questions
153 Oracle dba interview questionsSandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Oracle sharding : Installation & Configuration
Oracle sharding : Installation & ConfigurationOracle sharding : Installation & Configuration
Oracle sharding : Installation & Configurationsuresh gandhi
 
Indexes and Indexing in Oracle 12c
Indexes and Indexing in Oracle 12cIndexes and Indexing in Oracle 12c
Indexes and Indexing in Oracle 12cOren Nakdimon
 
Security Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cSecurity Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cTroy Kitch
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteEdgar Alejandro Villegas
 

Más contenido relacionado

La actualidad más candente

Understanding oracle rac internals part 1 - slides
Understanding oracle rac internals part 1 - slidesUnderstanding oracle rac internals part 1 - slides
Understanding oracle rac internals part 1 - slidesMohamed Farouk
 
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best Practices
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best PracticesOracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best Practices
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best PracticesMarkus Michalewicz
 
DB Time, Average Active Sessions, and ASH Math - Oracle performance fundamentals
DB Time, Average Active Sessions, and ASH Math - Oracle performance fundamentalsDB Time, Average Active Sessions, and ASH Math - Oracle performance fundamentals
DB Time, Average Active Sessions, and ASH Math - Oracle performance fundamentalsJohn Beresniewicz
 
How to Use EXAchk Effectively to Manage Exadata Environments
How to Use EXAchk Effectively to Manage Exadata EnvironmentsHow to Use EXAchk Effectively to Manage Exadata Environments
How to Use EXAchk Effectively to Manage Exadata EnvironmentsSandesh Rao
 
Data guard architecture
Data guard architectureData guard architecture
Data guard architectureVimlendu Kumar
 
Oracle RAC Internals - The Cache Fusion Edition
Oracle RAC Internals - The Cache Fusion EditionOracle RAC Internals - The Cache Fusion Edition
Oracle RAC Internals - The Cache Fusion EditionMarkus Michalewicz
 
Oracle Audit vault
Oracle Audit vaultOracle Audit vault
Oracle Audit vaultuzzal basak
 
What's new in Oracle 19c & 18c Recovery Manager (RMAN)
What's new in Oracle 19c & 18c Recovery Manager (RMAN)What's new in Oracle 19c & 18c Recovery Manager (RMAN)
What's new in Oracle 19c & 18c Recovery Manager (RMAN)Satishbabu Gunukula
 
Oracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret InternalsOracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret InternalsAnil Nair
 
Oracle RAC features on Exadata
Oracle RAC features on ExadataOracle RAC features on Exadata
Oracle RAC features on ExadataAnil Nair
 
Active dataguard
Active dataguardActive dataguard
Active dataguardManoj Kumar
 
Oracle architecture ppt
Oracle architecture pptOracle architecture ppt
Oracle architecture pptDeepak Shetty
 
Oracle Database Introduction
Oracle Database IntroductionOracle Database Introduction
Oracle Database IntroductionChhom Karath
 
Oracle RAC 12c Best Practices with Appendices DOAG2013
Oracle RAC 12c Best Practices with Appendices DOAG2013Oracle RAC 12c Best Practices with Appendices DOAG2013
Oracle RAC 12c Best Practices with Appendices DOAG2013Markus Michalewicz
 
DOAG Oracle Unified Audit in Multitenant Environments
DOAG Oracle Unified Audit in Multitenant EnvironmentsDOAG Oracle Unified Audit in Multitenant Environments
DOAG Oracle Unified Audit in Multitenant EnvironmentsStefan Oehrli
 
Oracle sharding : Installation & Configuration
Oracle sharding : Installation & ConfigurationOracle sharding : Installation & Configuration
Oracle sharding : Installation & Configurationsuresh gandhi
 
Indexes and Indexing in Oracle 12c
Indexes and Indexing in Oracle 12cIndexes and Indexing in Oracle 12c
Indexes and Indexing in Oracle 12cOren Nakdimon
 

La actualidad más candente (20)

Oracle Database Vault
Oracle Database VaultOracle Database Vault
Oracle Database Vault
 
Understanding oracle rac internals part 1 - slides
Understanding oracle rac internals part 1 - slidesUnderstanding oracle rac internals part 1 - slides
Understanding oracle rac internals part 1 - slides
 
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best Practices
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best PracticesOracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best Practices
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best Practices
 
DB Time, Average Active Sessions, and ASH Math - Oracle performance fundamentals
DB Time, Average Active Sessions, and ASH Math - Oracle performance fundamentalsDB Time, Average Active Sessions, and ASH Math - Oracle performance fundamentals
DB Time, Average Active Sessions, and ASH Math - Oracle performance fundamentals
 
How to Use EXAchk Effectively to Manage Exadata Environments
How to Use EXAchk Effectively to Manage Exadata EnvironmentsHow to Use EXAchk Effectively to Manage Exadata Environments
How to Use EXAchk Effectively to Manage Exadata Environments
 
Data guard architecture
Data guard architectureData guard architecture
Data guard architecture
 
Oracle RAC Internals - The Cache Fusion Edition
Oracle RAC Internals - The Cache Fusion EditionOracle RAC Internals - The Cache Fusion Edition
Oracle RAC Internals - The Cache Fusion Edition
 
Oracle Audit vault
Oracle Audit vaultOracle Audit vault
Oracle Audit vault
 
What's new in Oracle 19c & 18c Recovery Manager (RMAN)
What's new in Oracle 19c & 18c Recovery Manager (RMAN)What's new in Oracle 19c & 18c Recovery Manager (RMAN)
What's new in Oracle 19c & 18c Recovery Manager (RMAN)
 
Oracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret InternalsOracle RAC 19c: Best Practices and Secret Internals
Oracle RAC 19c: Best Practices and Secret Internals
 
Oracle RAC features on Exadata
Oracle RAC features on ExadataOracle RAC features on Exadata
Oracle RAC features on Exadata
 
Active dataguard
Active dataguardActive dataguard
Active dataguard
 
Oracle architecture ppt
Oracle architecture pptOracle architecture ppt
Oracle architecture ppt
 
Oracle Database Introduction
Oracle Database IntroductionOracle Database Introduction
Oracle Database Introduction
 
Oracle RAC 12c Best Practices with Appendices DOAG2013
Oracle RAC 12c Best Practices with Appendices DOAG2013Oracle RAC 12c Best Practices with Appendices DOAG2013
Oracle RAC 12c Best Practices with Appendices DOAG2013
 
DOAG Oracle Unified Audit in Multitenant Environments
DOAG Oracle Unified Audit in Multitenant EnvironmentsDOAG Oracle Unified Audit in Multitenant Environments
DOAG Oracle Unified Audit in Multitenant Environments
 
Oracle 資料庫建立
Oracle 資料庫建立Oracle 資料庫建立
Oracle 資料庫建立
 
153 Oracle dba interview questions
153 Oracle dba interview questions153 Oracle dba interview questions
153 Oracle dba interview questions
 
Oracle sharding : Installation & Configuration
Oracle sharding : Installation & ConfigurationOracle sharding : Installation & Configuration
Oracle sharding : Installation & Configuration
 
Indexes and Indexing in Oracle 12c
Indexes and Indexing in Oracle 12cIndexes and Indexing in Oracle 12c
Indexes and Indexing in Oracle 12c
 

Similar a Ppt dbsec-oow2013-avdf

Security Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cSecurity Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cTroy Kitch
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteEdgar Alejandro Villegas
 
Advanced Controls access and user security for superusers con8824
Advanced Controls access and user security for superusers con8824Advanced Controls access and user security for superusers con8824
Advanced Controls access and user security for superusers con8824Oracle
 
Varhol oracle database_firewall_oct2011
Varhol oracle database_firewall_oct2011Varhol oracle database_firewall_oct2011
Varhol oracle database_firewall_oct2011Peter Varhol
 
Securing data in Oracle Database 12c - 2015
Securing data in Oracle Database 12c - 2015Securing data in Oracle Database 12c - 2015
Securing data in Oracle Database 12c - 2015Connor McDonald
 
B4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everythingB4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everythingDr. Wilfred Lin (Ph.D.)
 
Oracle-Security_Executive-Presentation
Oracle-Security_Executive-PresentationOracle-Security_Executive-Presentation
Oracle-Security_Executive-Presentationstefanjung
 
Integrate Oracle Identity Management and Advanced Controls for maximum effici...
Integrate Oracle Identity Management and Advanced Controls for maximum effici...Integrate Oracle Identity Management and Advanced Controls for maximum effici...
Integrate Oracle Identity Management and Advanced Controls for maximum effici...Oracle
 
Con8833 access at scale for hundreds of millions of users final
Con8833 access at scale for hundreds of millions of users finalCon8833 access at scale for hundreds of millions of users final
Con8833 access at scale for hundreds of millions of users finalOracleIDM
 
Innovations dbsec-12c-pub
Innovations dbsec-12c-pubInnovations dbsec-12c-pub
Innovations dbsec-12c-pubOracleIDM
 
Oracle Autonomous Data Warehouse Cloud Webex - with Demo
Oracle Autonomous Data Warehouse Cloud Webex - with DemoOracle Autonomous Data Warehouse Cloud Webex - with Demo
Oracle Autonomous Data Warehouse Cloud Webex - with DemoIslam Gohar
 
Con8819 context and risk aware access control any device any where - final
Con8819 context and risk aware access control any device any where - finalCon8819 context and risk aware access control any device any where - final
Con8819 context and risk aware access control any device any where - finalOracleIDM
 
Con8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - finalCon8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - finalOracleIDM
 
Presentation deploying oracle database 11g securely on oracle solaris
Presentation deploying oracle database 11g securely on oracle solarisPresentation deploying oracle database 11g securely on oracle solaris
Presentation deploying oracle database 11g securely on oracle solarisxKinAnx
 
Slidedeck Demo Kino: Street Warrior. Mobile Sicherheit auf unseren Straßen - ...
Slidedeck Demo Kino: Street Warrior. Mobile Sicherheit auf unseren Straßen - ...Slidedeck Demo Kino: Street Warrior. Mobile Sicherheit auf unseren Straßen - ...
Slidedeck Demo Kino: Street Warrior. Mobile Sicherheit auf unseren Straßen - ...Nadine Schoene
 
FulcrumWay Webinar - Fusion Security
FulcrumWay Webinar - Fusion SecurityFulcrumWay Webinar - Fusion Security
FulcrumWay Webinar - Fusion Securityactjax
 
Con9573 managing the oim platform with oracle enterprise manager
Con9573 managing the oim platform with oracle enterprise manager Con9573 managing the oim platform with oracle enterprise manager
Con9573 managing the oim platform with oracle enterprise manager OracleIDM
 
A3 oracle database 12c extreme performance for cloud computing
A3 oracle database 12c extreme performance for cloud computingA3 oracle database 12c extreme performance for cloud computing
A3 oracle database 12c extreme performance for cloud computingDr. Wilfred Lin (Ph.D.)
 
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate Cloud
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate CloudEngineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate Cloud
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate CloudMarketingArrowECS_CZ
 

Similar a Ppt dbsec-oow2013-avdf (20)

Security Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cSecurity Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12c
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
 
Advanced Controls access and user security for superusers con8824
Advanced Controls access and user security for superusers con8824Advanced Controls access and user security for superusers con8824
Advanced Controls access and user security for superusers con8824
 
Varhol oracle database_firewall_oct2011
Varhol oracle database_firewall_oct2011Varhol oracle database_firewall_oct2011
Varhol oracle database_firewall_oct2011
 
Securing data in Oracle Database 12c - 2015
Securing data in Oracle Database 12c - 2015Securing data in Oracle Database 12c - 2015
Securing data in Oracle Database 12c - 2015
 
B4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everythingB4 the identity of things-securing the internet of everything
B4 the identity of things-securing the internet of everything
 
Oracle-Security_Executive-Presentation
Oracle-Security_Executive-PresentationOracle-Security_Executive-Presentation
Oracle-Security_Executive-Presentation
 
Integrate Oracle Identity Management and Advanced Controls for maximum effici...
Integrate Oracle Identity Management and Advanced Controls for maximum effici...Integrate Oracle Identity Management and Advanced Controls for maximum effici...
Integrate Oracle Identity Management and Advanced Controls for maximum effici...
 
Con8833 access at scale for hundreds of millions of users final
Con8833 access at scale for hundreds of millions of users finalCon8833 access at scale for hundreds of millions of users final
Con8833 access at scale for hundreds of millions of users final
 
Innovations dbsec-12c-pub
Innovations dbsec-12c-pubInnovations dbsec-12c-pub
Innovations dbsec-12c-pub
 
Oracle Autonomous Data Warehouse Cloud Webex - with Demo
Oracle Autonomous Data Warehouse Cloud Webex - with DemoOracle Autonomous Data Warehouse Cloud Webex - with Demo
Oracle Autonomous Data Warehouse Cloud Webex - with Demo
 
Con8819 context and risk aware access control any device any where - final
Con8819 context and risk aware access control any device any where - finalCon8819 context and risk aware access control any device any where - final
Con8819 context and risk aware access control any device any where - final
 
Con8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - finalCon8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - final
 
Cloud based database
Cloud based databaseCloud based database
Cloud based database
 
Presentation deploying oracle database 11g securely on oracle solaris
Presentation deploying oracle database 11g securely on oracle solarisPresentation deploying oracle database 11g securely on oracle solaris
Presentation deploying oracle database 11g securely on oracle solaris
 
Slidedeck Demo Kino: Street Warrior. Mobile Sicherheit auf unseren Straßen - ...
Slidedeck Demo Kino: Street Warrior. Mobile Sicherheit auf unseren Straßen - ...Slidedeck Demo Kino: Street Warrior. Mobile Sicherheit auf unseren Straßen - ...
Slidedeck Demo Kino: Street Warrior. Mobile Sicherheit auf unseren Straßen - ...
 
FulcrumWay Webinar - Fusion Security
FulcrumWay Webinar - Fusion SecurityFulcrumWay Webinar - Fusion Security
FulcrumWay Webinar - Fusion Security
 
Con9573 managing the oim platform with oracle enterprise manager
Con9573 managing the oim platform with oracle enterprise manager Con9573 managing the oim platform with oracle enterprise manager
Con9573 managing the oim platform with oracle enterprise manager
 
A3 oracle database 12c extreme performance for cloud computing
A3 oracle database 12c extreme performance for cloud computingA3 oracle database 12c extreme performance for cloud computing
A3 oracle database 12c extreme performance for cloud computing
 
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate Cloud
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate CloudEngineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate Cloud
Engineered Systems - nejlepší cesta, jak zabezpečit váš dataAccelerate Cloud
 

Último

VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya
 
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girlsstephieert
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663Call Girls Mumbai
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLimonikaupta
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Delhi Call girls
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Standkumarajju5765
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Call Girls in Nagpur High Profile
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsstephieert
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445ruhi
 

Último (20)

VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
 
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls
10.pdfMature Call girls in Dubai +971563133746 Dubai Call girls
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girls
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 

Ppt dbsec-oow2013-avdf

  • 1. Oracle Audit Vault and Database Firewall : First Line of Defense In Data Security Melody Liu Senior Principal Product Manager Oracle Database Security
  • 2. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.2 Program Agenda  Introduction  Overview of Oracle Audit Vault and Database Firewall  Key Features  Demo  Q&A
  • 3. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.3 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
  • 4. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.4 Oracle Audit Vault and Database Firewall Overview
  • 5. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.5 Oracle Database Security Solutions Defense-in-Depth for Maximum Security Activity Monitoring Database Firewall Auditing and Reporting DETECTIVE Redaction and Masking Privileged User Controls Encryption PREVENTIVE ADMINISTRATIVE Sensitive Data Discovery Configuration Management Privilege Analysis
  • 6. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.6 Oracle Audit Vault and Database Firewall APPS Users AUDIT VAULT Firewall Events Database Firewall AUDIT DATA Operating Systems File Systems Directories Custom Audit Data Reports !Alerts Policies Auditor Security Manager
  • 7. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.7 Heterogeneous Enterprise Auditing Collection with Audit Vault Server
  • 8. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.8 Heterogeneous Enterprise Auditing Collection with Audit Vault Server AUDIT VAULT
  • 9. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.9 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
  • 10. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.10 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
  • 11. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.11 Audit Vault Server Central Repository of Audit Event Data
  • 12. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.12 Audit Vault Server Central Repository of Audit Event Data
  • 13. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.13 Audit Vault Server Central Repository of Audit Event Data
  • 14. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.14 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
  • 15. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.15 Audit Vault Server Extensive and Customizable Reporting Dozens of predefined reports Flexible interactive browsing Customizable reporting Scheduling, notification & attestation
  • 16. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.16 Audit Vault Server Extensive and Customizable Reporting – Entitlement Report Create meaningful users. Remove snapshot time, tablespace
  • 17. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.17 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
  • 18. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.18 Audit Vault Server Powerful Alerting
  • 19. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.19
  • 20. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.20 Audit Vault Server  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Heterogeneous Enterprise Audit Collection
  • 21. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.21 Audit Vault Server  Built on Proven Oracle Technology  Secure – Fine-grained security groups – Strict separation of Duty  Life Cycle Management for Audit Event Data  3rd Party Integration & Custom Collection plug-in Enterprise Scale Deployment
  • 22. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.22 Audit Vault Server Summary Heterogeneous Enterprise Audit Collection AUDIT VAULT
  • 23. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.23  Central Repository of Audit Event Data  Extensive and Customizable Reporting  Powerful Alerting  Enterprise Scale Deployment Audit Vault Server Summary Heterogeneous Enterprise Audit Collection
  • 24. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.24 Database Monitoring with Database Firewall
  • 25. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.25 SQL Injection #1 Risks on OWASP Most Critical Application Security Risks - 2013 • Anyone who can sent untrusted data to the database including external users, internal users, and administrators Threat Agent • EASY • Attacker sends text based attacks that exploit the uncleansed syntax Attack Vector • SEVERE • Injection can result in data loss or corruption, lack of accountability or complete host takeover Impact
  • 26. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.26 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
  • 27. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.27 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
  • 28. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.28 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
  • 29. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.29 Database Firewall Flexible Deployment Models
  • 30. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.30 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
  • 31. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.31 Database Firewall SQL Injection Protection with Positive Policing Model White List Applications Block Allow SELECT * from stock where catalog-no='PHE8131' SELECT * from stock where catalog-no=‘ ' union select cardNo,0,0 from Orders --’ • Define “allowed” behavior for any user or application • Automated whitelist generation for any application • Out-of-policy Database network interactions instantly blocked Databases
  • 32. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.32 Database Firewall  Real-time Database Activity Monitoring on the Network  Capture Events for Analysis and Compliance Reporting  Flexible Deployment Models  SQL Injections Protection with Positive Policy Model  Constraining Activities with Negative Policy Model First Line of Defence
  • 33. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.33 Database Firewall Constraining Activity with Negative Policing Model • Stop specific “non-authorized” SQL interactions, user or schema access • Blacklisting can be done on IP address, application, DB user, OS user • Provide flexibility to authorized users while still monitoring activity Black List Block Allow LogSELECT * from stock SELECT * from stock Databases Non-authorized user activity Legitimate data access
  • 34. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.34 Other Key AVDF Features  Distributed as Soft Appliance  One Web UI Management Console for Admin and Auditor  Fine-Grained Security Groups  Strict Separation of Duty  Command Line Client for Automation and Scripting Easy Installation & Administration
  • 35. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.35 Enterprise Manager Cloud Control 12c Integration  EM integration Database plugin 12.1.0.5
  • 36. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.36 Summary in 1 Slide
  • 37. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.37 Oracle Audit Vault and Database Firewall APPS Users AUDIT VAULT Firewall Events Database Firewall Reports !Alerts Policies Auditor Security Manager AUDIT DATA Operating Systems File Systems Directories Custom Audit Data
  • 38. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.38 Oracle Database Security Sessions Time Session Title Monday 12:15 - 1:15 pm Security Inside-Out with Oracle Database 12c Monday 1:45 - 2:45 pm Oracle Database 12c Real Application Security for Oracle Application Express Monday 1:45 - 2:45 pm Oracle Audit Vault and Database Firewall: First Line of Defense in Data Security Monday 4:45 – 5:45 pm Introducing Oracle Key Vault: Enterprise Database Encryption Key Management Tuesday 3:45 – 4:45 New security capabilities in Oracle Database 12c Tuesday 5:15 – 6:15 pm Oracle Audit Vault and Database Firewall: Deployment Best Practices Wednesday 11:45 – 12:45 pm Oracle Database Security Solutions Customer Panel: Real-World Case Studies Wednesday 3:30 – 4:30 pm DBA Best Practices for Protecting Data Privacy with Oracle’s Data Masking Wednesday 5:00 – 6:00 pm Sensitive Data Redaction with Oracle Database 12c
  • 40. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.40