Oracle Audit Vault Monitors Competing Systems, Including DB2 - InformationWeek
IoT
IoT
Data Management // Big Data Analytics
News
1/28/2009
05:48 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%
RELATED EVENTS
Using Threat Data to Improve Your Cyber Defense
Aug 10, 2017
Attend this webinar to learn how you can determine which threats pose the greatest danger to your ...Read More>>

Oracle Audit Vault Monitors Competing Systems, Including DB2

The software now supports monitoring of Sybase versions 12.5 and 15 as well as IBM's DB2 version 8.2 or 9.5 running on Linux, Unix, and Windows.

Oracle is upgrading its Audit Vault product in a bid to have it serve as an audit information center for several competing enterprise database systems.

Oracle Audit Vault is a standalone, $57,500 product that helps companies meet their compliance requirements in connection with safeguarding data. When Audit Vault came out in June 2007, it monitored the Oracle database system and collected selective operational information, such as what data has privileged database administrators changed inside the system; what new tables have been created; whose privileges have been upgraded; and whether anyone tried multiple log-ins to a database area he or she didn't have rights to access. The audit data is stored in a specialized, secure Oracle data warehouse.

In June 2008, Oracle added support to Audit Vault for monitoring Microsoft's SQL Server as well as its Oracle 10g and 11g software.

As of this week, Audit Vault also supports monitoring of Sybase versions 12.5 and 15 as well as IBM's DB2 version 8.2 or 9.5 running on Linux, Unix, and Windows, said Vipin Samar, VP of database security. Audit Vault, however, does not support collecting DB2 audit information on the mainframe, where many instances of DB2 run.

"It collects all the audit data into a centralized data warehouse," where analysis can be performed in real time and compared to enterprise data security policies, Samar said.

If someone has attempted to log on to an area of a database that's off limits to him, an alert can be sent to managers' dashboards. Attempts to create tables, add users to production databases, or store unauthorized data sets are violations of many companies' security policies and such events can also be used to trigger alerts, Samar added.

Audit Vault can be used for compliance, generating reports that satisfy requirements of Sarbanes-Oxley, the Health Insurance Portability And Accountability Act, the Payment Card Industry, and the Data Security Standard.

Oracle customers buy an agent for each type of database system that they seek to monitor. It's priced at $3,500 per CPU.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll