Oracle Audit Vault and Database Firewall (AVDF)


HomeOracle database support › Oracle AVDF

Oracle audit vault and database firewall (AVDF) offers two key features that are primarily intended to increase the security of databases:

  • Database auditing and reporting AVDF collects audit data from various sources, including Oracle databases, third-party databases, and operating systems. After the data is collected it is processed and reported on, allowing our customers to identify potential security risks and ensure compliance with rules.
  • Database firewall: AVDF functions as a database firewall specifically for Oracle databases. It monitors all network traffic to the database and examines each SQL statement. Before any suspicious SQL statements reach the database, AVDF can take various actions based in pre-defined policies, such as allowing, logging, alerting, or even blocking them. This aids in the prevention of intrusion attempts and SQL injection attacks.

In simpler terms, AVDF provides a complete solution for database security and monitoring. It facilitates the tracking of user activity, the detection of questionable behaviour, and the application of real-time security against hostile assaults.

The Oracle AVDF integrates many security features for your databases. Here is a breakdown of its salient characteristics in two primary domains:

Techno functional offerings

  • Multi-stage database firewall: analyses SQL traffic to identify and block unauthorised access, including attempts like SQL injection attacks
  • Policy engine: detects unauthorised access to sensitive data tables based on pre-defined rules
  • Application behaviour profiling: monitors application activity and blocks deviations from normal behaviour, thereby preventing unauthorised actions
  • Trusted path enforcement: restricts access to the database based on specific criteria, such as OS user, client program, IP address and SQL categories

Key solutions

  • Integrations: integrates with Security Information and Event Management systems and supports Syslog for centralised logging; additionally FIPS 140-2 mode is available for enhanced security compliance
  • Flexible data collection: allows for agentless audit record collection for Oracle and Microsoft SQL server databases, reducing deployment complexity
  • Automation: supports automation tasks through a command-line interface
  • Minimal downtime: ensures minimal or predictable downtime during hardware or software updates

Benefits

  • Uses pre-built, editable reports to promptly address regulatory requirements.
  • Mitigates security risks by monitoring database activities across all enterprise databases and conducting audits.
  • Provides tracking of activity both on-premises and in the cloud, offering visibility into the system use.
  • Reduces operational challenges related to regulatory and governance compliance.
  • Manages data risks by identifying and preventing attempts to breach application database data.
  • Delivers scalability, security, automation and extensibility at the enterprise level.
  • Prevents unwanted SQL queries from accessing the database.

Our modes of engagement for Oracle AVDF

  • Managed services (onsite | offshore)
    • Consulting
    • Implementation
    • Support
  • Professional Services