Oracle Audit Vault, Best Practices in Security in HA Environments
Yesterday, I took a part in a meeting with one on Oracle product managers in security. Spoke about few technologies and Audit Vault looked quite attractive. On the other hand it’s nothing but a data warehouse that can load data from various sources including Oracle database, iAS and 3rd party tools. So if I can simplify it - it’s a bunch of Oracle BI tools integrated together and working on schema designed to analyze and mine audit data.
Another highlight was that Oracle has actually not much info about best practices in the area of security in HA environments. This is actually not as specialized as it might seemed to be. For example, what are implications of listener passwords - how is automatic startup/failover and etc. managed for password protected listeners. Or another one - how is Data Guard working with TDE (Transparent Data Encription). For example, automatic failover might require auto login to the wallet and/or wallet with no password. So it seems that there are many white spaces. Perhaps, time for a good paper? 
Good point. I guess it is a bit difficult to get security integrated with so many oracle features.
I think this is just simple Data Warehouse. Audit data collection can be done with stream API or PL/SQL. I don’t get it what is the benefit on it.
John, I’m pretty much with you. This is definitely something that can be done either yourself or with a third party tool. Knowing that Oracle usually not the best in database applications, I doubt this product is the kicker but you never know. Would be really nice to get some first hands experience with the tool and share it with the community.
Well, I’m about to get my first experiences with it in a production environment, but first we’ll need to deploy it.
I’ll let you know
Excellent! Thanks Doug. Your blog’s feed is always with me.