Database audit is normally carried out so as to be aware of the actions of the users of databases. This is carried out often for security purposes. Auditing is an important aspect with regards to compliance and security programs. There are four database audit appliances that are used to create, collect and analyze database audits.
- Native Audit
Oracle, Sybase, Microsoft and IBM offer this appliance which captures the same data although in different variations. Here, the database system is used to store, report, sort and filter events. As much as the data is stored up within the database, it can still be exported to flat text files or even be sent as an XML data feed to various applications. The costs related to acquiring, deploying as well as managing an audit appliance is saved when native features are used.
- SIEM and Log Management
Security Information and Event Management and log management are audit appliances that have the ability to collect audit files as well as offer much more than what native audit brings on board. In addition to database audit logs, they are also used to gather information from firewalls, network devices, operating systems and applications. Some of the advantages that come with using SIEM and log management are that it offers heteregenious database support, integrated reporting, data collection, aggregation and compression.
- Database Activity Monitoring (DAM)
These ones are created in such a way as to monitor the activity of databases for threats and also to enforce controls of compliance. A number of vendors offer various ways to get information, collect queries from network, from the operating system used by the database and from data base audit logs. If you are looking for very fast retrieval of data and the enforcement of real time policy then this should be the option for you. DAM is designed for alerting and analysis.
- Database Audit Platforms
Some vendors offer specialized database which seem similar to log management servers. Some of the benefits that come with database audit platforms include forensic analysis, secure storage, aggregation of log files to common format and reporting. This is a pocket friendly way to produce security reports and store forensic security data.
- Factors That Would Limit Your Deployment of Data Audit
- Oracle Audit Vault and Database Firewall
- Fortigate Network Security Platforms And Appliances