Oracle is simplifying its security offerings by combining a pair of existing tools into a single package.
The offering, Oracle Audit Vault and Database Firewall, provides both network traffic sniffing for security threats and audit data analysis. It also adds the ability to audit OSes, directories, and other sources, beyond Oracle's database and third-party database systems, according to the company.
[ Prevent corporate data leaks with Roger Grimes' "Data Loss Prevention Deep Dive" PDF expert guide, only from InfoWorld. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]
Oracle Audit Vault and Database Firewall is delivered as a software appliance for easier deployment, said Vipin Samar, vice president of database security product development. Previously, customers had to purchase the products separately.
The product can monitor SQL traffic on Oracle's database as well as Microsoft SQL Server, MySQL, and IBM's DB2.
It also provides a central repository for audit and event logs, from which users can run dozens of prebuilt custom reports. The reports can also be tweaked to the needs of each customer, according to Samar.
An Oracle database expert expressed a measured view of the vendor's announcement.
Database Firewall is derived from Oracle's acquisition of Secerno in 2010, said Alex Gorbachev, CTO of the remote database administration provider Pythian Group.
It can be an active firewall, blocking attacks, "or it can be in auditing mode, just listening and reporting," Gorbachev said. "It makes sense to move that reporting part into Audit Vault. Otherwise, there is lots of overlapping functionality."
Oracle also has had a wide range of security options for its database, with each licensed separately, he added. "Obviously, simplifying this area of products is overdue because it's very confusing for the customer to decide which ones they need."
In addition to making things easier for customers, Oracle is hoping to sell more software licenses with the combined product and software appliance deployment model, said Roxana Bradescu, director of database security product management. The goal is "really large-scale deployments," she said.
To date, Pythian Group has seen customer adoption of Oracle's Advanced Security, Data Masking and Label Security products, but little for Database Firewall and Audit Vault, according to Gorbachev.
Chris Kanaracus covers enterprise software and general technology breaking news for The IDG News Service. Chris' email address is Chris_Kanaracus@idg.com.