Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Audit Vault & Database Firewall: Security

    Încărcat de

    Cristhian Castrillon
    10 vizualizări32 pagini

    Titlu original

    PresenAVDF

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    PPTX, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PPTX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    10 vizualizări32 pagini

    Audit Vault & Database Firewall: Security

    Încărcat de

    Cristhian Castrillon

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PPTX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 32

    Audit Vault & Database

    Firewall

    SECURITY
    Auditoria y Firewall de bases de datos para
    ambientes heterogéneos Inside-Out
    Safe Harbor Statement
    The following is intended to outline our general product direction. It is intended for
    information purposes only, and may not be incorporated into any contract. It is not a
    commitment to deliver any material, code, or functionality, and should not be relied upon
    in making purchasing decisions. The development, release, and timing of any features or
    functionality described for Oracle’s products remains at the sole discretion of Oracle.

    Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 2


    Audit Vault & Database Firewall
    Bloqueo, detección y auditoria
    Database Firewall

    Usuarios
    ✔ !
    SYBASE

    Aplicaciones

    Eventos Eventos de auditoria


    SQL y de red.

    Alertas !

    Reportes
    Eventos de auditoria, Custom
    Logs de eventos
    Politicas
    Audit Vault
    Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential – Restricted 3
    Auditoria para entornos empresariales heterogéneos
    Servidor Audit Vault

    AUDIT VAULT

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    60%
    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
    Segregación de funcio
    Aplicación del principio de mín

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Beneficios Audit Vault

    Cumplimiento

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Servidor Audit Vault
    Múltiples tipos de reportes
    Reportes predefinidos y alineados con estándares tipo
    PCI, SOX, HIPAA, ISO

    Reportes Personalizados.

    Programación de reportes.

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Servidor Audit Vault
    Reportes predefinidos y alineados con estándares

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Tareas Vs Esfuerzo en la auditoría y cumplimiento de DB

    Esfuerzo
    Monitoreo
    Alertas
    Reportes
    Análisis

    Mantenimiento de la plataforma
    Activación
    Diseño de Políticas
    Tareas
    Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential – Internal/Restricted/Highly Restricted 10
    Beneficios Audit Vault

    Proactividad

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    En el 2014 fueron robadas mas de 1,5 Billones de cuentas
    80M 1M

    Telecom
    76M OCT ‘13 22M
    20M
    150M Credit Bureau Education
    2M July ‘14
    150M + 12M
    Telecom
    Jan ‘14
    150M
    SA Banks Immigration
    OCT ‘13 June’14
    Credit Personal
    Cards Records

    Copyright © 2014,©Oracle
    Copyright and/orand/or
    2014 Oracle its affiliates. All rights
    its affiliates. reserved.
    All rights | | Oracle Public
    reserved. 12
    Servidor Audit Vault
    Generación de alertas

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Beneficios Audit Vault

    Centralización

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Servidor Audit Vault
    Repositorio centralizado para eventos de auditoria

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Servidor Audit Vault
    Repositorio centralizado para eventos de auditoria

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Beneficios Audit Vault

    Arquitectura Costo – Beneficio


    TCO
    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
    Servidor Audit Vault
    Arquitectura Simple y completa – Menor TCO
    HA FREE

    DataBase
    Partitioning
    Único componente Compresion
    escalable Advance security
    Database Vault
    BI Publisher
    DB, LDAP, FS y OS
    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
    Database Firewall
    Primera Línea de Defensa

    Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |


    Beneficios DataBase Firewall

    Protección DB Or
    y no Oracle

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Beneficios DataBase Firewall

    Bloqueo de ataques

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Database Firewall

    SELECT * FROM credit_card usuarios White List


    WHERE ssn= ‘xxxxxxxx' Allow

    Block
    SELECT * FROM credit_card usuarios
    Applications
    WHERE ssn= ‘xxxxxxxx‘ or ‘x’ = ‘x’
    Databases

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    SQL Injection
    Riesgo # 1 según el OWASP top 10 del 2013.

    • Su criticidad es SEVERA ya que permite leer, modificar (Insert,


    Update, Delete), ejecutar comandos de administración (parar la
    DB o acceder al OS), eliminación o encriptado de datos.
    • Es muy fácil de realizar.

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
    Beneficios DataBase Firewall

    Arquitectura flexible

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Oracle Audit Vault and Database Firewall
    Arquitectura y Componentes

    HA FREE
    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
    Audit Vault y DataBase Firewall

    Ventajas
    competitivas

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Oracle Audit Vault and Database Firewall
    Ventajas competitivas
    AVDF -Oracle Otras soluciones

    Solución full stack (incluye el licenciamiento de base


    de datos Enterprise para el funcionamiento de la
    solución).
    Implementación de HA sin licenciamiento adicional.

    Protección de Sistemas operativos, File systems y


    Directorios sin licenciamiento adicional.

    Requiere capacitar a su personal de TI en nuevas y


    complejas soluciones.

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Audit Vault y DataBase Firewall

    Beneficios de
    Negocio

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Beneficios de Negocio

    ADMINISTRACIÓN CUMPLIMIENTO TIME TO MARKET ROI

    Mejore la productividad Proteja su información y Minimice


    Desarrollo de aplicaciones
    De su personal de TI cumpla con las regulaciones el CapEx (TCO)
    de forma ágil
    de forma trasparente

    Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |


    Oracle Confidential – Internal/Restricted/Highly Restricted31

    S-ar putea să vă placă și