Presentation is loading. Please wait.

Presentation is loading. Please wait.

Self-Validation Tech Guide

Published byVaughn Savery Modified over 9 years ago

Similar presentations

Presentation on theme: "Self-Validation Tech Guide"— Presentation transcript:

1 Self-Validation Tech Guide
Oracle Database Database Vault Self-Validation Tech Guide Welcome, today I’d like to present an overview of the latest security product from Oracle – Database Vault. We announced this new product in late April at the huge Oracle user group conference called Collaborate 06 in Nashville, TN. You may have seen some press releases for Oracle and our partners around this exciting new product.

2 Easy To Validate Your Apps Against Database Vault
Estimated ½-1 day for Database Vault set up and configuration against your App(s) Partners can use their systems to validate their App(s) with Database Vault FREE technical assistance from Oracle Development (PTS) to support Validation efforts 3 possible Validation levels to choose from Works with RAC, Oracle Label Security, Oracle Advanced Security Database Vault is designed to address what customers have told us are some of their most pressing security related business problems. At Oracle Headquarters in California, we frequently get the opportunity to talk to customers from around the world and virtually every industry imaginable and these are business problems seem to resonate with virtually every customer. I’m sure you’ve all heard the phrase “regulatory compliance”, who hasn’t, it’s certainly being used a lot. I think one of the biggest benefits of regulatory compliance has been awareness, it’s really forced customers to take a long hard look at their business practices. Two of the common themes in many regulations are strong internal controls and separation of duty. Database Vault provides the technology to address these two security problems. In addition, customers are much more concerned about the internal threat today. I don’t mean to say that everyone’s DBA is up to no good, but rather customers are looking for preventative measures to put in place. They want the ability to enforce operational policies on who, when and where data can be accessed, Another common security problem is the powerful DBA. Most applications out there today were not designed with the principle of least privilege – meaning that the application owner only has the minimum privileges necessary. In fact, it’s exactly the opposite. Database Vault provides the ability to restrict the powerful application owners and DBA which reside in a consolidated database environment.

3 3 Validation Levels Level I - Basic Validation
Level II - Advanced Validation Level III - Enterprise Validation Database Vault is designed to address what customers have told us are some of their most pressing security related business problems. At Oracle Headquarters in California, we frequently get the opportunity to talk to customers from around the world and virtually every industry imaginable and these are business problems seem to resonate with virtually every customer. I’m sure you’ve all heard the phrase “regulatory compliance”, who hasn’t, it’s certainly being used a lot. I think one of the biggest benefits of regulatory compliance has been awareness, it’s really forced customers to take a long hard look at their business practices. Two of the common themes in many regulations are strong internal controls and separation of duty. Database Vault provides the technology to address these two security problems. In addition, customers are much more concerned about the internal threat today. I don’t mean to say that everyone’s DBA is up to no good, but rather customers are looking for preventative measures to put in place. They want the ability to enforce operational policies on who, when and where data can be accessed, Another common security problem is the powerful DBA. Most applications out there today were not designed with the principle of least privilege – meaning that the application owner only has the minimum privileges necessary. In fact, it’s exactly the opposite. Database Vault provides the ability to restrict the powerful application owners and DBA which reside in a consolidated database environment.

4 Benefits for Each Validation Level
Level I - Basic Validation Restrict DBA Access in Application(s) Limit DBA and other privileged users’ access to business data inside the database Level II - Advanced Validation Protect ISV Data Structure Protect data structures in production environments from unauthorized edits / changes Level III - Enterprise Validation Enterprise Configuration option Customers can add their company-specific business requirements Database Vault is designed to address what customers have told us are some of their most pressing security related business problems. At Oracle Headquarters in California, we frequently get the opportunity to talk to customers from around the world and virtually every industry imaginable and these are business problems seem to resonate with virtually every customer. I’m sure you’ve all heard the phrase “regulatory compliance”, who hasn’t, it’s certainly being used a lot. I think one of the biggest benefits of regulatory compliance has been awareness, it’s really forced customers to take a long hard look at their business practices. Two of the common themes in many regulations are strong internal controls and separation of duty. Database Vault provides the technology to address these two security problems. In addition, customers are much more concerned about the internal threat today. I don’t mean to say that everyone’s DBA is up to no good, but rather customers are looking for preventative measures to put in place. They want the ability to enforce operational policies on who, when and where data can be accessed, Another common security problem is the powerful DBA. Most applications out there today were not designed with the principle of least privilege – meaning that the application owner only has the minimum privileges necessary. In fact, it’s exactly the opposite. Database Vault provides the ability to restrict the powerful application owners and DBA which reside in a consolidated database environment.

5 Level I - Basic Validation: Restrict DBA Access
Installation Steps Step 1 - Install Enterprise Edition database Step 2 - Install application(s) Step 3 - Install Database Vault option Basic Validation Create a realm around ISV application Perform functional test of ISV application Perform a technical test Verify patching and upgrade of ISV application If necessary, create a separate realm with all privileges needed for patching / upgrades Measure performance Overhead should be less than 5% Write Database Vault API scripts for above so it can be run during ISV application install Database Vault is designed to address what customers have told us are some of their most pressing security related business problems. At Oracle Headquarters in California, we frequently get the opportunity to talk to customers from around the world and virtually every industry imaginable and these are business problems seem to resonate with virtually every customer. I’m sure you’ve all heard the phrase “regulatory compliance”, who hasn’t, it’s certainly being used a lot. I think one of the biggest benefits of regulatory compliance has been awareness, it’s really forced customers to take a long hard look at their business practices. Two of the common themes in many regulations are strong internal controls and separation of duty. Database Vault provides the technology to address these two security problems. In addition, customers are much more concerned about the internal threat today. I don’t mean to say that everyone’s DBA is up to no good, but rather customers are looking for preventative measures to put in place. They want the ability to enforce operational policies on who, when and where data can be accessed, Another common security problem is the powerful DBA. Most applications out there today were not designed with the principle of least privilege – meaning that the application owner only has the minimum privileges necessary. In fact, it’s exactly the opposite. Database Vault provides the ability to restrict the powerful application owners and DBA which reside in a consolidated database environment.

6 Level II - Advanced Validation: Protect ISV Data Structure
Level I validation steps See previous slide Build Command Rules Build a collection of command rules that protects ISV data structure Applied at a customers production environment ISV identifies which command rules are relevant to application Command line examples: DROP TABLE, ALTER TABLE, CREATE DATABASE LINK, …etc Perform functional test Test ISV application and measure performance

7 Level III - Enterprise Validation: Enterprise Configuration
Level I & Level II validation steps See previous slides Dynamic security rules Based on customer specific security requirements Utilizes customer-specific Realms, Command Rules, Factors to build common security rules Ex: customer IP address, network domain, etc May utilize additional security options (OLS and ASO) to integrate with Database Vault Has the potential for additional consulting business Has the potential for additional license business

8 Packaging, Availability, Pricing
Database Option on DB Enterprise Edition $20K per CPU $400 per Named User On top of Linux and Solaris initially Other ports along with (Sept) Part of Works with RAC, Oracle Label Security, Advanced Security Option

9 Next Steps 1 - Getting Software 2 - Validation testing
3 – Sales Enablement Kit

10 Resources & Contacts Get Product Info & Downloads
Get Validation Assistance from Oracle No fees for OPN Partners

11 Q & A

Download ppt "Self-Validation Tech Guide"

Similar presentations

Ultimate Bundle Overview Products Benefits Technical Requirements Licensing Pricing Valid until 01-Sep-2010.

Ultimate Bundle Overview Products Benefits Technical Requirements Licensing Pricing Valid until 01-Sep-2010.
Chapter 20 Oracle Secure Backup.

Chapter 20 Oracle Secure Backup.
Microsoft ® System Center Configuration Manager 2007 R3 and Forefront ® Endpoint Protection Infrastructure Planning and Design Published: October 2008.

Microsoft ® System Center Configuration Manager 2007 R3 and Forefront ® Endpoint Protection Infrastructure Planning and Design Published: October 2008.
Planning your Xythos upgrade Xythos Webcast Series Dial-in Information: Toll-free 877-795-3646 Passcode: 8482901.

Planning your Xythos upgrade Xythos Webcast Series Dial-in Information: Toll-free Passcode:
Database Vault Welcome, today I’d like to present an overview of the latest security product from Oracle – Database Vault. We announced this new product.

Database Vault Welcome, today I’d like to present an overview of the latest security product from Oracle – Database Vault. We announced this new product.
Author : Nguyễn Ngọc Linh Advisor: Mr. Nguyễn Huy Vũ.

Author : Nguyễn Ngọc Linh Advisor: Mr. Nguyễn Huy Vũ.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Oracle Database Vault with Oracle Database 12c Chi Ching Chui Senior Development.

Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Oracle Database Vault with Oracle Database 12c Chi Ching Chui Senior Development.
About DataViz, Inc. In business 25 years 13+ years experience in the mobile industry Specializing in Office compatibility for non-Microsoft platforms.

About DataViz, Inc. In business 25 years 13+ years experience in the mobile industry Specializing in Office compatibility for non-Microsoft platforms.
Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in 2009. Acceleratio specializes in developing high-quality enterprise.

Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in Acceleratio specializes in developing high-quality enterprise.
Oracle Database Administration. Rana Almurshed 2 course objective After completing this course you should be able to: install, create and administrate.

Oracle Database Administration. Rana Almurshed 2 course objective After completing this course you should be able to: install, create and administrate.
NETOP ONDEMAND What’s new in version 2.1? DECEMBER 09 NETOP ONDEMAND1.

NETOP ONDEMAND What’s new in version 2.1? DECEMBER 09 NETOP ONDEMAND1.
Tripwire Enterprise Server – Getting Started Doreen Meyer and Vincent Fox UC Davis, Information and Education Technology June 6, 2006.

Tripwire Enterprise Server – Getting Started Doreen Meyer and Vincent Fox UC Davis, Information and Education Technology June 6, 2006.
Project Implementation for COSC 5050 Distributed Database Applications Lab1.

Project Implementation for COSC 5050 Distributed Database Applications Lab1.
Server Hive Architecture. No Single Point-of-Failure. Automatic Failover. One-Click Upgrades. Embedded SDK & API. Video Wall. And More.

Server Hive Architecture. No Single Point-of-Failure. Automatic Failover. One-Click Upgrades. Embedded SDK & API. Video Wall. And More.
Windows Azure Conference 2014 Oracle on Windows Azure.

Windows Azure Conference 2014 Oracle on Windows Azure.
Sage CRM v7.2 Developers Course An Introduction to the Developer Program.

Sage CRM v7.2 Developers Course An Introduction to the Developer Program.
Linux Operations and Administration

Linux Operations and Administration
Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in 2009. We create innovative software solutions for SharePoint,

Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in We create innovative software solutions for SharePoint,
Linux Operations and Administration

Linux Operations and Administration

Similar presentations

Ads by Google