Re: Security Measures

From: Stefano Cislaghi <s.cislaghi_at_gmail.com>
Date: Wed, 08 Apr 2015 11:31:01 +0000
Message-ID: <CAFsgGryx7WvjOXseUog625mC7-p7JEmS9Z5ATo5vN_YKBfpuvw_at_mail.gmail.com>



Well, depends. A DAM (Database Access Monitoring) solution is what you need. It monitor any attempt to connection to your db as well as the command are being issued. Usually they let you to stop connection that issue select * from customers (for example) or any other type of statement you like. Obviously, they audit everything so there's an overlap with database standard audit.

Product names: oracle database firewall, IBM guardium, Imperva secusphere...

They normally use network TAP (either physical or virtual) or local kernel TAP, or a combination of both technologies.

Hope it helps

Stefano

On Wed, 8 Apr 2015 11:51 walid kaakati <dmarc-noreply_at_freelists.org> wrote:

> Hallo list,
>
> I have rephrased my question :
>
> By database auditing i Know who accessed the database, remains for me to
> prevent unauthorized access to the database let us say by
> hacking,programs... .
>
> How i can do this ? any ideas that you implement in your production
> databases.
>
> Best Wishes
>

--
http://www.freelists.org/webpage/oracle-l
Received on Wed Apr 08 2015 - 13:31:01 CEST

Original text of this message