As the name suggests, Oracle AVDF is a database firewall (also known as a SQL proxy), as well as a large vault for audit data (logs) for forensic analysis (!). It is not new and has been around for a long time, with some “competitors,” or better said, alternatives, such as: IBM Guardium, DB Protect, Imperva SecureSphere, MySQL Proxy, Heimdall, ProxySQL, etc.
The GDPR (European regulation) has done more for data governance than HIPAA, PCI, and SOX combined. It has highlighted the need for better control over what is inserted and manipulated within our databases. That’s where AVDF comes in.
AVDF intercepts requests to the database and analyzes their content for syntax, semantics, purpose, and result. Like any firewall, it is based on white lists (what is allowed), black lists (what is not allowed), and policies (groups of actions that may or may not be permitted, for example, prohibiting any DDL commands for non-DBAs).
A great feature of AVDF is that it works beyond the “big red” walls, meaning it supports not only Oracle Database but also other RDBMS such as MySQL, IBM DB2, Microsoft SQL Server, SAP Sybase, etc.
Of course, all database access is recorded in a secure, immutable vault. Unauthorized accesses are highlighted and properly alerted. It can also be configured to work in silent mode, allowing access even if it conflicts with rules and policies, only logging and alerting without blocking.
An interesting utility is blocking DBA access to tables with sensitive data while still allowing them the necessary maintenance rights.
Another great feature is the ability to centralize operating system and database security logs from multiple servers into a single control point.
It comes with a smart self-learning mode, similar to anti-spam tools, helping to understand SQL requests for creating more coherent policies.
Packed with reports and charts grouped by categories such as Compliance (PCI, HIPAA, etc.), Activities, etc.
Of the tools I have tested and operate, Oracle AVDF is undoubtedly the best. And yes, it is paid.
I recommend reading the data sheet.
Visit our Blog
Learn more about databases
Learn about monitoring with advanced tools
Have questions about our services? Visit our FAQ
Want to see how we’ve helped other companies? Check out what our clients say in these testimonials!
Discover the History of HTI Tecnologia
