The performance of Oracle Audit Vault could be improved, especially in handling large data collections and generating reports on time. Additionally, the efficiency of queries for retrieving information from the database needs improvement, particularly in large-scale environments.
Pre-sales Converter at a marketing services firm with 11-50 employees
Real User
Top 20
2023-08-03T13:03:00Z
Aug 3, 2023
I believe that we can always customize according to our needs. More custom reports, some confidential options, and sorting reports are some of the features which can be enhanced. Some issues pop up when we limit our operating system's assessment. However, all the customization and tweaking might be a bit of a challenge when trying to integrate the solution. They should simplify the integration and work with different vendors and mechanisms.
Database Administrator at a financial services firm with 1,001-5,000 employees
Real User
2022-10-11T11:52:21Z
Oct 11, 2022
I hear from many people that say IBM Guardian is better than Oracle Audit Vault when it comes to performance. IBM Guardian works transparently in the database, but Oracle Audit Vault consumes some ratios on the server. The configuration for the solution can be complicated as well.
Currently, you need two servers: one for Audit Vault and one for the firewall. If they can combine them into one server, it will be great because it is costly to have two servers. It will also make its installation easier. I have heard that in the new version, there will be only one server for both. I use it only for security purposes, and they can continue to improve it with more security tools and features. It should be powerful like FortiGate. When it becomes powerful like FortiGate, people will only go for this solution for their infrastructure. Their support could be faster.
There are features available in Imperva that are not included in Oracle Audit Vault. It would be helpful to have more features added. Stability could be improved, we have had some challenges
Director (Core Technology Services) and Partner at Nexim Solutions
Real User
2019-07-04T10:21:00Z
Jul 4, 2019
We would like to see the ability to administer and manage the solution through Enterprise Manager 13c, and development of the dashboards that are generally missing. The system needs to be easy to manage, especially in terms of space management. There is little to no technical references and use cases pointing to the resolution of technical challenges during implementation. Better documentation would be helpful.
One feature that was missing when we tried to update was the network activity analyzer. We found a request going through the database file before reaching the database. We don't have a database file in the middle. If it's possible to have that database file to analyze what's going on inside the network, it would be better. Some of our customers were asking about the latency. When the application wants to get to the database, the database file is going to give some latency in operations. The additional features we need are to be able to have the database firewall to scan the network to get the information from the database. I also want the database firewall to be able to block services with more granularity.
Solution Architect at a tech services company with 51-200 employees
Real User
2019-06-05T09:07:00Z
Jun 5, 2019
Right now, the ownership of the database is automatically given to the database administrator. I would like to have a software solution, separate from the Oracle product itself, to assign ownership of the database to a specific team, being our security team, rather than the default owner. One feature that is missing is the ability to have a secret server that is always encrypted. I would like to see this in the next release of this solution.
The reporting is an area of the solution that needs to be improved. Customized reporting is something that we are struggling with, and it is quite tough for us. Every time we need to prepare a custom report, we have to involve the vendor. This is unlike other solutions where the reports are easy to customize. Another problem with reporting emerges on the topic of compliance and certain international standards. The standard set of reports do not provide sufficient details for the PCS and ISO standards. It is important to have better integration with most of the tools to manage unstructured data or SIM solutions. If we change vendors for our SIM then we want to have the best possible support.
Director (Core Technology Services) and Partner at Nexim Solutions
Real User
2019-06-02T09:20:00Z
Jun 2, 2019
One of the biggest challenges that we are facing is the inability to use more than one account for the platform, so the whole organization cannot make their own compliance audits at their own pace. I think that's one feature that really is giving us a bit of a problem. That is one of our biggest challenges. The fact that it doesn't audit the network is also quite a downfall for the product. Maybe it should be improved to allow one to log on to network devices and do audits to check compliance at that level. Finally, the ability to integrate with well-known applications like SAP, Microsoft, and common ERP would be helpful. If it included templates that are used for audits that can be used in those platforms and checking compliance, that would be really helpful, because half the time there isn't enough documentation to help someone check the compliances of specific applications. The second bit is the ability to audit middleware, like application servers and spatial and detection platforms. That is quite lacking in this product.
Information Technology and Services Professional at Independent
Real User
2019-06-02T09:20:00Z
Jun 2, 2019
This kind of solution should supply more analytical data for the traffic that comes in. I think that that side is not as strong as some other products. However, it is stronger in other areas and superior in some ways for security. The Oracle product monitors the database and not the operating system as well which is an area that can use improvement.
Cloud Expert | DevOps | Oracle Consultant at confidential
Consultant
2018-12-06T21:21:00Z
Dec 6, 2018
Different things should be improved: * The migration from an old version to a newer version is not that easy * Database grouping also should be improved, and * The reporting.
Oracle Audit Vault monitors Oracle and non-Oracle database traffic to detect and block threats, as well as improves compliance reporting by consolidating audit data from databases, operating systems, directories, and other sources.
The performance of Oracle Audit Vault could be improved, especially in handling large data collections and generating reports on time. Additionally, the efficiency of queries for retrieving information from the database needs improvement, particularly in large-scale environments.
I believe that we can always customize according to our needs. More custom reports, some confidential options, and sorting reports are some of the features which can be enhanced. Some issues pop up when we limit our operating system's assessment. However, all the customization and tweaking might be a bit of a challenge when trying to integrate the solution. They should simplify the integration and work with different vendors and mechanisms.
The support could improve.
I hear from many people that say IBM Guardian is better than Oracle Audit Vault when it comes to performance. IBM Guardian works transparently in the database, but Oracle Audit Vault consumes some ratios on the server. The configuration for the solution can be complicated as well.
Currently, you need two servers: one for Audit Vault and one for the firewall. If they can combine them into one server, it will be great because it is costly to have two servers. It will also make its installation easier. I have heard that in the new version, there will be only one server for both. I use it only for security purposes, and they can continue to improve it with more security tools and features. It should be powerful like FortiGate. When it becomes powerful like FortiGate, people will only go for this solution for their infrastructure. Their support could be faster.
There are features available in Imperva that are not included in Oracle Audit Vault. It would be helpful to have more features added. Stability could be improved, we have had some challenges
We would like to see the ability to administer and manage the solution through Enterprise Manager 13c, and development of the dashboards that are generally missing. The system needs to be easy to manage, especially in terms of space management. There is little to no technical references and use cases pointing to the resolution of technical challenges during implementation. Better documentation would be helpful.
One feature that was missing when we tried to update was the network activity analyzer. We found a request going through the database file before reaching the database. We don't have a database file in the middle. If it's possible to have that database file to analyze what's going on inside the network, it would be better. Some of our customers were asking about the latency. When the application wants to get to the database, the database file is going to give some latency in operations. The additional features we need are to be able to have the database firewall to scan the network to get the information from the database. I also want the database firewall to be able to block services with more granularity.
Right now, the ownership of the database is automatically given to the database administrator. I would like to have a software solution, separate from the Oracle product itself, to assign ownership of the database to a specific team, being our security team, rather than the default owner. One feature that is missing is the ability to have a secret server that is always encrypted. I would like to see this in the next release of this solution.
The reporting is an area of the solution that needs to be improved. Customized reporting is something that we are struggling with, and it is quite tough for us. Every time we need to prepare a custom report, we have to involve the vendor. This is unlike other solutions where the reports are easy to customize. Another problem with reporting emerges on the topic of compliance and certain international standards. The standard set of reports do not provide sufficient details for the PCS and ISO standards. It is important to have better integration with most of the tools to manage unstructured data or SIM solutions. If we change vendors for our SIM then we want to have the best possible support.
One of the biggest challenges that we are facing is the inability to use more than one account for the platform, so the whole organization cannot make their own compliance audits at their own pace. I think that's one feature that really is giving us a bit of a problem. That is one of our biggest challenges. The fact that it doesn't audit the network is also quite a downfall for the product. Maybe it should be improved to allow one to log on to network devices and do audits to check compliance at that level. Finally, the ability to integrate with well-known applications like SAP, Microsoft, and common ERP would be helpful. If it included templates that are used for audits that can be used in those platforms and checking compliance, that would be really helpful, because half the time there isn't enough documentation to help someone check the compliances of specific applications. The second bit is the ability to audit middleware, like application servers and spatial and detection platforms. That is quite lacking in this product.
This kind of solution should supply more analytical data for the traffic that comes in. I think that that side is not as strong as some other products. However, it is stronger in other areas and superior in some ways for security. The Oracle product monitors the database and not the operating system as well which is an area that can use improvement.
Different things should be improved: * The migration from an old version to a newer version is not that easy * Database grouping also should be improved, and * The reporting.