nsascale.blogg.se - Oracle capacity planning and sizing spreadsheets

#ORACLE CAPACITY PLANNING AND SIZING SPREADSHEETS MANUAL#
#ORACLE CAPACITY PLANNING AND SIZING SPREADSHEETS SERIES#

So, you need to be careful about how and which operational patterns you are blocking. False positives may lead to denial of service for legitimate user operations, thereby leading to dissatisfied customers and penalties if your service level agreements are violated due to the denial. In any kind of pattern detection there are bound to be some false positives ( the SQL pattern is not actually problematic but is declared as problematic by the tool) and false negatives (the SQL pattern is actually problematic but is not identified as problematic by the tool).If the DAM tool fails or is compromised, then there is no line of defense.

A comprehensive database security implementation would require some proactive measures as well. they act after the specified event takes place.

DAM tools are mostly reactive in nature i.e.

However, as specified in my previous article, relying solely on a single tool as both preventive as well as detective control is not a recommended strategy due to mainly the following reasons: So, some preventive abilities added to DAM tool, which is essentially a detective control, may be desirable. In addition, you may want to identify irregular / undesired operations quickly so as to prevent / control the damage. As specified above, the regulatory requirement focus is on accountability and non-repudiation. You should not confuse the features presented by these suits with the DAM requirements of regulations. Note that, with the exception of Oracle AVDF, most of the widely used tools are part of suits which is amalgamation of various detective, assessment and preventive features. Most of these tools support heterogeneous databases.

There are several DAM tools available in the market.

Facilitate reliable and efficient report generation for specific SQL events for specific target database.

Facilitate configuration of alerts for specific SQL events that will be fired near real time to the SQL event.

Efficiently analyze the collected audit and SQL transaction data.

Provide secure access means with facility for segregation of duty for accessing the audit data, reports and alerts.

Provide a centralized control for managing and analyzing the collected audit and transaction logs and report and alert generation.

Maintain the collected audit and SQL transaction details in tamperproof manner.

Monitor SQL transactions fired on the target databases independent of the database native auditing activity.

Collect audit records from target databases.

A standard DAM tool should have ability to: Solution to the challenges is using an appropriate Database Activity Monitoring (DAM) tool.

Multiple reports are required for audits.

Auditors demand proof that the audit records are maintained tamperproof.

Audit record maintenance and analysis for multiple databases is tedious.

Near real time analysis of audit records to detect issues not feasible due to large no.

#ORACLE CAPACITY PLANNING AND SIZING SPREADSHEETS MANUAL#

Apart from the effect on database performance efficiency, manual audit maintenance also poses the following challenges. Hence, it is highly impractical to enable native auditing for all such DML or data access operation monitoring requirements, as data access and DML operations are very frequent operations and hence auditing the same will put considerable additional load on the database, thereby reducing the efficiency of the database operations for business. However, auditing is an additional process activated on the database so will contribute to the load on the database. One can enable the logging of such activities by using database native auditing features. PCIDSS requires all card operations to be monitored and logged which technical translates to all data manipulation operations (DMLs - INSERT, UPDATE, DELETE) to be logged or data privacy requirements demand that all access to privacy data is to be monitored leading to monitoring all SELECTs on the privacy data. Monitoring of all sensitive and critical database operations is required by many regulators or compliances e.g. These requirements pertain to several practical challenges for the database administrators.

Integrity of digital evidence (Tamperproof audit maintenance).

Digital evidence (IT Act 2008 Rules 2011, Aadhar Act, RBI, ISO27001, SEBI, SWIFT, PCIDSS -Mandatory to provide digital evidence for sensitive financial transactions.

The compliance requirements for database monitoring applicable to Indian Financial Organizations can be summarized as follows: Database Activity Monitoring Compliance Requirements: The detective controls for database are also called Database Activity Monitoring (DAM) controls by many regulations/ compliances. The introductory first article can be checked from

#ORACLE CAPACITY PLANNING AND SIZING SPREADSHEETS SERIES#

This is the second article in my series on Database Security that talks about “Detective Controls”. Database Security Series Part 2 Detective Controls - Database Activity Monitoring (DAM)