数据安全---数据监控和审计系统.pptVIP

* * Oracle employs the same codebase across all its platforms. Only a small percentage of the code (1%) is unique per platform. Disclaimer: Spatial is not available on OS390. IBM’s problems with multiple DB2 code lines are nicely described by Gartner: “Some Consequences of Multiple DB2s: 1) Poor database administration (DBA) leverage 2) Higher costs and entry barriers for ISVs 3) Confusion as to which DB2 can do what 4) Redundant feature development” * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * The first step toward information security is to formulate a security policy -- identify the key assets to secure, and which assets will be extended to whom. The role of the policy is to guide users in knowing what is allowed, and to guide administrators and managers in making choices about system configuration and use. This process will help you establish specific security goals and a plan to tackle them. Before you can manage security you have to have a way to measure how good it is. Your corporate security policy provides the acceptable baseline standards against which to measure compliance. Key Message: Information security is a business issue, not just a technology issue, and the reason organizations want to protect information is for sound business purposes. * * * * * * * * * * 审查-Sanitization * * 审查-Sanitization * * 审查-Sanitization * * * * * * * Oracle 系统与端口号 Oracle - Port: 这些端口号基本是固定的 * Oracle 系统与加密 Oracle 10g/11g 支持的加密: 加密算法的差异 * 安全与技术 安全与技术总是同时出现的: 现在的软件越来越复杂，安全也越做越大 Vendor Approaches Log Rhythm? (/) Qradar? (/) Prismmicrosystems? (/) Nitro Security (/) * * * * 关于数据库审计监控系统 /数据库防火墙的一点思考 目前市面上的数据库审计也不少了，但是一般多为旁路设备，要么就要在数据库主机的操作系统上安装Agent 当然，从数据库审计的方面考虑，现在都不是大的问题，但是：如何能直接禁止远程用户操作数据库呢？ 比如直接禁止远程对admin表的update或select 想了下，可能最好的方式还是串接到网络上 1、开启正常的数据库审计功能 2、开启“数据库防火墙”功能 在这个数据库防火墙上，只允许设置黑名单，如在黑名单可进行如下设置： a、禁止远程某个网段的select操作 b、禁止远程对admin表进行任何操作 c、禁止远程sa用户对数据库的操作 大体上这样子，几分钟时间写出来的，可能很不全…… 就现在的技术来说：