LogLogic Database Security Manager
Database Access Monitoring for your Enterprise
- Do you have the following problems in your enterprise?
- Are audit logs are slowing down your database?
- Do you have limited visibility into what's happening to your critical databases?
- Your current database access monitoring solution not living up to expectations?
- Are your database security updates too problematic to install?
Protect sensitive information in your databases through monitoring and real-time blocking without impacting performance.
Benefits:
- Gain full visibility into all user activity
- Identify abnormal or undesirable behavior in real-time
- Automatically block or quarantine suspicious users or transactions
- Avoid the performance problems of native database auditing functions
- Meet compliance mandates of PCI, Sarbanes-Oxley, HIPAA and others
- Delivered as an easy-to-install and deploy database security appliance
Features:
- Customized policies or out-of-the box rules to protect against SQL injection, buffer overflow, privilege escalation attacks and more
- Out-of-the-box compliance reports and alerts for PCI, SOX and others
- Real-time reporting and alerting
- Full integration with LogLogic Open Log Management platform for reporting, archival and forensic analysis
- Full integration with LogLogic Security Event Manager for contextual analysis, reporting, archival and forensic analysis
- Virtual patching to protect against recent exploits without downtime or modifying DBMS kernel
External Articles:
- Database Security Takes Proper Planning, eWeek.
- Database Security Strategies Need to Grow Up, SearchOracle.
By using Database Security Manager to ‘get’ a more complete view of your IT systems, you can better enforce security policies and comply with regulatory requirements, such as PCI, HIPAA and FISMA. Database Security Manager has two main focal points: it provides enhanced database security and greater insight into user activity.
Security is enhanced by the use of a vulnerability scanner that checks your multiple databases against a live-list of known attacks, configuration errors, and software flaws. When known flaws are detected, we offer the ability to virtually patch your database without having to undergo the painful task of taking your corporate data-store offline for hours.
Controlling the applications and users that access your data is just as important, if not more so than perimeter security. With Database Security Manager you can monitor and stop all data access or edits, based on policy, regardless of whether it’s from an internal threat, a rogue application, or an unwelcomed outsider.
Like everything in our 360 Insight architecture, we excel when it comes to scale.
To increase the efficiency of your IT department, and to make the cost of ownership of Database Security Manager significantly lower than our competition, we’ve included features that:
- automatically discover databases on your networks
- locates and identifies tables containing restricted information such as passwords, credit card details, and PII
- reports on the current version, patch level, and known vulnerabilities for each system, including evaluation against the CIS benchmark hardening standard
- performs checks of operating system configurations
- checks password vulnerabilities, including password strength, use of shared accounts/passwords, and embedded passwords within applications
- detects changed database objects
- and alerts on modifications to privileges and user tables.
We do all this for the traditional deployments, and your VMware deployments. We pass all this knowledge to our IT data warehouse, when it is indexed, normalized, enriched, and made available to all our analytic engines for security, compliance, or IT operational reasons.
Our virtual patching technology significantly reduces the risk of database intrusion and data theft, and offers real-time data protection against exploits of known vulnerabilities, such as SQL injection and buffer overflow attacks.
Our agent also gives us the ability to record the values of critical data before and after a user modified them. Additionally, according to policy, we can actually stop the modification if we suspect something is wrong.
We ship Database Security Manager as either a fully hardened Linux appliance (DSM1020), or as software that works on Windows or Linux (DSM Server). This choice gives you the option of rapid-installation, plug- and-play convenience, or the flexibility of your default operating system on hardware from your standard supplier. Additionally, DSM includes a software agent that is specific to your database flavor.
Whether you choose the DS1020, or the DSM Server software bundle, at their core, they’re both the same.
