"Guardium’s database security may contain the most powerful compliance regulations tools that the Test Center has ever seen."
CRN Lab Review Examines Need for Multi-Layered Security Including Real-Time Database Security & Monitoring.
In its January 12th cover story, CRNtech magazine focuses on “Network Security Against Today’s Threats.” The article describes new and emerging threats, and includes a lab review of Guardium 7. Here are some extracts from the article, which was written by Technical Editor Samara Lynn, an IT veteran and former IT Director at a major New York care facility:
“Network intrusions. Database attacks. More sophisticated spam and phishing attempts. Not every growing or emerging security threat to an enterprise makes the headlines. But they are out there and they are evolving—growing stronger and altering methods just enough to target what cracks remain in an IT infrastructure.”
“The CRN Test Center has spent the past several months analyzing more routine, but nonetheless dangerous, network threats through our own security test bed, or honeynet. The attacks come from places like China, or even the Midwest U.S. At times, there was almost nonstop 24x7 port scanning by nameless, faceless would-be network raiders looking for an entryway into our data center.”
“SQL server attacks abounded last year, evidenced in the Test Center’s threat reports of 2008. A relentless amount of SQL hacking attempts were logged as well. Compromised databases accounted for many of the big computer security breach news stories in 2008. This is why a lot of companies are turning to database security solutions like Guardium.”
- “Guardium’s database security and management appliance protects against inside and external threats.”
- “Guardium’s solution prevents database compromise by offering real-time monitoring and alerting, including the monitoring of privileged user accounts such as those of database administrators.”
- “A Web management console offers ease in configuring granular security policies. Whenever policy violations occur, Guardium offers a high level of alerting and remediation: In the event of a detected attack or data compromise, the device will provide detailed monitoring of attacks—from which IP, what was targeted, which tables were accessed and which application was involved.”
- “Guardium employs a sophisticated level of vulnerability assessment. This, along with database analytics and forensics, provides detailed information on what or whom is threatening or trying to threaten data.”
- “There is also the ability to prevent unauthorized access to sensitive data.”
- “The device also guards at the “back door.” The S-TAP resides on the database server itself, so the back door is monitored, including connections via named pipes or shared memory. Installation of the S-TAP is easy and quick. Even better, the S-TAP service is self-auditing and self-monitoring; an alert will be sent if an uninstall of the service is attempted.”
- “Another impressive feature is the lack of overhead with database performance. Logging and monitoring are all done on the appliance. This result uses way less overhead than using native database monitoring.”
“Forecasts predict no end in sight with regard to the amount of cybercrime that will be unleashed in 2009. Even with thinning budgets and lots of belt tightening, IT departments will be forced to invest in security technologies to keep that most precious of assets—data—safe.”
Read more: http://www.crn.com/security/212701657