Data Base Activity Monitor

 

OVERVIEW

 

SecureSphere Database Activity Monitor helps you efficiently demonstrate database compliance through automated processes, audit analysis, and customizable reports across heterogeneous database platforms. In addition, SecureSphere accelerates incident response and forensic investigation with centralized management and advanced analytics. Database Activity Monitor helps you pass your database audits and avoid hefty non-compliance fines.

 

SPECIFICATIONS

 

Database Activity Monitoring Specifications

SPECIFICATION DESCRIPTION
Supported Database Platforms
  • Oracle
  • Oracle Exadata
  • Microsoft SQL Server
  • IBM DB2 (on LUW, z/OS and >DB2/400)
  • IBM IMS on z/OS
  • IBM Informix
  • IBM Netezza
  • SAP Sybase
  • Teradata
  • Oracle MySQL
  • PostgreSQL
  • Progress OpenEdge
Deployment Modes
  • Network: Non-inline sniffer, transparent bridge
  • Host: Light-weight agents (local or global mode)
  • Agentless collection of 3rd party database audit logs
Performance Overhead
  • Network monitoring – Zero impact on monitored servers
  • Agent based monitoring – 1-3% CPU resources
Centralized Management
  • Web User Interface (HTTP/HTTPS)
  • Command Line Interface (SSH/Console)
Centralized Administration
  • MX Server for centralized management
  • Integrated management option
  • Hierarchical management
Database Audit Details
  • SQL operation (raw or parsed)
  • SQL response (raw or parsed)
  • Database, Schema and Object
  • User name
  • Timestamp
  • Source IP, OS, application
  • Parameters used
  • Stored Procedures
Privileged Activities
  • All privileged activity, DDL and DCL
  • Schema Changes (CREATE, DROP, ALTER)
  • Creation, modification of accounts, roles and privileges (GRANT, REVOKE)
Access to Sensitive Data
  • Successful and Failed SELECTs
  • All data changes
Security Exceptions
  • Failed Logins, Connection Errors, SQL errors
Data Modification
  • INSERTs, UPDATEs, DELETEs (DML activity)
Stored Procedures
  • Creation, Modification, Execution
Triggers
  • Creation and Modification
Tamper-Proof Audit Trail
  • Audit trail stored in a tamper-proof repository
  • Optional encryption or digitally signing of audit data
  • Role based access controls to view audit data (read-only)
  • Real-time visibility of audit data
Fraud Identification
  • Unauthorized activity on sensitive data
  • Abnormal activity hours and source
  • Unexpected user activity
Data Leak Identification
  • Requests for classified data
  • Unauthorized/abnormal data extraction
Database Security
  • Dynamic Profile (White List security)
  • Protocol Validation (SQL and protocol validation)
  • Real-time alerts
Platform Security
  • Operating system intrusion signatures
  • Known and zero-day worm security
Network Security
  • Stateful firewall
  • DoS prevention
Policy Updates
  • Regular Application Defense Center security and compliance updates
Real-Time Event Management and Report distribution
  • SNMP
  • Syslog
  • Email
  • Incident management ticketing integration
  • Custom followed action
  • SecureSphere task workflow
  • Integrated graphical reporting
  • Real-time dashboard
Server Discovery
  • Automated discovery of database servers
Data Discovery and Classification
  • Database servers
  • Financial Information
  • Credit Card Numbers
  • System and Application Credentials
  • Personal Identification Information
  • Custom data types
User Rights Management (add-on option)
  • Audit user rights over database objects
  • Validate excessive rights over sensitive data
  • Identify dormant accounts
  • Track changes to user rights
Vulnerability Assessment
  • Operating System vulnerabilities
  • Database vulnerabilities
  • Configuration flaws
  • Risk scoring and mitigation steps

 

 

Key Capabilities

STREAMLINE DATABASE COMPLIANCE

You will be able to free up IT resources and budget when you automate labor intensive database compliance activities with SecureSphere Database Activity Monitor. The savings start with SecureSphere deployment, which will take just weeks compared to months with similar solutions. Our centralized configuration and management will also make it easy for you to scale as users, applications, and databases are added. Predefined policies and reports enable you to efficiently maintain and demonstrate compliance.

REDUCE HIDDEN INFRASTRUCTURE COSTS

With SecureSphere, you will be able to dramatically reduce the hidden hardware and software costs associated with competing products and built-in database auditing tools. Those solutions significantly impact database server performance, forcing organizations to purchase additional database servers and software licenses to compensate. SecureSphere data collection, processing, and storage are all optimized to avoid those hidden costs.

MANAGE USER ACCESS

You can lower the risk of data breaches and demonstrate compliance with SOX 302 and 404, PCI 7 and 8.5, and other regulations with SecureSphere Database Activity Monitor. The User Rights Management for Databases add-on automatically identifies excessive rights and dormant accounts based on organizational context, object sensitivity, and actual usage.

REDUCE NON-COMPLIANCE RISK BY SEEING ALL TRAFFIC

Confidently identify and document non-compliant behavior with SecureSphere, knowing you have the all the facts. Even with a high volume of database traffic, SecureSphere operates like a video camera, seeing all relevant activity in real-time. Products that take periodic samples create something more like a snapshot than a video, resulting in compliance gaps.

FIND AND MANAGE DATABASE RISK

Malicious insiders and hackers can easily steal data by exploiting unpatched systems, accessing accounts with default passwords, and leveraging administrative rights. SecureSphere helps you prioritize and remediate vulnerabilities with assessments for database platforms and configurations. The assessments are kept up-to-date with the latest research from the Imperva Application Defense Center (ADC).

ADAPT TO IT CONSTRAINTS

With SecureSphere, you don’t have to worry about agent vs. network deployment choices. Most database audit solutions force businesses to choose between the two. However, IT environments often have network or database server constraints that require both options. SecureSphere offers non-intrusive network monitoring appliances, lightweight SecureSphere agents, or a hybrid mix of the two.