Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Database access tracking from Imperva.

Imperva : 10 May, 2007  (New Product)
Network based database access tracking mechanism provides full visibility along with the automation of frequently used maintenance tasks.
Imperva has announced the SecureSphere Universal Visibility Architecture (UVA) which monitors all database activity regardless of the method used to access the database. SecureSphere is the first network-based database security and compliance product capable of providing full visibility into local events initiated by privileged users and automated maintenance tasks using IPC (Inter Process Communication) mechanisms. Imperva tracks all avenues in and out of a database, including direct access to the host, without requiring any changes to scripts or work processes.

To secure sensitive business data and document controls for regulatory compliance, organisations must be able to monitor, audit, and control database access by authorised and privileged users, as well as programs running batch operations or stored procedures. SecureSphere addresses these requirements by providing comprehensive visibility into all database communications mechanisms, eliminating the ability of privileged users to modify audit settings, without impacting application performance.

SecureSphere provides unmatched coverage and policy enforcement across all major database access methods. To ensure that users cannot circumvent the usage auditing and control mechanisms, SecureSphere inspects and tracks in real-time all database communication mechanisms, including:.

* Web and networked applications. SecureSphere can link transactions to responsible users even when the database is accessed using pooled login connections.
* Remote access, including encrypted traffic, over the network (e.g. telnet sessions).
* 'Coded' access using stored procedures, prepared statements, and batch operations that run with super user privileges.
* Local access, including the ability to inspect IPC mechanisms such as Bequeath for Oracle, which is commonly used by database administrators and automated maintenance scripts.

In addition, SecureSphere performs deep inspection and validation of database protocols to ensure all activity, including attempts to bypass database protocol rules, is monitored and audited.

"To be reliable, especially for compliance purposes, database monitoring must cover 100 percent of the access mechanisms used by an organisation," said Amichai Shulman, CTO of Imperva. "Until now, tracking local database activity from a network appliance has required that IT departments implement database access work arounds. With SecureSphere organisations can centrally audit all database activity without any modifications to their infrastructure."

To ensure privileged users can not tamper with, shut down, or circumvent monitoring and auditing, SecureSphere appliances are isolated from the data management infrastructure and operate independent of DBAs. Unlike host-based solutions which typically add between 30% and 50% of processing overhead on monitored systems, SecureSphere does not reduce the performance of production systems.

The SecureSphere agent with IPC support is available immediately from Imperva and its business partners worldwide. It is currently available at no cost to SecureSphere customers as part of their maintenance agreement.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo