Guardium Slams "Back Door" to Sensitive Data with Universal Local-Access Monitoring for Privileged Users.First Solution to Monitor All Local-Access Connections Without Performance Overhead and Security Risk of Native Logs WALTHAM, Mass. -- Guardium, the database security company, today unveiled Universal Local-Access Monitoring[TM], the first non-invasive solution for tracking privileged insider activity across all local-access connections such as DB2 shared memory, named pipes and Oracle Bequeath To dispose of Personal Property owned by a decedent at the time of death as a gift under the provisions of the decedent's will. The term bequeath applies only to personal property. (BEQ BEQ Branch If Equal BEQ Best Estimated Quantity BEQ Bachelor/Base Enlisted Quarters BEQ Basic Evaluative Question BEQ Binaural Equalizer ). These back-channel connections expose organizations to gaping security and compliance risks from rogue administrators, developers and outsourced personnel. As a result, auditors now require organizations to create independent controls around these connections to rapidly identify unauthorized or suspicious access to sensitive information. Until now, the only sure-proof way to monitor all local-access activity was to enable native database logging. This approach is impractical, however, because it requires database changes that affect the performance and stability of business-critical applications such as ERP (Enterprise Resource Planning) An integrated information system that serves all departments within an enterprise. Evolving out of the manufacturing industry, ERP implies the use of packaged software rather than proprietary software written by or for one customer. , CRM (Customer Relationship Management) An integrated information system that is used to plan, schedule and control the presales and postsales activities in an organization. , and credit card processing systems. It also fails auditors' requirements for separation of duties, because database logging is not controlled by IT security personnel and can easily be circumvented by database administrators (DBAs). Unlike traditional log-reading solutions, Guardium's Universal Local-Access Monitoring provides full visibility into all local connections - across all major RDBMS (Relational DataBase Management System) See relational database and DBMS. RDBMS - relational database and operating system platforms - without risk and performance tradeoffs. By creating a full audit trail of all privileged user activities, including local-access activities, it directly supports key data governance and privacy standards such as Sarbanes-Oxley (SOX) and the Payment Card Industry Data Security Standard (PCI DSS). "Guardium's new Universal Local-Access Monitoring solves a very real problem for IT security personnel who are responsible for monitoring privileged users and ensuring the privacy and integrity of corporate data," said Jon Oltsik, senior analyst, Enterprise Strategy Group (ESG ESG Enterprise Strategy Group (Veritas) ESG Emergency Shelter Grant (Florida, USA) ESG Expeditionary Strike Group ESG Electronic Service Guide (used in DVB) ). "The combination of all-inclusive network and local-access monitoring provides an advanced level of oversight and control that helps enterprises both enforce policies and demonstrate compliance." By monitoring all database activity at the network layer and on the database server itself, Guardium's solution prevents information leakage at the source as well as unauthorized changes to critical databases. In addition, Guardium's real-time monitoring technology empowers IT security organizations to thwart unauthorized or suspicious access to critical databases immediately, based on proactive policies and continuous comparisons to normal patterns of activity. "With Version 6.0, we've found a new and innovative way to continuously audit all database connection types in real-time - such as Oracle BEQ, DB2 and Informix shared memory, SQL Server named pipes and Sybase TLI (Transport Level Interface) A common interface for transport services (layer 4 of the OSI model). It provides a common language to a transport protocol and allows client/server applications to be used in different networking environments. - without impacting database performance or requiring database changes," said Ron Ben-Natan, Ph.D., Guardium CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. and author of "Implementing Database Security and Auditing" (Elsevier Press, 2005). "IT organizations now have a practical solution that can be easily implemented in real-world environments without compromising what can be audited." Universal Local-Access Monitoring is the third visionary solution built on Version 6.0 of Guardium's technology platform, the most widely-deployed solution for database activity monitoring, security and auditing. Version 6.0 represents a major leap forward for the industry, increasing protection and easing compliance burdens by monitoring and reporting all activity inside and outside enterprise databases. It further reduces costs and effort through a suite of automated applications for data mining, compliance reporting, escalations and forensics. Previously-announced solutions built on V6.0 include Database Leak Prevention (DBLP DBLP Digital Bibliography & Library Project DBLP DataBase systems and Logic Programming (now Digital Bibliography & Library Project) DBLP DocBook-Based Literate Programming DBLP Dibasic Lead Phosphite DBLP Dibasic Lead Phthalate ) and Change Control Solution for Databases. Creating a Secure and Verifiable Audit Trail - Without Impacting Performance Universal Local-Access Monitoring relies on an enhanced version of Guardium S-TAP[TM], the company's lightweight, host-based probe. To minimize performance impact on database servers, S-TAP relays a copy of all local traffic to a separate Guardium appliance for in-depth analysis, comparison to policies and automated reporting. The appliance stores audit information in a secure, centralized audit repository that can't be modified by privileged users, ensuring separation of duties and a verifiable audit trail. Application User Monitoring for SAP & Other V6.0 Enhancements In addition to Universal Local-Access Monitoring, V6.0 includes a series of other enhancements for application monitoring, incident tracking, activity monitoring of unstructured data , and enhanced integration with existing infrastructures: * Enhanced Application User Monitoring: Out-of-the-box support for monitoring end-users who access critical databases via enterprise applications such as SAP R/3 and Siebel, building on previous support for Oracle E-Business Suite A group of integrated Internet-based applications from Oracle. Introduced in 2001 as Version 11i, it includes modules for CRM, finance, human resources, supply chain management as well as applications for business intelligence. (EBS See Swiss Electronic Bourse. EBS See electronic blue sheet (EBS). ) and PeopleSoft. Guardium has also enhanced support for custom applications with new mechanisms for instrumenting Application Servers such as Oracle AS, IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries) WebSphere and BEA WebLogic. * Activity Monitoring for Unstructured Data: Guardium now provides a single solution for monitoring both structured and unstructured data, supporting real-time activity monitoring of all access to unstructured data located on network file servers, such as cardholder data in spreadsheets or corporate financial results in Microsoft[R] Word documents. * Integrated Incident Management (IIM IIM Indian Institute of Management (main Management Institutes of India) IIM Individual Indian Money (US Department of Interior) IIM Industrial Information Management ): Regulations such as SOX and PCI (1) (Payment Card Industry) See PCI DSS. (2) (Peripheral Component Interconnect) The most widely used I/O bus (peripheral bus). require that organizations show that all incidents are recorded, analyzed, resolved in a timely manner and reported to management. Guardium's new IIM application provides a business-user interface with workflow automation for rapidly tracking and resolving database security incidents. It simplifies incident management by allowing administrators to group a series of related policy violations into a single incident and assign them to specific individuals. This reduces the number of separate policy violations that oversight teams need to review. IIM also has a graphical dashboard for visually tracking key metrics such as number of open incidents, severity levels and length of time incidents have been open1. * External Data Connector: This new application allows administrators to easily integrate information from any external database into Guardium's data warehouse for incorporation in policies and reports. For example, security personnel can now extract English-language ticket descriptions from change management systems such as BMC (BMC Software, Inc., Houston, TX, www.bmc.com) A leading supplier of software that supports and improves the availability, performance, and recovery of applications in complex computing environments. Remedy and automatically incorporate this information into change-control reconciliation reports, easily comparing all detected changes with approved change requests. * Integration with EMC (1) (EMC Corporation, Hopkinton, MA, www.emc.com) The leading supplier of storage products for midrange computers and mainframes. Founded in 1979 by Richard J. Egan and Roger Marino, EMC has developed advanced storage and retrieval technologies for the world's largest companies. Centera and IBM Tivoli Storage Manager “ADSM” redirects here. For the stock exchange, see Abu Dhabi Securities Market. IBM Tivoli Storage Manager (ITSM) is a centralized policy-based data backup and recovery software. (TSM TSM Tivoli Storage Manager TSM Transportation System Management TSM Taiwan Semiconductor Manufacturing (stock symbol) TSM Taiwan Semiconductor Manufacturing Co. Ltd. ) for Archiving: A new archiving module allows administrators to back up and archive audit data directly to enterprise-class archiving systems (EMC Centera and IBM TSM). Administrators can now configure archiving parameters for Centera and TSM directly, from within Guardium's administrative interface. * IBM DB2 9 Support: The new release supports IBM's next-generation data server, adding to support for previous DB2 releases as well as the Informix RDBMS platform. Availability and Pricing Version 6.0 is currently shipping with support for Oracle, Microsoft SQL Server A relational DBMS from Microsoft that is a major component of the Windows Server System. It is Microsoft's high-end client/server database and is closely integrated with Microsoft Visual Studio and the Microsoft Office System. , IBM DB2 and Informix, and Sybase IQ and ASE (Adaptive Server Enterprise) A relational DBMS from Sybase that runs on Windows NT/2000, Linux and a variety of Unix platforms. ASE is a comprehensive and robust data management product with a long history dating back to the late 1980s. . Please contact Guardium for pricing. About Guardium's Technology Guardium's appliance-based system helps enterprises rapidly secure data and pass audits (SOX, PCI, and data privacy laws) by providing independent controls around critical data and systems, as well as automated alerting, reporting, escalation and oversight mechanisms. Guardium's real-time, SQL-aware system monitors all network traffic and performs a deep contextual analysis on all inbound database commands (DDL (1) (Data Description Language) A language used to define data and their relationships to other data. It is used to create the data structure in a database. Major database management systems (DBMSs) use a SQL data description language. , DML A 4GL programming language from Ross Enterprise, the ERP division of CDC Software, Atlanta, GA (www.rossinc.com). DML is the primary scripting and form definition language for its GEMBASE runtime engine. , DCL (1) (Digital Command Language) Digital's standard command language for the VMS operating system on its VAX series. (2) (Data Compression L ) and outbound database responses in order to identify unauthorized or suspicious transactions. In addition, lightweight software probes, installed on the database server itself, monitor local privileged user access (such as shared memory or terminal services connections) as well as changes to external database configuration files and environment variables. For enhanced visibility in Web application environments such as Oracle EBS, PeopleSoft, Siebel and SAP, in which application servers access databases via generic IDs, the Guardium solution performs a deterministic correlation to identify application users associated with specific database queries and activities. To simplify policy creation in complex environments, the system provides a dynamic self-learning mode that automatically suggests policies from a baseline of normal activity and an analysis of anomalous behaviors. Guardium's scalable, distributed, multi-tier architecture has been field-proven to support the most demanding database environments in Global 1000 organizations worldwide. About Guardium Guardium, the database security company, develops the most widely-used solution for database activity monitoring, security and auditing, with a blue-chip customer base that includes organizations in all major geographies and industries. Founded in 2002, Guardium was the first company to address the core data security gap by delivering a practical, appliance-based platform that both protects databases in real-time and automates the entire compliance auditing process. Guardium's investors include Cisco Systems and leading venture capital firms Name Location Founding date Managing Partners/Directors Specialty Capital managed 5AM Ventures Menlo Park, CA; Waltham, MA 2002 John Diekman, PhD (managing partner), Scott Rocklage, PhD (managing partner), Andrew Schwab (managing partner) life sciences $200M [1] . The company has partnerships with IBM, EMC, HP, Microsoft, Oracle and Sybase and is a member of IBM's prestigious Data Governance Council. 1 Guardium's solution also integrates with 3rd-party Security Incident Management (SIM) and Security Event Management (SEM) systems that correlate incidents across different types of systems such as firewalls, host-based IDS/IPS, server logs, and databases. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion