Sentrigo, Inc. today announced their new solution for real-time database monitoring, auditing and breach prevention. Hedgehog, Sentrigo's new offering, is software based--no hardware required--and runs on the host, where it can get up close and personal, rather than at the network fringes. In addition, Hedgehog has a very small footprint. A sensor that is installed on the database itself monitors everything that is going on in the database by monitoring shared memory.
"Other host based solutions weren't successful since they tended to rely on redo logs and internal auditing capabilities of the database management systems, which required that full auditing be activated, slowing the database to a crawl," stated Rani Osnat, Sentrigo's Vice President of Marketing. He went on to say that from a security standpoint, it was too easy for an insider to turn auditing off. Sentrigo's solution does not rely on redo logs or internal auditing capabilities, and can't be removed or tampered with, without the software sending out an alert. The sensors monitor the database, including what packages are activating, what a view is based on, what triggers are accessing and network encrypted commands and queries, sending back information based on rules and policies that are determined in the server software.
The sensors are a key factor in why this solution is able to work in real-time. They don't consume a lot of CPU resources, so there's no significant impact on performance; in fact, Sentrigo guarantees the sensors will consume less than 5% of a single CPU.
Another great feature is the advanced rules-based engine, which provides the ability to specify rules for each database, right down to the object level, preventing false positive alerts. In addition, if an intrusion is detected, CISOs have the option of receiving an alert or having Hedgehog terminate the user session immediately.
DBAs will be excited by Hedgehog's Virtual Patching. Sentrigo's Red Team regularly updates the out-of-the-box rules, protecting the database immediately, with no downtime. Included in the updates are newly discovered but unpublished vulnerabilities, providing an added layer of defense during the lag time between discovery and release of a vendor patch.
Hedgehog comes in two versions. The Enterprise version is fully scalable, with vulnerability features and prevention capability. It is priced at $2000 per CPU, perpetual. Support and maintenance (software updates and phone support) is $300 per CPU per annum and real-time security updates (the Virtual patches mentioned earlier) are $300 per CPU per annum. Free security updates are available semi-annually.
Hedgehog Standard is free. It contains the same rules engine, the same monitoring and security features as the Enterprise Edition--it is just not as enterprise oriented.
Both Hedgehog Enterprise and Hedgehog Standard editions can be downloaded from Sentrigo's website.
The current release will only support Oracle--a Microsoft SQL Server version is planned for later this year, to be followed by other database platforms in 2008.
For additional information, visit www.sentrigo.com.