Database Monitoring Gateway Tracks Back to Web Users
June 5, 2006
Imperva Inc. today announced the release of SecureSphere Database Monitoring Gateway (DMG), a network appliance that sits outside the database server and monitors traffic that comes over the network onto the database. In addition, a light piece of software can sit on the database server to monitor DBAs and privileged users who work off the console, rather than coming in over the network. A centralized management server provides the ability to manage multiple gateways from a single location.
The SecureSphere Database Monitoring Gateway appliance answers three critical auditing questions--who is accountable, what are the material exceptions and is all activity logged.
Who is accountable is a big issue that has become even more important with the need to satisfy SOX. Auditors want to know who was responsible for a fraudulent transaction, not which application was used. Traditional database monitoring products only know which application authenticated to the database, but not the end user who authenticated to the application. SecureSphere's Universal User Tracking tracks users across web/database tiers, connecting a transaction back to the web user that was logged into the web application, without requiring a change to either the application or the database.
The second key issue is the ability to find material exceptions (violations of security policy). Audit logs generate mountains of data and most vendors doing audit logging provide minimal or no assistance, since they cannot differentiate between a standard transaction and a transaction that might be a material variance. DMG builds a profile of every database users' usage of that database, down to the queries on tables, the time of day and which application they came from. This profile defines typical usage or policy, and is used by SecureSphere to identify variances in real-time.
The final question of burning importance to auditors is "Are all activities logged and can you trust the monitoring system?" Certain types of database logging and auditing capabilities that is built into databases allow privileged users to control the auditing system. Auditors want a separation of duties, which DMG satisfies since it operates independent of the database server and captures activity before it even reaches the database. In addition, SecureSphere is not vulnerable to database software flaws that can be used to evade audit mechanisms.
The SecureSphere Database Monitoring Gateway will be available on June 19. The pricing starts at $35,000 USD for an appliance and a license to monitor an unlimited number of databases. Four of the major database vendors are supported--Oracle, MS-SQL, Sybase, and DB2 (including the mainframe).
Founded in 2002, Imperva has headquarters in Foster City, California and Ramat-Gan Israel. Co-founder and CEO, Shlomo Kramer was selected by Network World magazine as one of 20 luminaries who changed the network industry. Prior to founding Imperva in 2002, Mr. Kramer was a co-founder of Check Point Software Technologies Ltd.