Guardium, IPlocks Guard Against Database SQL Exploits

By Brian Fonseca  |  Posted 2005-05-23 Print this article Print

Guardium, IPlocks tools help thwart intrusions.

Guardium Inc. and IPlocks Inc. are giving customers greater control over database SQL activity to better safeguard their data repositories from unrestricted access, tampering and theft of confidential information.

Last week, Guardium launched SQL RemoteGuard, a software probe that provides continuous monitoring and auditing of remote database access activity. Designed to pick up on any intrusive SQL traffic actions at the port, database or operating system level, the network-based SQL RemoteGuard is an extension of Guardiums SQL Guard appliance, which sits at the heart of the data center, said officials at Guardium, in Waltham, Mass.

Information directed to the SQL Guard host includes what commands are being sent, what objects have been touched, and when a session begins and ends.

SQL RemoteGuard is available as an option for the SQL Guard platform and costs $7,995 for unlimited licenses to the platform.

Phillip Murray, departmental systems administrator for the Las Vegas-based Clark County Department of Aviation, decided to test SQL RemoteGuard on Microsoft Corp.s Microsoft SQL Server and an Oracle database on Red Hat Inc.s Red Hat Enterprise Linux platform after uncovering some suspicious airport database activity. Incidents included an internal hacker found using Microsoft Access ODBC to connect to a legacy application and a worm attack on the organization that was halted but led to a system shutdown.

"Had this last attack on our physical security system been successful, it wouldve had a really dire impact on the airport," said Murray. "Besides our remote disaster recovery center, we have outlying airports, and it looks like they may at some time house their own database possibly, so [RemoteGuard] would be a good solution for that."

Click here to read more about database security challenges. For its part, IPlocks last week unveiled its new Information Risk Management Platform 5.0, featuring the ability to capture user behavior SQL statements, as well as support for a new command-line interface, which enables customers to batch and schedule assessments during nonbusiness hours.

The product also features full platform monitoring support for Teradata databases and data warehouses, said Adrian Lane, chief technology officer of IPlocks, based in San Jose, Calif.

Check out eWEEK.coms for the latest database news, reviews and analysis.
Brian Fonseca is a senior writer at eWEEK who covers database, data management and storage management software, as well as storage hardware. He works out of eWEEK's Woburn, Mass., office. Prior to joining eWEEK, Brian spent four years at InfoWorld as the publication's security reporter. He also covered services, and systems management. Before becoming an IT journalist, Brian worked as a beat reporter for The Herald News in Fall River, Mass., and cut his teeth in the news business as a sports and news producer for Channel 12-WPRI/Fox 64-WNAC in Providence, RI. Brian holds a B.A. in Communications from the University of Massachusetts Amherst.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel