Database Security Suite Makes Tracking More Granular

By Lisa Vaas  |  Posted 2004-07-27

Database Security Suite Makes Tracking More Granular

Guardium Inc., a maker of relational database security software, is putting new assessment, access policy control, auditing and regulatory compliance applications into an update, the company plans to announce Monday.

SQL Guard Security Suite is designed to offer real-time, continuous protection of databases. The three new applications are SQL HealthGuard, SQL PolicyGuard and SQL AuditGuard.

The SQL HealthGuard module offers metrics, methodologies and visual tools via two capabilities: Security Health Assessment and Client Server Access Map.

The first monitors, measures and reports on database security using what the company describes as a graphical security health report card in a dashboard view that can double as a portal for status reports.

Database health is gauged by comparison with prebuilt security attributes that can be customized with user-created metrics. Results are displayed in actionable, real-time and historical graphs.

The Client Server Access Map capability tracks client-server interaction and draws a graphical representation of such interactions. The maps components include Database Server, Application Server and Network connection and can be clicked on for high-level or drill-down analysis.

The SQL PolicyGuard module has auto-baselining and real-time, policy-based access control capabilities. These are used to develop database access rules and to enable database access control. The auto-baselining capability automatically correlates database access data to create access baselines or rules. Users can set real-time, policy-based alerts using their own access rules, a particular baseline or SQL Guards preconfigured best practices.

The SQL AuditGuard module monitors database access and is designed to streamline auditing and regulatory compliance reporting by eliminating the need to slog through database logs. Such a capability should help enterprises track compliance with regulations such as Sarbanes-Oxley, GLBA, HIPAA or SB 1386, for example.

Just because security is being legislated vigorously doesnt mean enterprises are secure. Click here to read more insights from the Business4Site conference.

Noel Yuhanna, an analyst with Forrester Research Inc., in Santa Clara, Calif., said Guardium is doing a good job expanding its platform in order to offer the tracking granularity required by such regulations.

"Theyre expanding to provide an integrated solution for more secure environments to do auditing of the entire environment," he said. "This definitely helps in Sarbanes-Oxley requirements, where you need to know who accessed what data, when it was changed and by whom. It gives you a granular analysis of such data access."

The updates previous iteration is being used by the director of network services at a major New England media firm who requested that his name and company name be withheld. He said that from the network security perspective, Guardiums platform is a blessing, since it provides checks and balances between the DBAs (database administrators) who are primarily responsible for enforcement of database security and the network administrators who guard the perimeter of an enterprise.

"What Guardium does, it divorces two entities," he said. "It ensures that one entity will do what it says its doing. As an example: Out of the box, you dont use the default, vendor-provided password. You can say, Hey, DBA, did you change that? They could say yes or no. But … you can monitor that from the network perspective; you can ensure what he or she said is being performed and done."

Thats essential for any company that falls under the rules of Sarbanes-Oxley, the network services director pointed out, since the regulation stipulates that an enterprise provide such checks and balances.

Next Page: Fortune 500 companies are awaiting security solutions from big-name vendors.

Awaiting Big Names

As good as Guardiums platform sounds, Forresters Yuhanna pointed out that large, Fortune 500 companies are waiting for good database security solutions—particularly encryption—from vendors larger than one of the small companies in this space, such as Guardium, Application Security Inc. and Protegrity Inc.

Click here to read about ways to secure your database.

Large enterprises have been waiting for the bigger companies, such as Computer Associates Inc., BMC Software Inc. or Quest Software Inc., to step forward with encryption, as well as more integrated, robust security tools around assessment, Yuhanna said.

The network services director countered any potential fear of implementing tools from a smaller firm such as Waltham, Mass.-based Guardium by relying on due diligence when checking into the company, he said.

"Since the dot-com era, everybodys concerned about startups, when they can be profitable and whatnot," he said. "Your due diligence is to look at the company, its team, its financial plans, its burn rate, its future and so forth. …

"In this case, Guardiums a small startup company, but what I think they have is a unique technology out there that is solving a problem that is going to proliferate, and a lot of DBAs and security people will have to look at and audit another information medium from a network perspective. And SQL or database security."

As far as the products new features go, they sound good to the network services director, who already has the software in-house and is planning to upgrade soon. For one, he said auto-baselining will help give him a visual look at how databases are being used and by what sources and applications. Based on that, he predicted hell have a working template to start enforcing security policies.

For insights on security coverage around the Web, check out Security Center Editor Larry Seltzers Weblog.

He also said he likes the thought of the auditing enhancements. "[That module] addresses many things, including auditors, as to what if this plus this plus this happens, retrieval of one cell plus another plus another could equal that [being] a violation of Sarbanes-Oxley—flag it," he said.

The SQL Guard platform has three components: the new SQL Guard Security Suite software; hardened system software; and a rack-mountable appliance with reporting applications. It supports databases from IBM, Oracle Corp., Microsoft Corp. and Sybase Inc.

SQL Guard Security Suite will be available next week with a list price of $2,995 per module. The SQL Guard platform starts at $12,995.

Check out eWEEK.coms Database Center at for the latest database news, reviews and analysis.

Be sure to add our database news feed to your RSS newsreader or My Yahoo page

Rocket Fuel