Crossroads, Symantec Lock the Database Box

A new database security gadget that allows for proactive hack blocking has hit the market, with Crossroads Systems announcing its StrongBox SecurDB. Meanwhile, Symantec is working on its own database security box.

A new database security gadget that allows for proactive hack blocking has hit the market, with Crossroads Systems announcing its StrongBox SecurDB on Feb. 13.

With database breaches topping 100 in 2005 and the number of individuals affected reaching into the hundreds of millions, the time of the database security appliance is upon us.

Crossroads new offering joins database security appliances already out from Tizor and Imperva, and it will be joined at in the future by another database appliance currently being worked on by Symantecs Advanced Concepts group.

Crossroads SecurDB is a non-intrusive network appliance that features an intelligent policy engine, automated auditing reporting and forensic capabilities.

The box is designed to stop internal as well as external threats, stopping "authorized misuse" by intentional or unintentional data misuse by those users who have proper credentials.

SecurDBs SQL Policy Inspection Engine is a proactive monitoring feature that provides real-time and continuous monitoring of the database without adding latency.

It also supports customizable rules to manage real-time policy-based access and control, denying invalid behavior and sending out alerts when it encounters such activity.

The gadget also automates auditing for regulatory compliance, providing out-of-the-box audit reports that support privacy and compliance regulations including Sarbanes-Oxley, HIPAA, GLBA and Basel II.

SecurDB also supports forensic investigation of historical activity associated with suspected breaches, or to adjust security policies.

According to Crossroads, the device offers plug and play installation, with zero impact on network, application or database server performance.

SecurDB also ensures separation of duty between security personnel and network administrators—a feature that differentiates it from competing products from Tizor or Imperva, according to Rob Sims, Crossroads president and CEO.

This ability means that roles can be defined for product deployment, policy creation, policy administration and audit data reporting.

"The challenge in the security arena is were seeing complete security groups making sure theyre the ones driving policy on security of the enterprise," instead of the database administrator being involved, Sims said.

"Not to say DBAs are the point of breaches, but it doesnt bring separation of duty" to have them involved in security, he said.

Hence, an appliance like SecurDB would be something IT administration would install on the network, but the security officer would be in charge of writing policies, viewing reports and handling alerts, for example.

"It sits outside the realm of the DBA and application provider," Sims said.

/zimages/5/28571.gifTo read more about intrusion detection and defenses against database attacks, click here.

A spokesperson for Imperva pointed out that its SecureSphere Gateway database appliances have a similar capability—the capability to learn typical user behavior and to detect when that behavior turns anomalous, potentially meaning a user is accessing something not prescribed by role.

As far as Symantecs upcoming Database and Audit Security Solution appliance goes, it too will have the capability to learn typical behaviors of users and to flag behavior outside of the norm, according to Gerry Egan, group product manager for Advanced Concepts.

"Weve already implemented separation of duties," Egan said, referring to a Secret Service study that found that some 78 of threats come from within an organization, whether the source is employees or business partners.

"Those with legitimate access is where the real problem lies," Egan said.

Next Page: Nurturing ideas.