Guardium 7 – database security review

With database attacks on the increase Guardium can make sure businesses don’t get caught with their pants down.

Price
£20,000

Businesses have a legal obligation to protect personal and sensitive information in their databases and yet it is truly stunning how many are still failing to comply with regulatory guidelines. It's now a well known fact that SQL injection attacks are increasing massively thanks to freely available hacker kits and this year has started with security company Kasperksy ironically having one of its customer databases hacked into.

There's certainly no shortage of database security products on the market and Guardium has traditionally offered an impressive array of defences against these types of attacks and more. Deployed as a well specified Dell PowerEdge 1950 appliance, it provides database monitoring and auditing plus security policy enforcement for blocking unauthorised access.

On review we have the very latest Guardium 7, which delivers a number of valuable new features, not least of which is its database vulnerability assessment. It also introduces the new S-Gate probe, which can block unauthorized traffic and terminate user sessions. At its foundation is Guardium's S-Tap probe, which is installed on the database servers themselves, enabling it to monitor local and network traffic.

You can implement basic port spanning to monitor DBMS traffic but Guardium's probes are far more sophisticated and, unlike many competing solutions, don't need database logging enabled. Furthermore, they don't interfere with database application traffic as they are designed to interact only with privileged user traffic such as administrators accessing database tables.

For testing we employed a Boston Supermicro dual 3GHz Xeon 5160 server to run three VMware virtual machines. The first had Windows Server 2003 R2 with SQL Server 2000 and 2005, the second offered up Red Hat Linux loaded with Oracle 10G R2, MySQL and Sybase 15.4, whilst the third handled Guardium itself.

Guardium scales well with demand as smaller businesses with modest database traffic would use a single appliance as a Collector. Enterprises with multiple, distributed databases can use a number of Collectors all managed by an Aggregator appliance that provides centralized management and audit collection facilities.

The web interface is very intuitive and can be customized for your various administrators and auditors. A range of preconfigured interfaces for data privacy regulations and compliancy guidelines such as PCI and SOX are also provided by Guardium.

Featured Resources

BIOS security: The next frontier for endpoint protection

Today’s threats upend traditional security measures

Download now

The role of modern storage in a multi-cloud future

Research exploring the impact of modern storage in defining cloud success

Download now

Enterprise data protection: A four-step plan

An interactive buyers’ guide and checklist

Download now

The total economic impact of Adobe Sign

Cost savings and business benefits enabled by Adobe Sign

Download now

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
The Xbox Series X shows how far the cloud still has to go
Cloud

The Xbox Series X shows how far the cloud still has to go

25 Sep 2020