Guardium 7 – database security review

With database attacks on the increase Guardium can make sure businesses don’t get caught with their pants down.

Price
£20,000

Businesses have a legal obligation to protect personal and sensitive information in their databases and yet it is truly stunning how many are still failing to comply with regulatory guidelines. It's now a well known fact that SQL injection attacks are increasing massively thanks to freely available hacker kits and this year has started with security company Kasperksy ironically having one of its customer databases hacked into.

There's certainly no shortage of database security products on the market and Guardium has traditionally offered an impressive array of defences against these types of attacks and more. Deployed as a well specified Dell PowerEdge 1950 appliance, it provides database monitoring and auditing plus security policy enforcement for blocking unauthorised access.

On review we have the very latest Guardium 7, which delivers a number of valuable new features, not least of which is its database vulnerability assessment. It also introduces the new S-Gate probe, which can block unauthorized traffic and terminate user sessions. At its foundation is Guardium's S-Tap probe, which is installed on the database servers themselves, enabling it to monitor local and network traffic.

You can implement basic port spanning to monitor DBMS traffic but Guardium's probes are far more sophisticated and, unlike many competing solutions, don't need database logging enabled. Furthermore, they don't interfere with database application traffic as they are designed to interact only with privileged user traffic such as administrators accessing database tables.

Advertisement
Advertisement - Article continues below

For testing we employed a Boston Supermicro dual 3GHz Xeon 5160 server to run three VMware virtual machines. The first had Windows Server 2003 R2 with SQL Server 2000 and 2005, the second offered up Red Hat Linux loaded with Oracle 10G R2, MySQL and Sybase 15.4, whilst the third handled Guardium itself.

Guardium scales well with demand as smaller businesses with modest database traffic would use a single appliance as a Collector. Enterprises with multiple, distributed databases can use a number of Collectors all managed by an Aggregator appliance that provides centralized management and audit collection facilities.

The web interface is very intuitive and can be customized for your various administrators and auditors. A range of preconfigured interfaces for data privacy regulations and compliancy guidelines such as PCI and SOX are also provided by Guardium.

Featured Resources

Application security fallacies and realities

Web application attacks are the most common vulnerability, so what is the truth about application security?

Download now

Your first step researching Managed File Transfer

Advice and expertise on researching the right MFT solution for your business

Download now

The KPIs you should be measuring

How MSPs can measure performance and evaluate their relationships with clients

Download now

Life in the digital workspace

A guide to technology and the changing concept of workspace

Download now
Advertisement

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

4 Nov 2019
Visit/strategy/28115/the-pros-and-cons-of-net-neutrality
Business strategy

The pros and cons of net neutrality

4 Nov 2019
Visit/domain-name-system-dns/34842/microsoft-embraces-dns-over-https-to-secure-the-web
Domain Name System (DNS)

Microsoft embraces DNS over HTTPS to secure the web

19 Nov 2019
Visit/social-media/34844/can-wikipedia-founders-social-network-really-challenge-facebook
social media

Can Wikipedia founder's social network really challenge Facebook?

19 Nov 2019