Guardium 7 – database security review

With database attacks on the increase Guardium can make sure businesses don’t get caught with their pants down.

Auditors have access to an extensive range of reporting tools and they can pass reports to other users for approval and once they've been signed off Guardium will not accept any further changes to them. Reports also default to hiding the values of SQL queries run on sensitive data and will only show them if an auditor specifically requests this.

Regulatory compliance is upheld for administration as root access is not permitted, thus stopping reports and data on the appliance from being subsequently modified. Guardium also maintains internal audit trails to keep track of all users and their activities. Databases are monitored in real time by the probes and policies containing a range of rules are used to provide protection and enforcement.

Access rules look out for database users and report on their activities. These can contain actions so anything untoward can be used to generate an alert or actually terminate the user's session. If you use port spanning the latter is achieved with a brute force TCP reset whereas the S-Gate probe is far more elegant as it does this at the SQL command level.

Extrusion rules inspect traffic exiting a database allowing them to see the results of user queries and check for patterns such as credit card numbers. There's no need to learn a new query language as the interface breaks down queries into their component parts for easy understanding.

So how does Guardium protect against SQL injection vulnerabilities? Real time monitoring can spot activities such as system procedures being executed by application users, whilst correlation alerts advise on suspicious activity such as excessive errors or login failures. A good practise is to use Guardium's baselining for a couple of weeks after deployment. This monitors normal activity and makes policy suggestions based on this information that will alert you to subsequent activity outside these parameters.

During testing we found it easy enough to create rules and deployed one to control system users by stopping them from using certain commands and blocking access to tables with payment card details in them. We then logged on to the test Oracle database and the moment we tried to select these tables Guardium used the probe to terminate our session.

The damage to a company's reputation after a database security breach can be far reaching with customers quickly losing confidence in its ability to protect their personal information. The much used adage of learning lessons is simply not acceptable where loss of personal data is concerned and although smaller businesses will find it represents a high initial outlay, Guardium does offer a sophisticated solution that can make sure it never happens in the first place.

Verdict

Regulatory compliance isn’t just about protecting databases but also about having laid down reporting and data access auditing procedures that can be enforced. Guardium is capable of ensuring consistent practices can be maintained across multiple databases and provides the tools to safeguard them and ensure their integrity.

Chassis: Dell PowerEdge 1950 1U rack server

CPU: 2 x 2.5GHz Xeon E5420

Memory: 8GB 667MHz FB-DIMM

Storage: 2 x 146GB SAS 15k hard disks in RAID-1

RAID: Dell PERC controller

Network: 2 x Gigabit Ethernet

Power: Dual hot-swap supplies

Management: Web browser

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Most Popular

How Liberty navigated a site relaunch during a pandemic
Sponsored

How Liberty navigated a site relaunch during a pandemic

8 Oct 2020
Do smart devices make us less intelligent?
artificial intelligence (AI)

Do smart devices make us less intelligent?

19 Oct 2020
Politicians need to stop talking about technology
Policy & legislation

Politicians need to stop talking about technology

21 Oct 2020