Guardium 7 – database security review

With database attacks on the increase Guardium can make sure businesses don’t get caught with their pants down.

Auditors have access to an extensive range of reporting tools and they can pass reports to other users for approval and once they've been signed off Guardium will not accept any further changes to them. Reports also default to hiding the values of SQL queries run on sensitive data and will only show them if an auditor specifically requests this.

Regulatory compliance is upheld for administration as root access is not permitted, thus stopping reports and data on the appliance from being subsequently modified. Guardium also maintains internal audit trails to keep track of all users and their activities. Databases are monitored in real time by the probes and policies containing a range of rules are used to provide protection and enforcement.

Access rules look out for database users and report on their activities. These can contain actions so anything untoward can be used to generate an alert or actually terminate the user's session. If you use port spanning the latter is achieved with a brute force TCP reset whereas the S-Gate probe is far more elegant as it does this at the SQL command level.

Extrusion rules inspect traffic exiting a database allowing them to see the results of user queries and check for patterns such as credit card numbers. There's no need to learn a new query language as the interface breaks down queries into their component parts for easy understanding.

So how does Guardium protect against SQL injection vulnerabilities? Real time monitoring can spot activities such as system procedures being executed by application users, whilst correlation alerts advise on suspicious activity such as excessive errors or login failures. A good practise is to use Guardium's baselining for a couple of weeks after deployment. This monitors normal activity and makes policy suggestions based on this information that will alert you to subsequent activity outside these parameters.

During testing we found it easy enough to create rules and deployed one to control system users by stopping them from using certain commands and blocking access to tables with payment card details in them. We then logged on to the test Oracle database and the moment we tried to select these tables Guardium used the probe to terminate our session.

The damage to a company's reputation after a database security breach can be far reaching with customers quickly losing confidence in its ability to protect their personal information. The much used adage of learning lessons is simply not acceptable where loss of personal data is concerned and although smaller businesses will find it represents a high initial outlay, Guardium does offer a sophisticated solution that can make sure it never happens in the first place.

Verdict

Regulatory compliance isn’t just about protecting databases but also about having laid down reporting and data access auditing procedures that can be enforced. Guardium is capable of ensuring consistent practices can be maintained across multiple databases and provides the tools to safeguard them and ensure their integrity.

Chassis: Dell PowerEdge 1950 1U rack server

CPU: 2 x 2.5GHz Xeon E5420

Memory: 8GB 667MHz FB-DIMM

Storage: 2 x 146GB SAS 15k hard disks in RAID-1

RAID: Dell PERC controller

Network: 2 x Gigabit Ethernet

Power: Dual hot-swap supplies

Management: Web browser

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Most Popular

The benefits of workload optimisation
Sponsored

The benefits of workload optimisation

16 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
IT Pro Panel: Why IT leaders need soft skills
professional development

IT Pro Panel: Why IT leaders need soft skills

26 Jul 2021