Database security products: A buyer's guide
A collection of articles that takes you from defining technology needs to purchasing options
Trustwave offers a range of information security, compliance management and threat intelligence products. The company acquired Application Security Inc. (known as AppSecInc), in late 2013, adding DbProtect and AppDetectivePRO to the Trustwave portfolio. AppDetectivePro, a database vulnerability assessment tool, is geared toward small to midsize business environments. DbProtect is an enterprise-level database activity monitor that includes vulnerability assessment functionality.
DbProtect is a centrally managed, distributed software-only security product. It includes a central management console, a central data warehouse, and a set of scanners and sensors distributed across a client’s environment. (Unlike several competitors, DbProtect is agentless.) The scanners and sensors are intentionally located close to the databases that DbProtect is protecting.
Users access the system for management and reporting via a Web-based interface; scan and assessment results from across the enterprise are displayed in custom views based on roles, such as auditor or Administrator.
The platform discovers and assesses most types of relational databases, including Microsoft SQL, Oracle, DB2, Sybase, MySQL and big data stores like Hadoop. Host- and network-based sensors monitor databases for ordinary usage and to discover events. When suspicious activity is discovered (based on policy conditions), the system issues alerts that appear on the console dashboard, which provides detailed information about the threat. The vulnerability assessment feature flags configuration errors, missing patches and so on, and draws vulnerability resources from a library compiled by Trustwave SpiderLabs.
DbProtect also includes preconfigured reports that focus on asset inventory, rights management (including privileged users), risk management findings and trends, threat analysis findings and trends, compliance status and operations. Compliance reporting covers Health Insurance Portability and Accountability Act, NIST 800-53, Defense Information Systems Agency's Security Technical Implementation Guide, PCI DSS and Sarbanes-Oxley.
Pricing and licensing
DbProtect is licensed by module and number of database instances. Clients can choose from three modules: vulnerability management, rights management and activity monitoring. Each one is licensed separately per protected database count. The product is typically sold as a perpetual license with annual maintenance; however, customers can purchase an annual subscription if desired.
Prospective customers must contact a Trustwave sales representative for pricing information specific to their environments.
Trustwave supports DbProtect for 18 months from the date each version is released. Customers can get assistance by browsing the online knowledge base by email or telephone, or through the Trustkeeper support portal. Standard phone support is available during normal business hours.
Trustwave offers a 24x7 premium support package for an additional fee. Clients who purchase premium support get higher priority service.
Part one of this series examines the basics of database security in the enterprise
Part two of this series looks at enterprise deployment scenarios for database security tools
Part three of this series offers nine steps for purchasing database security software
Part four of this series compares the top database security tools in the industry