Home > Information Security Magazine > Features > Database security, software appliances review: Readers Choice Awards
EMAIL THIS
Information Security Magazine

  CURRENT ISSUE  
  FEATURES  
  COLUMNS  
  HOT PICK & PRODUCT REVIEWS  
  ARCHIVES  
  SUBSCRIBE/RENEW  
  

Database security, software appliances review: Readers Choice Awards
Issue: Apr 2007
printer-friendly
< PREV PAGE   |   1  |   2  |   NEXT PAGE  >

[IMAGE]
[IMAGE]

GOLD | Symantec Database Security
Symantec
Price: Appliance, $10,000; software, $5,000 per CPU for Windows, $10,000 for Unix

Symantec has been quick to assert itself in the growing database security market, with a new auditing and monitoring product that resonates with its customers, earning a Readers' Choice gold medal.

Respondents gave Symantec Database Security high marks where it counts, overwhelmingly rating it excellent or good in protecting their data. Almost as important, they gave it high marks for ease of installation, configuration and administration, a major factor as organizations struggle to integrate new security tools without additional management resources. The product passively sniffs traffic and stores audit data offline, causing zero impact on database performance or availability.

"There's no overhead on production servers--that's a key for us," says Ayad Shammout, lead technical database administrator for CareGroup Healthcare System, which manages four Boston-area hospitals. "And we don't want to deploy agents. They're a headache to manage."

Users also like the product's scalability and its minimal impact on existing infrastructure.

Symantec Database Security sniffs database traffic, detecting anomalous behavior from insiders or external sources, which may be malicious or simply authorized personnel failing to follow procedure. It does this by running in learning mode to build a profile of normal behaviors, allowing managers to distinguish between unauthorized and acceptable activity.

The product continuously monitors database activity, firing off alerts and enabling security managers to quickly investigate and mitigate issues. Organizations can use it in a variety of ways: to protect confidential data, detect fraud activity, monitor and confirm change management procedures and prepare comprehensive...



reports for auditors.

While the IT/security giant has been drawing attention for a wave of acquisitions, Database Security is a homegrown product, developed by Symantec's Advanced Research Group, which is "like a small startup within Symantec looking for new opportunities in emerging markets," says Gautam Vij, senior product manager, Symantec Database Security. Symantec has spent close to four years in development, he says.

Although Database Security was initially rolled out as an appliance, Symantec, consistent with its new strategy, will continue to develop and market it as software, working with OEMs.


[IMAGE]

SILVER | AppDetective
Application Security
Price: $900 annually per database

It's a safe bet your critical databases are vulnerable to attack, and AppDetective, one of a handful of specialized vulnerability scanners on the market, performs its job so well that readers voted it silver medalist in the database security category. AppDetective, available as a standalone product or as part of the DbProtect suite with AppRadar, a database monitoring tool, scored high among readers for its integration and compatibility with existing infrastructure, an important point for vulnerability scanners, which are often seen as intrusive, even disruptive. Readers also liked AppDetective's reporting and alerting capabilities. The network-based scanner simulates attacks, performing penetration testing to discover vulnerabilities and misconfigurations. It can also perform security audits, determining vulnerability to internal misuse.


[IMAGE]

BRONZE | SecureSphere Database Security Gateway
Imperva
Price: Starts at $45,000

This database monitoring, auditing and protection appliance drew strong approval from its customers, rating very well across the board to earn the bronze. SecureSphere scored well in every criteria: granularity of access controls and integration with existing infrastructure, scalability and management, data protection, customer support and alerting and reporting. Respondents said they're getting their money's worth. SecureSphere assesses databases by profiling normal behavior in learning mode, and detects anomalous behavior based on that, as well as built-in and custom policies. It offers an enforcement capability, giving organizations the option to automatically block select unauthorized activities. In addition, its integrated IPS protects against attacks on known vulnerabilities in database platforms and operating systems.

< PREV PAGE   |   1  |   2  |   NEXT PAGE  >





TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts