|
Management/ReportingB
Hedgehog has a robust yet intuitive Web-based user
interface that enables security administrators and
engineers to protect databases in a matter of hours. It
leverages role-based access permissions at the user and
group level.
Within the interface, you can assign permissions
by roles. The users assigned to a role then inherit those
permissions. There are more than 30 types of granular
permissions.
LDAP integration is included by default, to enable
you to tie into Microsoft authentication.
Rule creation is about as good as it gets. Provided
you understand databases and SQL statements, a fourminute
Flash demonstration gives you all the information
you need. You can create simple rules to trigger
alerts against attacks or suspicious users. In addition,
you can create a custom query that is executed on a target
database when an associated rule is matched. For
instance, if a user is found violating a policy, then you
could automatically revoke that user's permissions to
a protected database. Other valuable options include
terminating that user's session or quarantining him.
Hedgehog comes packed with virtual patching capability,
allowing you to prevent known database attacks
through a series of identification rules and prevention
triggers.
Hedgehog can use a number of output interfaces,
such as email, syslog, Windows log file, CSV, Hedgehog
internal log file format, ...
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
and/or its two-way SNMP or
XML API engines. These facilities give you a mechanism
for collecting or integrating alerts and logs into a SOC,
SIEM or log management product.
Three compliance wizards come bundled with 2.2:
PCI, SAS 70 and SOX, which walk you through a series
of configuration options to meet requirements.
Hedgehog supports Microsoft SQL Server 2000, 2005
and Oracle 8.1.7 or later.
ReportingB
Basic monitoring can be done through built-in dashboards,
which have alert filter shortcuts to swiftly check
the last 10 minutes, hour, day, week and month.
While the alerts should be monitored in near real
time via the dashboards or a third-party product such as
ArcSight or HP OpenView, executive and incident
reports also add value. Canned reports come in PDF and
HTML. Hedgehog's custom report engine allows you to
slice and dice any of the data.
Verdict
You cannot buy a better database security solution for
the money. Sentrigo's Hedgehog security suite installs
quickly and can be leveraged for monitoring real-time
external threats and malicious internal user activity.
Testing methodology: We tested Sentrigo Hedgehog Enterprise 2.2
on a Windows 2003 Server in a lab environment with the product
monitoring databases for both active threats and user activity for
Microsoft SQL Server 2005.
|
 |
|
