Symantec Database Security
Respondents gave Symantec Database Security high marks where it counts, overwhelmingly rating it excellent or good in protecting their data. Almost as important, they gave it high marks for ease of installation, configuration and administration, a major factor as organizations struggle to integrate new security tools without additional management resources. The product passively sniffs traffic and stores audit data offline, causing zero impact on database performance or availability.
"There's no overhead on production servers--that's a key for us," says Ayad Shammout, lead technical database administrator for CareGroup Healthcare System, which manages four Boston-area hospitals. "And we don't want to deploy agents. They're a headache to manage."
Users also like the product's scalability and its minimal impact on existing infrastructure. Symantec Database Security sniffs database traffic, detecting anomalous behavior from insiders or external sources, which may be malicious or simply authorized personnel failing to follow procedure. It does this by running in learning mode to build a profile of normal behaviors, allowing managers to distinguish between unauthorized and acceptable activity.
Symantec Database Security continuously monitors database activity, firing off alerts and enabling security managers to quickly investigate and mitigate issues. Organizations can use it in a variety of ways: to protect confidential data, detect fraud activity, monitor and confirm change management procedures and prepare comprehensive reports for auditors. It's also an effective B2B tool, enabling companies to evaluate business partners by monitoring their database activity.
It detects information leakage by monitoring outbound traffic for policy violations and potential fraud by alerting managers to suspicious insider activity. It maintains a complete audit trail of all SQL activity.
While the IT/security giant has been drawing attention for a wave of acquisitions, this is a homegrown product, developed by Symantec's Advanced Research Group, "like a small startup within Symantec looking for new opportunities in emerging markets," says Gautam Vij, senior product manager, Symantec Database Security. Symantec has spent close to four years in development, he says.
Although Database Security was initially rolled out as an appliance, Symantec, consistent with its new strategy, will continue to develop and market it as software, working with OEMs. Down the road, it will offer the product as a virtual appliance, Vij says.