Fortinet FortiDB: Database security tool overview
Expert Ed Tittel examines Fortinet FortiDB, an add-on product for better securing databases through database activity monitoring and vulnerability assessment.
Fortinet's broad portfolio of security products includes firewalls, network security access products and unified threat management (UTM) products, as well as its FortiDB family of database security appliances and software. The Fortinet FortiDB platform is highly scalable and geared mainly toward large enterprises, and it combines database activity monitoring and vulnerability assessment in one product.
Product features
Organizations can deploy FortiDB as an appliance or as software in virtualized environments. The Fortinet FortiDB platform provides discovery and vulnerability management, database activity monitoring and auditing (for application users and privileged users), as well as user access management and risk management and compliance, all accessible from a Web-based console.
Database scans can detect all the databases on a network and on wide area network (WAN) subnets. Unlike its competitors, FortiDB lets administrators collect data in three different ways. The native audit option does not use agents and captures all events, impacting performance at 3% to 4% (5% or less is industry standard). The network agent option doesn't capture as much data as the native audit, but the impact on server performance is lower as well (2% to 3%). The sniffer option has no impact on server performance.
Policy and signature updates come from the FortiGuard Global Threat Research Team. The intrusion protection feature automatically stops malicious transactions based on policy settings. Preconfigured policies are automatically updated when regulatory or industry best practices -- like Payment Card Industry compliance, Digital Signature Standard, Sarbanes-Oxley Act or Health Insurance Portability and Accountability Act -- change. FortiDB also provides change control management for changes made to database structure, and user privilege change monitoring.
FortiDB comes with a large collection of vulnerability and compliance-based reports, which include information for remediating or mitigating issues.
Product specs
As of this writing, Fortinet offers three appliances: FortiDB 500D, 1000D and 3000D. The FortiDB 500D appliance is licensed for up to 15 database instances; the 1000D handles up to 30 instances; and the 3000D up to 90 database instances. Each appliance has 4 TB of storage capacity and a mix of RJ45 and small form-factor pluggable ports.
Note: Fortinet offers a full working online demo of a FortiDB appliance for prospective customers to work with the dashboard, explore policy settings, perform a database vulnerability assessment and run reports.
Pricing and licensing
Fortinet FortiDB appliances cost $15,000 to $37,000, with annual subscriptions for FortiCare and FortiGuard support adding from $3,700 to over $9,300 to the cost, at a minimum. The FortiDB 500D appliance lists for $15,000, but climbs to $18,700 for the appliance plus a one-year subscription to FortiCare 8x5 and FortiGuard.
The mid-priced FortiDB 1000D sells for $20,000 retail, with an additional $5,000 for a one-year subscription to FortiCare 8x5 and FortiGuard. The top-of-the-line FortiDB 3000D lists for $37,000; a one-year bundle with FortiCare 8x5 and FortiGuard goes for about $9,300.
Support
Support for Fortinet FortiDB is subscription-based. FortiCare 8x5 Enhanced Support is available during business hours via telephone, chat or the online portal. FortiCare 24x7 Comprehensive Support makes support engineers available to customers 24 hours, 7 days a week. Premium Services offer a technical account manager, priority escalation, enhanced service-level agreements, extended software support, as well as regular review meetings and onsite visits.
FortiGuard is a service that draws current threat information from the Fortinet Global Threat Research Team.