Published: 01 Nov 2007
| DATABASE SECURITY
Lumigent Audit DB 6.0 helps organizations, particularly those with significant compliance-related issues and failed audits, protect and audit production databases.
The overarching problem remains that database administrators and engineers do not have the security background required to lock down their databases. Audit DB 6.0 is designed to audit, monitor and protect databases.
Audit DB has two main auditing components. The first captures network traffic to and from the database. Matching patterns or out-of-policy actions are identified, triggering alerts. The second mode uses agents to pull database log files, activity information and general database configuration information.
Lumigent supports all major database platforms including Microsoft SQL Server, IBM DB2, Sybase and Oracle, all with good documentation.
Executive and/or managerial dashboard-level views allow you to drill down to the audited systems.
Of particular interest is Audit DB's user reporting capability. Most regulations place heavy emphasis on user provisioning and decommissioning. Audit DB has strong features meeting compliance standards for user management and can be a valuable tool for identifying obsolete or dormant users, validating password policies, and identifying privileged users and entitlements.
The SOAP interface is efficient and clean. If you've ever implemented an RSS or XML feed you won't have an issue integrating this feature.
The tabs in the Web-based management interface allow you to access all data collected by Audit DB. Drill-down reports take you into the details of an event with timestamps, user information, data sources and activity.
Testing methodology: We tested Lumigent Audit DB 6.0 running on an Intel-Red Hat Enterprise Linux machine auditing an Oracle 10g R2 database on Red Hat Linux and SQL 2000 on Windows 2003 Server.