LogLogic Database Security Manager
Extending IT data management to RDBMS
Databases hold your most valuable data and yet they remain one of the least protected parts of your business. By using Database Security Manager, you can remotely audit, control, and secure that data, either as a stand-alone initiative or as part of your get.see.use. architecture.
Additionally, traditional border security is inadequate against attacks that take advantage of database-specific vulnerabilities, and offer little or no protection from insider abuse, especially when dealing with privileged users who are not only inside the perimeter but are also capable of circumventing application-level security.
LogLogic Database Security Manager is your solution to these issues.
By using Database Security Manager to ‘get’ a more complete view of your IT systems, you can better enforce security policies and comply with regulatory requirements, such as PCI, HIPAA and FISMA. Database Security Manager has two main focal points: it provides enhanced database security and greater insight into user activity.
Security is enhanced by the use of a vulnerability scanner that checks your multiple databases against a live-list of known attacks, configuration errors, and software flaws. When known flaws are detected, we offer the ability to virtually patch your database without having to undergo the painful task of taking your corporate data-store offline for hours.
Controlling the applications and users that access your data is just as important, if not more so than perimeter security. With Database Security Manager you can monitor and stop all data access or edits, based on policy, regardless of whether it’s from an internal threat, a rogue application, or an unwelcomed outsider.
Like everything in our 360 Insight architecture, we excel when it comes to scale.
To increase the efficiency of your IT department, and to make the cost of ownership of Database Security Manager significantly lower than our competition, we’ve included features that:
- automatically discover databases on your networks
- locates and identifies tables containing restricted information such as passwords, credit card details, and PII
- reports on the current version, patch level, and known vulnerabilities for each system, including evaluation against the CIS benchmark hardening standard
- performs checks of operating system configurations
- checks password vulnerabilities, including password strength, use of shared accounts/passwords, and embedded passwords within applications
- detects changed database objects
- and alerts on modifications to privileges and user tables.
We do all this for the traditional deployments, and your VMware deployments. We pass all this knowledge to our IT data warehouse, when it is indexed, normalized, enriched, and made available to all our analytic engines for security, compliance, or IT operational reasons.
Our virtual patching technology significantly reduces the risk of database intrusion and data theft, and offers real-time data protection against exploits of known vulnerabilities, such as SQL injection and buffer overflow attacks.
Our agent also gives us the ability to record the values of critical data before and after a user modified them. Additionally, according to policy, we can actually stop the modification if we suspect something is wrong.
We ship Database Security Manager as either a fully hardened Linux appliance (DSM1020), or as software that works on Windows or Linux (DSM Server). This choice gives you the option of rapid-installation, plug- and-play convenience, or the flexibility of your default operating system on hardware from your standard supplier. Additionally, DSM includes a software agent that is specific to your database flavor.
Whether you choose the DS1020, or the DSM Server software bundle, at their core, they’re both the same.
