Guardium Announces First Solution to Monitor Encrypted Database Traffic, Providing Real-Time Security and Auditing To Protect Sensitive Information

Guardium 7 Supports Oracle Advanced Security Option (ASO) Network Encryption, Monitoring Data-in-Motion from Privileged Users and Enterprise Applications such as Oracle EBS and PeopleSoft

Guardium, the database security company, today announced the first database activity monitoring (DAM) solution that inspects encrypted database traffic. Guardium 7 helps organizations prevent anomalous behavior in real time – even in highly secure environments where encryption is mandated – and create a granular audit trail for forensic investigations and regulatory compliance, without impacting application or database performance.

Data privacy regulations such as the Payment Card Industry Data Security Standard (PCI-DSS) require companies to encrypt sensitive information moving across public networks, such as the Internet. Encryption hides data-in-motion, preventing hackers from stealing sensitive information. It also protects against rogue insiders eavesdropping on internal database connections from administrators, end-users performing ad hoc queries, and application servers running enterprise applications such as Oracle E-Business Suite, PeopleSoft, Siebel, SAP and Business Objects.

Guardium’s DAM solution continuously analyzes all database traffic in real-time – including the “who, what, when, where and how” of each transaction – in order to identify both internal and external threats. Until now, DAM solutions were prevented from analyzing encrypted traffic because they could not see the actual content of each session, such as which SQL commands were being executed, by whom, and on which database objects.

Another option is native (database-resident) logging and auditing tools, which monitor database transactions after they have been decrypted by the database. However, native tools are typically deemed impractical because of the additional I/O overhead they impose on database systems. Additionally, they do not meet auditors’ requirements for separation of duties since they are controlled by database administrators, whose activity also must be audited.

Non-Intrusive Monitoring of Encrypted Network Traffic

Guardium 7 provides a unique technology for inspecting all encrypted database traffic in order to immediately identify unauthorized or suspicious activities – without the drawbacks of native utilities. In addition, Guardium now monitors encrypted connections without the added security risk and complexity of uploading keys to the Guardium system.

The new technology has been incorporated into an enhanced version of Guardium’s S-TAP™ (software tap). Unique in the industry, S-TAPs are lightweight software probes that monitor network streams at the OS level of database servers. They have minimal impact on performance because they relay all traffic to separate Guardium appliances for analysis, reporting and online storage of audit trails in a secure, tamper-proof repository.

“Guardium 7 addresses a critical need by supporting Oracle ASO network encryption with non-invasive, fine-grained monitoring and auditing for encrypted database traffic over the wire,” said Arup Nanda, long-time Oracle DBA and co-author of Oracle Privacy Security Auditing (Rampant TechPress). Mr. Nanda was also named “DBA of the Year” by Oracle Magazine and is a member of the New York Oracle User Group Executive Committee. “Encrypting sensitive information such as credit card numbers is a requirement for most organizations, but it doesn’t eliminate the need for an additional layer of defense. DAM solutions protect sensitive information from external threats and abuses by privileged insiders.”

Supports Multiple Encryption Methods

In Version 7, Guardium monitors encrypted traffic on all major operating systems including Sun Solaris, IBM AIX, HP-UX, Microsoft Windows, Red Hat Linux, and SUSE Linux. Support is provided for all network encryption methods used in Oracle environments including:
Oracle Advanced Security Option (ASO), which supports native Oracle Net encryption as well as SSL encryption via a range of algorithms including RSA’s RC4, DES, Triple-DES and AES.
IPSEC, an industry standard for encrypting IP communications.
SSH and SSL tunnels, using services running on the host to terminate the encryption.
Hardware-based network encryption, where the encryption is offloaded to specialized processors on a network interface card (NIC) so that there is no impact to the database server’s CPU.

“We have hundreds of customers running Oracle and some of them run the largest Oracle environments in the world. As such, they use a variety of methods to secure data in-transit. It was important for us to be able to support anything they choose,” said Ron Bennatan, Ph.D., Guardium CTO and author of Implementing Database Security and Auditing (Elsevier Digital Press, 2005). “We provide some of the most practical security solutions for Oracle environments. But as an enterprise security company it is also our responsibility to advise our customers on the variety of methods available to secure Oracle – including ASO.”

Forrester Research recently named Guardium “a Leader across the board,” with “dominance and momentum on its side.” In this comprehensive assessment, Forrester evaluated 14 large and small vendors across 116 criteria, with Guardium earning the #1 score for Architecture and the highest overall scores for Current Offering, Product Strategy, and Corporate Strategy. (“The Forrester Wave: Enterprise Database Auditing And Real-Time Protection, Q4 2007” by Noel Yuhanna, October 2007.)

About Guardium

Guardium, the database security company, delivers the most widely-used solution for ensuring the integrity of enterprise information and preventing information leaks from the data center.

The company’s enterprise security platform is now installed in more than 350 data centers worldwide, including more than 60 Global 500 and Fortune 1000 companies in all major industries. Customers include 3 of the top 4 global banks; one of the world’s largest PC manufacturers; a global soft drink brand; a top 3 global retailer; and a leading supplier of business intelligence software. The company has partnerships with Oracle, Microsoft, IBM, Sybase, BMC, EMC, RSA, Accenture, NetApp, McAfee, and NEON, with Cisco as a strategic investor, and is a member of IBM’s prestigious Data Governance Council and the PCI Security Standards Council.

Founded in 2002, Guardium was the first company to address the core data security gap by delivering a scalable enterprise platform that protects databases in real-time and automates the entire compliance auditing process.

Guardium, Safeguarding Databases, and S-TAP are trademarks of Guardium, Inc.

Contacts

Corporate Ink
Corinne Federici and Adam Parken, 617-969-9192
cfederici {at} corporateink(.)com
aparken {at} corporateink(.)com