Cross-Platform Database Security

Guardium’s cross-platform solution is ideal for heterogeneous environments because it supports all major DBMS platforms and protocols running on all major operating systems. This table shows all currently supported platforms and versions.

Supported Platforms
IBM DB2 UDB (Windows, Linux, Unix, z/Linux)	Sybase ASE
IBM DB2 for z/OS	Sybase IQ
IBM DB2 UDB for iSeries (AS/400)	MySQL
IBM Informix	Teradata
Oracle	Microsoft SQL Server

Capturing a Continuous, Fine-Grained Audit Trail

The resulting reports eliminate the costly manual effort of analyzing vast, unconsolidated log information. They demonstrate compliance by providing detailed visibility into all database activities such as escalation of privileges, schema changes, access during off-hours or from unauthorized applications, and access to sensitive tables.

Automatically locates, classifies and secures sensitive information

Organizations find it particularly difficult to:

• Map out all database servers containing sensitive information and understand how data is being accessed from all sources (line-of-business applications, batch processes, ad hoc queries, application developers, administrators, etc.)
• Secure information and manage risk when the sensitivity of stored information is unknown
• Ensure compliance when it isn’t clear which information is subject to the terms of particular regulations

With Guardium, you use database auto-discovery and information classification to identify where confidential data is stored, and then use customizable classification labels to automate the application of security policies that apply to particular classes of sensitive objects.  These policies ensure that sensitive information is only viewed and/or changed by authorized users.

Monitor and enforce policies for database security and change control

With Guardium, you have granular, real-time policies to prevent unauthorized or suspicious actions by privileged database accounts as well as attacks from rogue users or outsiders.

In order to detect fraud by end-users with legitimate access privileges, you can also monitor and identify application users who make unauthorized changes via multi-tier applications. This is important because these applications typically access databases via a common service account that masks the identity of the end-user at the SQL transaction level. Guardium provides out-of-the-box support for all major enterprise applications, including Oracle EBS, PeopleSoft, JD Edwards, Siebel, SAP, and Business Intelligence, as well as custom systems built on standard application servers such as IBM WebSphere, BEA WebLogic, and Oracle AS.

Vulnerability, Configuration and Behavioral Assessment

Guardium’s database security assessment scans your entire database infrastructure for vulnerabilities and provides an ongoing evaluation of your database security posture, using both real-time and historical data.  The assessment provides a comprehensive library of preconfigured tests based on industry best practices, such as the DOD’s Database Security Technical Implementation Guide (STIG).

These tests also pinpoint DBMS–specific vulnerabilities and are updated on a quarterly basis via Guardium’s subscription service.  You can also define custom tests to match specific requirements.

Guardium’s assessment module also flags compliance-related vulnerabilities such as unauthorized access to reserved Oracle EBS and SAP tables for compliance with Sarbanes-Oxley (SOX) and the Payment Card Industry Data Security Standard (PCI-DSS).