IPLocks

IPLocks Database Security and Compliance Solution provides continuous policy-based (pre and user-defined) monitoring and alerting capabilities specifically tuned to identify potential malicious activity in regards to database actions. IPLocks supports multiple DBs, including Oracle, DB2/UDB, SQL Server, Sybase, HiRDB, and Teradata. IPLocks is deployed on its own server or on a separate Windows or Linux server (i.e., separate from the target DB). Administrator alerting is accomplished via E-mail; with an included SNMP agent allowing integration with existing management consoles.

In addition to its main monitoring functions, IPLocks provides Vulnerability Assessment, and auditing/reportng capabilities to the Enterprise.

- Vulnerability Assessment (VA) is a non-intrusive tool (no components need be loaded on the targte database) that can run against DBs in remote locations. VA offers a view of DB configuration settings before, during, and after initial deployment; completed test results can be viewed in text or graph form, and detail reports indicate whith items "passed" and "failed;" providing information about what the test was looking for, what was found, and remediation information. The Vulnerability Assessment capabilities of IPLocks can be utilized as a stand-alone tool or in combination with the main IPLocks offering.

The monitoring functions of the main product include:

- User Behavior Monitor, which studies usage patterns and categorizes all user actions and events as normal or suspicious, with suspicious behavior alerted to an administrator.

- Privilege Monitor, which watches for changes of database privilege settings via grant or revoke statements, system or object permissions, or roles or password changes.

- Metadata Monitor, which watches for changes in database metadata and reports those changes to authorized personnel via built-in policies for each supported DB. Customized security rules can also be defined.

- Content Monitor, which analyzes data access and updates, and detects destructive actions by comparing them with established rules. CM can defend both against specific events, or via a behvioral model which compares content-related actions to normal user activity patterns and flags those that look suspicious.

- Transaction Monitor, which audits all successful transactions in the DB and issues alerts on updates, inserts, and/or deletes within a column or row; recording chang information including who, what, where, and when.

In addition to the monitoring capabilities, the platform also provides auditing and reporting capabilities, including a transactional analysis of events by sessions, users, or objects; providing detail information in the context of the operation.

IPLocks is managed via a Web-based management console or a CLI.

New features of the latest IPLocks release include:

- Pre-packages SOX report templates, and a custom report engine

- An Audit Trail Filter and a SQL Capture Filter

- Rule chaining, for real-time, automated decision-making for responding to suspicious activities and terminating sessions

- Enhanced IBM Stack adds support for WebSphere and DB2 Universal Database (UDB) repository

IPLocks is available now. Visit the vendor's Web site for further information.

product submission by DatabaseJournal Staff

Latest category updates via our RSS feed