WALTHAM, Mass. -- Guardium, the database security company, today announced the first database activity monitoring (DAM) solution that inspects encrypted database traffic. Guardium 7 helps organizations prevent anomalous behavior in real time even in highly secure environments where encryption is mandated and create a granular audit trail for forensic investigations and regulatory compliance, without impacting application or database performance.
Data privacy regulations such as the Payment Card Industry Data Security Standard (PCI-DSS) require companies to encrypt sensitive information moving across public networks, such as the Internet. Encryption hides data-in-motion, preventing hackers from stealing sensitive information. It also protects against rogue insiders eavesdropping on internal database connections from administrators, end-users performing ad hoc queries, and application servers running enterprise applications such as Oracle E-Business Suite, PeopleSoft, Siebel, SAP and Business Objects.
Guardiums DAM solution continuously analyzes all database traffic in real-time including the who, what, when, where and how of each transaction in order to identify both internal and external threats. Until now, DAM solutions were prevented from analyzing encrypted traffic because they could not see the actual content of each session, such as which SQL commands were being executed, by whom, and on which database objects.
Another option is native (database-resident) logging and auditing tools, which monitor database transactions after they have been decrypted by the database. However, native tools are typically deemed impractical because of the additional I/O overhead they impose on database systems. Additionally, they do not meet auditors' requirements for separation of duties since they are controlled by database administrators, whose activity also must be audited.