IPLocks Vulnerability Assessment: A Database Assessment Solution



Similar documents
A Database Security Management White Paper: Securing the Information Business Relies On. November 2004

Kaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management.

An Oracle White Paper January Oracle Database Firewall

Staying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro

Assuria Auditor The Configuration Assurance, Vulnerability Assessment, Change Detection and Policy Compliance Reporting Solution for Enterprise

Endpoint Security Management

Worldwide Security and Vulnerability Management Forecast and 2008 Vendor Shares

Protecting Your Organisation from Targeted Cyber Intrusion

Why Leaks Matter. Leak Detection and Mitigation as a Critical Element of Network Assurance. A publication of Lumeta Corporation

ORACLE OPS CENTER: PROVISIONING AND PATCH AUTOMATION PACK

How To Manage A System Vulnerability Management Program

Guardium Change Auditing System (CAS)

An Oracle White Paper January Oracle Database Firewall

IBM Security QRadar Risk Manager

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

IT INFRASTRUCTURE MANAGEMENT SERVICE ADDING POWER TO YOUR NETWORKS

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems

Securing and protecting the organization s most sensitive data

Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.

TRIPWIRE REMOTE OPERATIONS: STOP OPERATING, START ANALYZING

SapphireIMS 4.0 Asset Management Feature Specification

Avoiding the Top 5 Vulnerability Management Mistakes

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

8 Steps to Holistic Database Security

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

PATCH MANAGEMENT. February The Government of the Hong Kong Special Administrative Region

How To Buy Nitro Security

Global Partner Management Notice

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask

How To Control Vcloud Air From A Microsoft Vcloud (Vcloud)

Cisco Advanced Services for Network Security

Trend Micro. Advanced Security Built for the Cloud

Reining in the Effects of Uncontrolled Change

Desktop Management for the Small Enterprise

Managing Security Risks in Modern IT Networks

THE TOP 4 CONTROLS.

Reducing the cost and complexity of endpoint management

FISMA / NIST REVISION 3 COMPLIANCE

Simplifying the Challenges of Mobile Device Security Three Steps to Reduce Mobile Device Security Risks

HP Security Assessment Services

Proven LANDesk Solutions

TRIPWIRE NERC SOLUTION SUITE

Vulnerability Assessment: The Right Tools to Protect Your Critical Data

End-user Security Analytics Strengthens Protection with ArcSight

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Data Sheet: Archiving Altiris Server Management Suite 7.0 from Symantec Essential server management: Discover, provision, manage, and monitor

IBM InfoSphere Guardium Vulnerability Assessment

Total Protection for Compliance: Unified IT Policy Auditing

IBM InfoSphere Guardium Vulnerability Assessment

Proactively Managing Servers with Dell KACE and Open Manage Essentials

How To Manage A Network Security Risk

Data Sheet: Server Management Altiris Server Management Suite 7.0 Essential server management: Discover, provision, manage, and monitor

See all, manage all is the new mantra at the corporate workplace today.

NAC at the endpoint: control your network through device compliance

IBM InfoSphere Optim Test Data Management solution for Oracle E-Business Suite

NetIQ FISMA Compliance & Risk Management Solutions

LANDesk Server Manager. Single Console Multi-Vendor Management Solution

VSI Predict Able. We Focus on Your IT So You Can Focus on Your Business

How To Secure Your System From Cyber Attacks

Complete Patch Management

Product comparison. GFI LanGuard 2014 vs. Microsoft Windows Server Update Services 3.0 SP2

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

Vistara Lifecycle Management

IBM Security QRadar Risk Manager

YOUR DATA UNDER SIEGE: GUARD THE GAPS WITH PATCH MANAGEMENT. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next

SapphireIMS Business Service Monitoring Feature Specification

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

10 Things Your Data Center Backup Solution Should Do. Reliable, fast and easy backup is only the beginning

Devising a Server Protection Strategy with Trend Micro

INTRODUCING isheriff CLOUD SECURITY

Managing Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services

NIST CYBERSECURITY FRAMEWORK COMPLIANCE WITH OBSERVEIT

Compliance Guide: PCI DSS

Database Auditing: Best Practices. Rob Barnes, CISA Director of Security, Risk and Compliance Operations

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense

Best Practices for Information Security and IT Governance. A Management Perspective

Application Monitoring for SAP

Device Lifecycle Management

WHITEPAPER. Addressing Them with Adaptive Network Security. Executive Summary... An Evolving Network Environment Adaptive Network Security...

How To Monitor Your Entire It Environment

McAfee Database Security. Dan Sarel, VP Database Security Products

PCI DSS Reporting WHITEPAPER

Quest InTrust for Active Directory. Product Overview Version 2.5

The Operating System Lock Down Solution for Linux

1 Introduction Product Description Strengths and Challenges Copyright... 5

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

SUMMIT ASSET MANAGEMENT DATASHEET

Secure Remote Access Give users in office remote access anytime, anywhere

ENC Enterprise Network Center. Intuitive, Real-time Monitoring and Management of Distributed Devices. Benefits. Access anytime, anywhere

Transcription:

IPLOCKS WHITE PAPER February 2006 IPLocks Vulnerability Assessment: A Database Assessment Solution 2665 North First Street, Suite 110 San Jose, CA 95134 Telephone: 408.383.7500 www.iplocks.com

TABLE OF CONTENTS INTRODUCTION...2 DATABASE VULNERABILITY ASSESSMENT...2 Auto Discovery...3 Assessment Rules...3 Analysis and Reporting...3 PRIVILEGE SUMMARY...3 SUMMARY...4 ABOUT IPLOCKS...5 1

INTRODUCTION Security is a top concern in every enterprise. Enterprises have spent millions of dollars on ensuring their network is secure from intruders. With dozens of vulnerabilities uncovered daily, it has become increasingly difficult to manage the overwhelming number of patches from all the various software and hardware vendors. Enterprises have to ensure critical security patches have been applied across the environment as it only requires a single point for an intruder to gain access. There is a wide array of vulnerability assessment tools available. Typically, vulnerability assessment tools focus on the vulnerabilities associated with network and operating systems. Network vulnerabilities tools are designed to report network configuration flaws and security holes that an intruder might exploit. Ensuring operating systems are updated with the most current security patches is essential to maintaining security and availability. As companies are continually investing in traditional network, operating system, anti-virus, and anti-spam security solutions, the susceptibility of the database is often overlooked. Since over 90% of intellectual property is stored in databases, it is critical to ensure the most recent security patches have been applied and that security best practices are enforced across the enterprises heterogeneous database environments. Most enterprises use a manual approach to discover and patch vulnerabilities. This manual process is generally time consuming, flawed, and inconsistent. The Aberdeen Group identified that there is no improvement to information vulnerabilities unless an automated vulnerability system is utilized. Those that used an automated approach discovered hundreds of vulnerabilities enabling them to plug remaining compliance gaps. 1 Working along side traditional security solutions, the IPLocks Vulnerability Assessment is a key component to securing enterprise s critical information within the database. DATABASE VUNERABILITY ASSESSMENT Database vulnerabilities are routinely uncovered by database vendors, Mitre, Security Focus, and various consulting firms. The IPLocks Vulnerability Assessment Solution is a software product enabling enterprises to automatically and consistently identify and address database vulnerabilities. With the IPLocks Vulnerability Assessment Solution, enterprises are able to auto-discover databases, assess and alert against pre-defined and customized vulnerability rules, and provide summary and detailed reports. The IPLocks Vulnerability Assessment software is easily installed on Windows or Linux systems. It is separate from the scanned database server(s) and can be managed from anywhere on the network from an intuitive web-based management console or via our Command Line Interface (CLI) (Figure 1). The CLI is used to automate the assessment functions and easily manage hundreds or thousands of databases. The vulnerability assessment can be completed in minutes depending on the size of the individual database. The IPLocks Vulnerability Assessment currently supports IBM, Microsoft, Oracle, Sybase, and Teradata 2 databases. Figure 1: IPLocks Vulnerability Assessment assesses local and remote databases within the enterprise. 1 Aberdeen Group Best Practices in Security, Information and Access June 2005. 2 Available in upcoming release. 2

Auto discovery To ensure the security of critical data, administrators need to be aware of all local and remote databases in the enterprise. The IPLocks Vulnerability Assessment Solution is capable of discovering all databases, known and unknown, within the network and scanning them for potential vulnerabilities. By supplying IPLocks with the IP address range and port numbers, all databases including those at remote sites, can be discovered and assessed. Assessment Rules The IPLocks Vulnerability Assessment has hundreds of vulnerability rules with ranging severity. The rules have been gathered from database vendors and security organizations and can be supplemented by an unlimited number of user-defined rules to address any company specific vulnerability policies. Any violations and recommended corrective actions are collected, recorded, and sent as alerts. Since vulnerabilities and best practices are periodically uncovered, it is imperative that the vulnerability rules stay current. IPLocks provides an automated notification when new policies and rules are available for download via the IPLocks VA Up2date notification program. Since enterprise environments are dynamic, IPLocks provides the mechanism to schedule vulnerability assessments. Once a baseline is established, use IPLocks to track security progress and identify new vulnerabilities as new policies are added. Analysis and Reporting IPLocks provides a suite of reports to ease the task of vulnerability analysis and to help prove the accuracy and stability of the database required by internal, state, and federal regulations (Figure 2). Score Reports are generated for each database to easily identify the critical and major security holes. Summary Reports contain an item-by-item summary demonstrating which rules have passed and which have failed. Each rule is color-coded by severity to easily gauge the state of vulnerabilities. Detailed Reports provide information as to the significance of the rule, where the rule came from, and suggestions on how to resolve the problem. Trend Reports are available to demonstrate how database vulnerability health has progressed over time. Global reports show an overall health report for all databases and per database type. Privilege Summary Although most databases come with the ability to report on user and group permissions, IPLocks Vulnerability Assessment provides a summary report on all heterogeneous databases across the enterprise. It is no longer necessary to depend on others to generate a permission report per database. Using the IPLocks Vulnerability Assessment, generating a complete view of permissions for users, groups, and roles across all databases is simple and fast. This unique feature also identifies if the privilege is obtained directly or indirectly. Reports are downloaded to PDF, Excel, and text file formats or exported to third party tools for specialized report generation. Figure 2: Vulnerability Assessment Reports. 3

Figure 3: Three pillars of the IPLocks Solution: Vulnerability Assessment, Monitoring, and Auditing. summary The IPLocks Vulnerability Assessment is an enterprise class software solution that tracks and manages database vulnerabilities by autodiscovering databases, assessing and alerting against pre-defined and customized vulnerability rules, and providing summary and detailed reports of vulnerabilities. IPLocks complements existing network and operating system security solutions and goes beyond traditional vulnerability assessment to minimize operational, software, configuration, and security risks. The IPLocks Vulnerability Assessment is the first step in hardening databases within the enterprise. In order to reliably secure the information critical to your business, a complete risk management solution containing database vulnerability assessment, continuous monitoring, and auditing is essential. IPLocks Database Security and Compliance Solution enhances the Vulnerability Assessment by providing monitoring and auditing for all aspects of database security: user behavior, privileges, metadata, content, and transactions (Figure 3). IPLocks sends out near real-time alerts on any abnormal behavior or potential security breaches. For more information about IPLocks Database Security and Compliance Solution or IPLocks Vulnerability Assessment Solution, please visit http://www.iplocks.com 4

ABOUT IPLOCKS IPLocks, Inc. is the leading provider of database security and information risk management solutions. The company works with enterprises worldwide to protect critical information assets from negligent and malicious user threats, manage database security policy vulnerabilities, ease the pain of compliance and to protect privacy. San Jose, California-based IPLocks is a privately held global corporation with customers throughout North America, Asia Pacific, South America, and Europe. For additional information, visit www.iplocks.com IPLocks and the IPLocks logo are trademarks of IPLocks, Inc. All rights reserved. Any unauthorized use or reproduction of the IPLocks logo is prohibited. 2006 IPLocks, Inc. Rev 2 2/06 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information