1 / 30

Smart Database Firewall DB INSIGHT SG Product Introduction

Smart Database Firewall DB INSIGHT SG Product Introduction. June – 2008 MONITORAPP Co.,Ltd. Contents. about MONITORAPP DB INSIGHT SG. Vision. Mission. about MONITORAPP. Company name : MONITORAPP Co.,Ltd. Established Date : 2005-2-22 CEO : Young KwangHoo Lee Business Regions

loki
Download Presentation

Smart Database Firewall DB INSIGHT SG Product Introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Smart Database FirewallDB INSIGHT SGProduct Introduction June – 2008 MONITORAPP Co.,Ltd.

  2. Contents • about MONITORAPP • DB INSIGHT SG

  3. Vision Mission about MONITORAPP • Company name : MONITORAPP Co.,Ltd. • Established Date : 2005-2-22 • CEO : Young KwangHoo Lee • Business Regions • Application Delivery Technology Research & Development • Web Application Security product supply • Web Application Acceleration product supply • Database Security product supply • Web Application Security Service supply • Address • 306, Ace Techno Tower 1, 197-17, Guro 3-Dong, Guro-Gu, Seoul, Korea • Tel.)+82-2-749-0799 / Fax.)+82-2-749-0798 • Be a leading application delivery Solution provider in the world. • We leverage E-business by securing the entire web environment.

  4. Strategy Business Model Reliable Web Application • Web Vulnerability Analysis • Web service quality Analysis Secure & Fast Application Delivery Solution Provider Fast Web Application • Web response latency • Web server load Secure Database • IT Compliance • Increase of Database security Secure Web Application • Increase of web hacking • Leakage of personal information

  5. Products & Technologies • Products • For Web Application • WEB INSIGHT SG – Web Application Firewall • WEB INSIGHT AG – Web Application Accelerator • For Database Application • DB INSIGHT SG – Database Security & Audit • Service Business • KT Bizmeka Service • Collaboration with MSSP • Technologies • APPLICATION INSIGHT™Technology • Adaptive Profiling™ Technology • Innovative Web Acceleration Technology

  6. DB INSIGHT SG v2.0 • DB Security Overview • Product Introduction • DB INSIGHT SG Characteristics • DB INSIGHT SG Features

  7. DB Security Overview • Change of Database environment • Increase of corporate information leakage • Decrease of reputation & loss of finance • Increase of outsourcing by the external Company • The theft of important data by internal user : 70~80% Access Control for Database Protect information as important asset • Access internal network through VPN • IT Compliance requirement • Sarbanes-Oxley Act.(SOX) • PCI-DSS • HIPAA IT Compliance & Protect Privacy Increase of access path into organization

  8. DB Security Overview • Necessity of DB Security Risk & Challenge Requirement Solution External user External outsourcing company Internal user Internal DBA / manager ACCESS CONTROL ACCESS CONTROL IP address DB URER Schedule Application depend on Database Data integrity, reliability Increase of the important information AUTHORITY CONTROL AUTHORITY CONTROL OBJECT (TABLE , VIEW) SQL (DML,DDL,DCL) SQL Query Sentence AUDIT & MONITORING Meet the IT Compliance Increase of the information leakage Detect log/monitoring AUDIT & MONITORING IP address / DB / user Local connection / BEQ

  9. DB Security Overview • Access path to Database IT department use various DB tools (ex. Orange/Golden/Toad & Etc) - IT department users and outsourcing development company users connect to DB server by 2 tier type DB tool. [Security Hole] RISK IT department [atypical] DBMS Working department [typical] Application Server Working department users access to DB through other application server(3 tier type), this access method is safe than 2 tier type. Key notes All DB connections must be monitored, specially direct DB access by 2 tier type must be restricted.

  10. Product Introduction • DB INSIGHT SG • Smart Database Firewall DB INSIGHT SG delivers smart database security without impacting database performance, infrastructure and reduces cost for managing database security. • Positive Security Model • Profile based automatic security policy • User defined positive security policy • High Performance Network appliance • Support Gigabit Performance • Physical Independent Impact • Fail open (LAN Bypass) • Fail over (Active – Standby High Availability)

  11. Client Oracle MS SQL Sybase Security Policy Access & Authority Control Alert Audit Protocol Parsing [High Performance Technology] polling Memory buffer recycling Session multiplexing Product Introduction • DB INSIGHT SG Architecture DB INSIGHT Inspection Engine • Audit Log • Detect Log

  12. RDBMS Oracle Product Introduction • DB INSIGHT Agent Architecture DB Server Audit & Log local access Client Telnet FTP DB-Insight Agent SSH • Audit Log

  13. Product Introduction • Key Functions

  14. Product Introduction • DB INSIGHT SG Looks

  15. DB INSIGHT SG Characteristics • Adaptive Profiling Technology Drop DB INSIGHT SG Check abnormal query based on Profile DB DB INSIGHT SG Inspection Engine Database • DML Profiling Self Learning Engine • Form Profiling • Audit Log • Detect Log Profiling DML & Form by learning normal SQL queries

  16. DB INSIGHT SG Characteristics • Adaptive Profiling Technology • Technology for automatic database security policy • Self learning request SQL queries • Define automatic database security policy. • Reduce security administrator’s work. • Protect database security threat. • Self Learning method • Query type (Authority Profile) & Query form (Form Profile) • Authority Profile makes the automatic authority control policy. • Form Profile makes the acceptable SQL sentence policy by common SQL sentence without value.

  17. DB INSIGHT SG Characteristics • Simple Deployment <In-line mode> <One armed mode> L4 redirect or mirror Bridge

  18. DB INSIGHT SG Characteristics • Various Deployment DB INSIGHT SG L2 DB INSIGHT SG WAS / Middleware DBMS L4 redirect or Mirroring WAS / Middleware DBMS WAS / Middleware DBMS DB INSIGHT SG

  19. Policy per Database Control schedule Control DB users DB INSIGHT SG Features • Access Rule • Access Control of database subject • Allow the specific client IP address & DB User. • Block any other users. Control IP address

  20. Control schedule Operator, Owner, object DB INSIGHT SG Features • Authority Role • DB Client (IP address, DB User) • Objects + Operation (Operator, Owner, Object (table, view) • Allow the specific client IP address & DB User. • Block any other users. Client IP address, user

  21. DB INSIGHT SG Features • Authority Profile • Profiling for the specific Client (IP address & DB Users) • Profiling information - Operator (select, delete …) - Owner - object (table, view) • Block any other SQL Profiling for the specific IP address & DB Users Profiling about operator/owner / object from SQLfor the specific client

  22. Detail query DB INSIGHT SG Features • Form Profile • Profiling SQL query form • Normalizing value. • Block mismatching SQL sentence with learned profile DB. Each profile can be enableor disable

  23. Type the specific keyword DB INSIGHT SG Features • Pattern Rule • User defined the specific keyword • Block / detect the various attacks. Each pattern rule can be enable or disable

  24. check the important column DB INSIGHT SG Features • Column Rule • Restrict the important column (ex. Personal information) • Negative policy for the specific column

  25. DB INSIGHT SG Features • Audit & Analysis • Logging all SQL queries • Quick Search by filtering • Top 10 Chart Analysis - DB server - DB Users - Application - Client IP - Time

  26. DB INSIGHT SG Features • Authentication • 2 factors authentication - DB INSIGHT ID/password - DB user/password • The authenticated client can only access DB Server. • Tracing the client IP address & MAC address • Tracing the access history 2. Send authentication requirement message to client 3. Allow only authenticated client 1. Log in DB INSIGHT Manager by DB INSIGHT Client Program DBMS

  27. DB INSIGHT SG Features • Approval 4-1. Send SQL Request5. Send SQL Response 4-2. Send a block message to client • Tool independent SQL Approval function • Managing client, deciding officer and group • Policy based on the Authority Role level - Client IP address - Authenticated user - DB user - Operator / Owner / object 1. SQL Request DBMS Client 2. Summit an approval 3. Approval or disapproval Deciding officer

  28. DB INSIGHT SG Features • Central Management • Central Management manage multiple DB INSIGHT SG • Log & System monitoring - Detect log - Network / DB traffic - System usage

  29. DB INSIGHT SG Features • Log view • Search detect/block logs - 14 options for filtering - detail / simple view • Chart Analysis - Top 5 or 10 view - Chart type : 11 categories

  30. Thank You MONITORAPP Co.,Ltd. 306, Ace Techno Tower1, 197-17, Guro3-Dong, Guro-Gu, Seoul, Korea Tel : +82-2-749-0799, Fax) +82-2-749-0798 E-Mail : sales@monitorapp.com Website : www.monitorapp.com

More Related