Your SlideShare is downloading. ×
0
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

IBM Infosphere Guardium - Database Security

4,105

Published on

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
4,105
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
222
Comments
0
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. IBM InfoSphere GuardiumEnterprise-wide Database Protection and Compliance Information Management © 2010 IBM Corporation
  • 2. Database Servers Are The Primary Source of Breached Data Source of Breached Records “Although much angst androle in SQL injection played a security funding is given to …. mobile 79% of records compromised devices and during end-user systems, these assetsbreaches not 2009 are simply a major point of compromise.” 2010 Data Breach Report from Verizon Business RISK Team http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf … up from 75% in 2009 Report © 2010 IBM Corporation
  • 3. Information ManagementPerimeter defenses no longer sufficient Insiders (DBAs, developers, outsourcers, etc.) Outsourcing Stolen Credentials Web-Facing Apps (Zeus, etc.) Employee Self-Service, Partners & Suppliers A fortress mentality will not work in cyber. We cannot retreat behind a Maginot Line of firewalls. -- William J. Lynn III, U.S. Deputy Defense Secretary © 2010 IBM Corporation
  • 4. Information Management Typical home-grown solutions are costly and ineffective Native Database Manual Logging remediationNative dispatchDatabase and trackingLogging Pearl/Unix Scripts/C++ Scrape and parse the data Move to central repository Native Database Create Manual Logging reports review Native Database Logging Significant labor cost to review data and maintain process High performance impact on DBMS from native logging Not real time Does not meet auditor requirements for Separation of Duties Audit trail is not secure Inconsistent policies enterprise-wide © 2010 IBM Corporation
  • 5. Information ManagementInfoSphere Guardium continues to demonstrateits leadership … 2011 Source: The Forrester Wave™: Database Auditing And Real-Time Protection, Q2 2011, May 6, 2011. The Forrester Wave is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forresters call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. © 2010 IBM Corporation
  • 6. IBM Security SolutionsWhat We Offer? Database User Activity Monitoring - Auditing and reporting - Enforcing database user access - Prevention (blocking) Data Privacy - Masking non-production data - Encryption for production data - Redaction for documents Vulnerability Assessment © 2011 IBM Corporation6
  • 7. Information Management Real time database monitoring and protection with InfoSphere GuardiumHost-basedProbes (S-TAPs) Collector No DBMS or application changes Cross-DBMS solution Does not rely on DBMS-resident logs that can Granular, real-time policies & auditing easily be erased by attackers, rogue insiders –Who, what, when, how 100% visibility including local DBA access Automated compliance reporting, sign- Minimal performance impact offs and escalations (financial regulations, PCI DSS, data privacy regulations, etc.) © 2010 IBM Corporation
  • 8. Information Management © 2010 IBM Corporation
  • 9. IBM InfoSphere GuardiumArchitecture Information Management © 2010 IBM Corporation
  • 10. Information Management © 2010 IBM Corporation
  • 11. IBM Security SolutionsScalable Multi-Tier Architecture Oracle on Linux for System z Integration with LDAP, IAM, SIEM, IBM TSM, BMC Remedy, … © 2011 IBM Corporation
  • 12. IBM Security Solutions © 2011 IBM Corporation
  • 13. IBM Security Solutions © 2011 IBM Corporation
  • 14. IBM Security Solutions © 2011 IBM Corporation
  • 15. IBM Security Solutions © 2011 IBM Corporation
  • 16. IBM Security Solutions © 2011 IBM Corporation
  • 17. IBM Security Solutions © 2011 IBM Corporation
  • 18. IBM Security Solutions © 2011 IBM Corporation
  • 19. IBM Security Solutions © 2011 IBM Corporation
  • 20. IBM Security Solutions © 2011 IBM Corporation
  • 21. IBM Security Solutions © 2011 IBM Corporation
  • 22. IBM InfoSphere GuardiumInstallation Information Management © 2010 IBM Corporation
  • 23. Information Management © 2010 IBM Corporation
  • 24. Information Management © 2010 IBM Corporation
  • 25. Information Management © 2010 IBM Corporation
  • 26. IBM InfoSphere GuardiumData Base Auto Discovery (DBAD) Information Management © 2010 IBM Corporation
  • 27. IBM Security Solutions © 2011 IBM Corporation
  • 28. IBM Security Solutions © 2011 IBM Corporation
  • 29. IBM InfoSphere GuardiumSecurity Policy & Reporting Information Management © 2010 IBM Corporation
  • 30. IBM Security Solutions © 2011 IBM Corporation
  • 31. IBM Security Solutions © 2011 IBM Corporation
  • 32. IBM Security Solutions © 2011 IBM Corporation
  • 33. IBM Security Solutions © 2011 IBM Corporation
  • 34. IBM Security Solutions © 2011 IBM Corporation
  • 35. IBM Security Solutions © 2011 IBM Corporation
  • 36. IBM Security Solutions © 2011 IBM Corporation
  • 37. IBM InfoSphere GuardiumClassifier Information Management © 2010 IBM Corporation
  • 38. IBM Security Solutions © 2011 IBM Corporation
  • 39. IBM Security Solutions © 2011 IBM Corporation
  • 40. IBM Security Solutions © 2011 IBM Corporation
  • 41. IBM InfoSphere GuardiumReal Time & Correlation Alerts Information Management © 2010 IBM Corporation
  • 42. IBM Security Solutions © 2011 IBM Corporation
  • 43. IBM Security Solutions © 2011 IBM Corporation
  • 44. IBM Security Solutions © 2011 IBM Corporation
  • 45. IBM InfoSphere GuardiumS-GATE Information Management © 2010 IBM Corporation
  • 46. © 2010 IBM Corporation
  • 47. © 2010 IBM Corporation
  • 48. © 2010 IBM Corporation
  • 49. © 2010 IBM Corporation
  • 50. © 2010 IBM Corporation
  • 51. IBM InfoSphere GuardiumQuarantine & Redact Information Management © 2010 IBM Corporation
  • 52. © 2010 IBM Corporation
  • 53. © 2010 IBM Corporation
  • 54. © 2010 IBM Corporation
  • 55. © 2010 IBM Corporation
  • 56. © 2010 IBM Corporation
  • 57. IBM InfoSphere GuardiumConfiguration Audit System (CAS) Information Management © 2010 IBM Corporation
  • 58. © 2010 IBM Corporation
  • 59. IBM Security Solutions © 2011 IBM Corporation
  • 60. © 2010 IBM Corporation
  • 61. © 2010 IBM Corporation
  • 62. © 2010 IBM Corporation
  • 63. IBM InfoSphere GuardiumVulnerability Assesment Information Management © 2010 IBM Corporation
  • 64. © 2010 IBM Corporation
  • 65. © 2010 IBM Corporation
  • 66. IBM InfoSphere GuardiumEntitlement Reports Information Management © 2010 IBM Corporation
  • 67. © 2010 IBM Corporation
  • 68. © 2010 IBM Corporation
  • 69. IBM InfoSphere GuardiumApplication User Identification Information Management © 2010 IBM Corporation
  • 70. © 2010 IBM Corporation
  • 71. © 2010 IBM Corporation
  • 72. © 2010 IBM Corporation
  • 73. © 2010 IBM Corporation
  • 74. © 2010 IBM Corporation
  • 75. © 2010 IBM Corporation
  • 76. IBM InfoSphere GuardiumPaldies par uzmanību! Information Management © 2010 IBM Corporation

×