Real-Time Solutions for Safeguarding Databases
Guardium, Inc.
230 Third Avenue
Waltham, MA 02451
USA
Company Confidential www.guardium.com

Agenda
• Guardium overview
• Database activity monitoring
– Importance
– It’s all about compliance…or is it?
– Problems Guardium solves
• SQL Guard overview
• Customer Case Study
• Conclusion
2
CONFIDENTIAL

Corporate Background
• Founded in 2002
• Rapid customer acceptance
– Top 5 U.S. bank
– Top 10 European financial institution
– Global consumer products manufacturer with 100,000+ employees
– Top 5 independent oil & gas company in N.A. with $10B revenues
– Top 5 individual life insurance direct provider
– Telecommunications, pharmaceuticals, media, retail, government…
• Member of IBM’s prestigious Data Governance Council
• Partnerships: Oracle, IBM, Microsoft, Sybase, EMC, HP
• Recently announced investment by Cisco Systems and other investors
3
CONFIDENTIAL

Real-Time, Network-Based Database
Security
Protects sensitive
information
Enforces system access & Automates compliance
change control policies monitoring & reporting
4
CONFIDENTIAL

SQL Guard
Networks Applications Databases
5
CONFIDENTIAL

SQL Guard
Automatically filters and focuses
Networks Applications Databases
ALL SQL commands
Actual SQL
Fields
Objects
Server IP Verbs
Server port DDL
Server name DML
Client IP DB user name
Client host name Session
SQL patterns DB version
Client OS DB type
MAC Network protocol
Server OS DB protocol
TTL Origin
Origin Timestamp
Source programs DB errors
Failed logins etc.
6
CONFIDENTIAL

Scalability for Distributed
Environments
7
CONFIDENTIAL

SQL Guard Security Suite
A modular suite of integrated security applications that
makes the impossible practical:
SQL HealthGuard™
SQL PolicyGuard™
SQL AuditGuard™
All without turning on database audit logging!
8
CONFIDENTIAL

9
CONFIDENTIAL

10
CONFIDENTIAL

11
CONFIDENTIAL

Case Study: Improving DB
Security for SOX
• WHO: Leading North American energy producer with $10B revenue &
6,000 employees
• NEED: Quickly improve security of financial/ERP databases for SOX
compliance
• ENVIRONMENT: Large number of databases: Oracle, MS-SQL Server
– Running on Sun Solaris & MS Windows servers
• RESULTS: Immediate proactive response to security incidents
– Passing internal and external SOX audits
• “… interactions with the SOX auditors were greatly simplified by
using a purpose-built solution for database activity monitoring and
auditing.”
– Enhanced change controls: Real-time alerting whenever changes to
specific tables are made; identify all users accessing database via
application that only provides generic ID
– Optimized ERP performance by identifying unresolved database errors Commissioned case study
• ROI: “Solid financial return”
– ROI = 55% and payback period = 11 months
12
CONFIDENTIAL

Contact Us: Guardium, Inc.
sales@guardium.com 230 Third Avenue
Waltham, MA 02451
USA
T: +1.781.487.9400
F: +1.781.487.7900
www.guardium.com