More Related Content
Similar to Presentation ibm info sphere guardium enterprise-wide database protection and compliance (20)
More from solarisyougood (20)
Presentation ibm info sphere guardium enterprise-wide database protection and compliance
- 4. Information Management
Perimeter defenses no longer sufficient
A fortress mentality will not work in cyber. We cannot retreat
behind a Maginot Line of firewalls.
-- William J. Lynn III, U.S. Deputy Defense Secretary
Insiders
(DBAs, developers,
outsourcers, etc.)
Outsourcing
Web-Facing Apps
Employee Self-Service,
Partners & Suppliers
Stolen Credentials
(Zeus, etc.)
© 2010 IBM Corporation
- 5. Information Management
Typical home-grown solutions are costly and ineffective
Create
reports
Manual
review
Manual
remediation
dispatch
and tracking
Significant labor cost to review data and maintain process
High performance impact on DBMS from native logging
Not real time
Does not meet auditor requirements for Separation of Duties
Audit trail is not secure
Inconsistent policies enterprise-wide
Native
Database
Logging
Native
Database
Logging Pearl/Unix Scripts/C++
Scrape and parse the data
Move to central repository
Native
Database
Logging
Native
Database
Logging
© 2010 IBM Corporation
- 6. Information Management
InfoSphere Guardium continues to demonstrate
its leadership …
2011
Source: The Forrester Wave™: Database Auditing And Real-Time Protection, Q2 2011, May 6, 2011. The Forrester Wave is copyrighted by Forrester Research, Inc. Forrester
and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester's call on a market and is plotted using a detailed
spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based
© 2010 IBM Corporationon best available resources. Opinions reflect judgment at the time and are subject to change.
- 7. IBM Security Solutions
What We Offer?
Database User Activity Monitoring
- Auditing and reporting
- Enforcing database user access
- Prevention (blocking)
Data Privacy
- Masking non-production data
- Encryption for production data
- Redaction for documents
Vulnerability Assessment
© 2011 IBM Corporation
6
- 8. Information Management
Collector
Real time database monitoring and protection with InfoSphere
Guardium
No DBMS or application changes
Does not rely on DBMS-resident logs that can
easily be erased by attackers, rogue insiders
100% visibility including local DBA access
Minimal performance impact
Cross-DBMS solution
Granular, real-time policies & auditing
–Who, what, when, how
Automated compliance reporting, sign-
offs and escalations (financial
regulations, PCI DSS, data privacy
regulations, etc.)
Host-based
Probes (S-TAPs)
© 2010 IBM Corporation
- 12. IBM Security Solutions
Scalable Multi-Tier Architecture
Integration with LDAP,
IAM, SIEM, IBM TSM,
BMC Remedy, …
Oracle on
Linux for
System z
© 2011 IBM Corporation