300 likes | 534 Views
Smart Database Firewall DB INSIGHT SG Product Introduction. June – 2008 MONITORAPP Co.,Ltd. Contents. about MONITORAPP DB INSIGHT SG. Vision. Mission. about MONITORAPP. Company name : MONITORAPP Co.,Ltd. Established Date : 2005-2-22 CEO : Young KwangHoo Lee Business Regions
E N D
Smart Database FirewallDB INSIGHT SGProduct Introduction June – 2008 MONITORAPP Co.,Ltd.
Contents • about MONITORAPP • DB INSIGHT SG
Vision Mission about MONITORAPP • Company name : MONITORAPP Co.,Ltd. • Established Date : 2005-2-22 • CEO : Young KwangHoo Lee • Business Regions • Application Delivery Technology Research & Development • Web Application Security product supply • Web Application Acceleration product supply • Database Security product supply • Web Application Security Service supply • Address • 306, Ace Techno Tower 1, 197-17, Guro 3-Dong, Guro-Gu, Seoul, Korea • Tel.)+82-2-749-0799 / Fax.)+82-2-749-0798 • Be a leading application delivery Solution provider in the world. • We leverage E-business by securing the entire web environment.
Strategy Business Model Reliable Web Application • Web Vulnerability Analysis • Web service quality Analysis Secure & Fast Application Delivery Solution Provider Fast Web Application • Web response latency • Web server load Secure Database • IT Compliance • Increase of Database security Secure Web Application • Increase of web hacking • Leakage of personal information
Products & Technologies • Products • For Web Application • WEB INSIGHT SG – Web Application Firewall • WEB INSIGHT AG – Web Application Accelerator • For Database Application • DB INSIGHT SG – Database Security & Audit • Service Business • KT Bizmeka Service • Collaboration with MSSP • Technologies • APPLICATION INSIGHT™Technology • Adaptive Profiling™ Technology • Innovative Web Acceleration Technology
DB INSIGHT SG v2.0 • DB Security Overview • Product Introduction • DB INSIGHT SG Characteristics • DB INSIGHT SG Features
DB Security Overview • Change of Database environment • Increase of corporate information leakage • Decrease of reputation & loss of finance • Increase of outsourcing by the external Company • The theft of important data by internal user : 70~80% Access Control for Database Protect information as important asset • Access internal network through VPN • IT Compliance requirement • Sarbanes-Oxley Act.(SOX) • PCI-DSS • HIPAA IT Compliance & Protect Privacy Increase of access path into organization
DB Security Overview • Necessity of DB Security Risk & Challenge Requirement Solution External user External outsourcing company Internal user Internal DBA / manager ACCESS CONTROL ACCESS CONTROL IP address DB URER Schedule Application depend on Database Data integrity, reliability Increase of the important information AUTHORITY CONTROL AUTHORITY CONTROL OBJECT (TABLE , VIEW) SQL (DML,DDL,DCL) SQL Query Sentence AUDIT & MONITORING Meet the IT Compliance Increase of the information leakage Detect log/monitoring AUDIT & MONITORING IP address / DB / user Local connection / BEQ
DB Security Overview • Access path to Database IT department use various DB tools (ex. Orange/Golden/Toad & Etc) - IT department users and outsourcing development company users connect to DB server by 2 tier type DB tool. [Security Hole] RISK IT department [atypical] DBMS Working department [typical] Application Server Working department users access to DB through other application server(3 tier type), this access method is safe than 2 tier type. Key notes All DB connections must be monitored, specially direct DB access by 2 tier type must be restricted.
Product Introduction • DB INSIGHT SG • Smart Database Firewall DB INSIGHT SG delivers smart database security without impacting database performance, infrastructure and reduces cost for managing database security. • Positive Security Model • Profile based automatic security policy • User defined positive security policy • High Performance Network appliance • Support Gigabit Performance • Physical Independent Impact • Fail open (LAN Bypass) • Fail over (Active – Standby High Availability)
Client Oracle MS SQL Sybase Security Policy Access & Authority Control Alert Audit Protocol Parsing [High Performance Technology] polling Memory buffer recycling Session multiplexing Product Introduction • DB INSIGHT SG Architecture DB INSIGHT Inspection Engine • Audit Log • Detect Log
RDBMS Oracle Product Introduction • DB INSIGHT Agent Architecture DB Server Audit & Log local access Client Telnet FTP DB-Insight Agent SSH • Audit Log
Product Introduction • Key Functions
Product Introduction • DB INSIGHT SG Looks
DB INSIGHT SG Characteristics • Adaptive Profiling Technology Drop DB INSIGHT SG Check abnormal query based on Profile DB DB INSIGHT SG Inspection Engine Database • DML Profiling Self Learning Engine • Form Profiling • Audit Log • Detect Log Profiling DML & Form by learning normal SQL queries
DB INSIGHT SG Characteristics • Adaptive Profiling Technology • Technology for automatic database security policy • Self learning request SQL queries • Define automatic database security policy. • Reduce security administrator’s work. • Protect database security threat. • Self Learning method • Query type (Authority Profile) & Query form (Form Profile) • Authority Profile makes the automatic authority control policy. • Form Profile makes the acceptable SQL sentence policy by common SQL sentence without value.
DB INSIGHT SG Characteristics • Simple Deployment <In-line mode> <One armed mode> L4 redirect or mirror Bridge
DB INSIGHT SG Characteristics • Various Deployment DB INSIGHT SG L2 DB INSIGHT SG WAS / Middleware DBMS L4 redirect or Mirroring WAS / Middleware DBMS WAS / Middleware DBMS DB INSIGHT SG
Policy per Database Control schedule Control DB users DB INSIGHT SG Features • Access Rule • Access Control of database subject • Allow the specific client IP address & DB User. • Block any other users. Control IP address
Control schedule Operator, Owner, object DB INSIGHT SG Features • Authority Role • DB Client (IP address, DB User) • Objects + Operation (Operator, Owner, Object (table, view) • Allow the specific client IP address & DB User. • Block any other users. Client IP address, user
DB INSIGHT SG Features • Authority Profile • Profiling for the specific Client (IP address & DB Users) • Profiling information - Operator (select, delete …) - Owner - object (table, view) • Block any other SQL Profiling for the specific IP address & DB Users Profiling about operator/owner / object from SQLfor the specific client
Detail query DB INSIGHT SG Features • Form Profile • Profiling SQL query form • Normalizing value. • Block mismatching SQL sentence with learned profile DB. Each profile can be enableor disable
Type the specific keyword DB INSIGHT SG Features • Pattern Rule • User defined the specific keyword • Block / detect the various attacks. Each pattern rule can be enable or disable
check the important column DB INSIGHT SG Features • Column Rule • Restrict the important column (ex. Personal information) • Negative policy for the specific column
DB INSIGHT SG Features • Audit & Analysis • Logging all SQL queries • Quick Search by filtering • Top 10 Chart Analysis - DB server - DB Users - Application - Client IP - Time
DB INSIGHT SG Features • Authentication • 2 factors authentication - DB INSIGHT ID/password - DB user/password • The authenticated client can only access DB Server. • Tracing the client IP address & MAC address • Tracing the access history 2. Send authentication requirement message to client 3. Allow only authenticated client 1. Log in DB INSIGHT Manager by DB INSIGHT Client Program DBMS
DB INSIGHT SG Features • Approval 4-1. Send SQL Request5. Send SQL Response 4-2. Send a block message to client • Tool independent SQL Approval function • Managing client, deciding officer and group • Policy based on the Authority Role level - Client IP address - Authenticated user - DB user - Operator / Owner / object 1. SQL Request DBMS Client 2. Summit an approval 3. Approval or disapproval Deciding officer
DB INSIGHT SG Features • Central Management • Central Management manage multiple DB INSIGHT SG • Log & System monitoring - Detect log - Network / DB traffic - System usage
DB INSIGHT SG Features • Log view • Search detect/block logs - 14 options for filtering - detail / simple view • Chart Analysis - Top 5 or 10 view - Chart type : 11 categories
Thank You MONITORAPP Co.,Ltd. 306, Ace Techno Tower1, 197-17, Guro3-Dong, Guro-Gu, Seoul, Korea Tel : +82-2-749-0799, Fax) +82-2-749-0798 E-Mail : sales@monitorapp.com Website : www.monitorapp.com