Author |
Topic: About guardium sql guard (Read 6914 times) |
|
Pete Finnigan
PeteFinnigan.com Administrator
Oracle Security is easier if you design for it
View Profile | WWW | Email
Gender: 
Posts: 309
|
 |
Re: About guardium sql guard
« Reply #2 on: Jul 26th, 2007, 5:21pm » |
Quote | Modify
|
See posting from Guardium user at: http://www.dbasupport.com/forums/showthread.php?p=244199#post244199
Here's an extract from that post: "We have been using Guardium SQL Guard database security solution for nearly 6 months and before deciding on it, we spend several weeks to test Guardium and others (Imperva IPS and Oracle DB vault beta) on production environment. If you are looking for a real-time monitoring solution to take control over whats going on your db servers then with my experience I can say that Guardium is the most complete and secure solution you can get."
"We also tested Imperva IPS (they call it SecureSphere Database Security & Monitoring GW but, it was simply a basic IPS which seemed to me that they moved from IPS world to run away from IPS competition to a more virgin area)."
The key difference between the two products is in their architectures: the Guardium architecture was designed to support both real-time network inspection/parsing of SQL traffic AND continuous fine-grained database auditing (which requires a scalable data management architecture, along with lots of automated reporting features). IDS/IPS systems like Imperva were never designed to efficiently store and manage massive amounts of database transactions, and then easily slice-and-dice the data to create detailed reports for SOX and PCI auditors, or use data mining tools to perform forensics on the audit trail.
Full disclosure: I am a Guardium employee.
|
|
 IP Logged |
Pete Finnigan (email:pete@petefinnigan.com)
Oracle Security Web site: http://www.petefinnigan.com
Forum: http://www.petefinnigan.com/forum/yabb/YaBB.cgi
Oracle security blog: http://www.petefinnigan.com/weblog/entries/index.html
|
|
|
|
