Pete Finnigan's Oracle Security Forum
        (http://www.petefinnigan.com/forum/yabb/YaBB.cgi)
      

        Database Security >> Database Security >> About guardium sql guard
        
(Message started by: Pete Finnigan on Jun 27th, 2007, 8:51am)
Title: About guardium sql guard
Post by Pete Finnigan on Jun 27th, 2007, 8:51am
Hi, all,
   Here we want to use guardium SQL guard to protect our database.  Has there anyone use this product?  Could anyone can give us some suggestion on this product?
Title: Re: About guardium sql guard
Post by Pete Finnigan on Jul 4th, 2007, 7:23am
Hi,

They are ok but...if you are looking for a security and auditing type of solution for your DB with a much better conception , performance and abilities I would really recommend you to go for Imperva.   www.imperva.com
Title: Re: About guardium sql guard
Post by Pete Finnigan on Jul 26th, 2007, 5:21pm
See posting from Guardium user at: http://www.dbasupport.com/forums/showthread.php?p=244199#post244199

Here's an extract from that post:  "We have been using Guardium SQL Guard database security solution for nearly 6 months and before deciding on it, we spend several weeks to test Guardium and others (Imperva IPS and Oracle DB vault beta) on production environment. If you are looking for a real-time monitoring solution to take control over whats going on your db servers then with my experience I can say that Guardium is the most complete and secure solution you can get."

"We also tested Imperva IPS (they call it SecureSphere Database Security & Monitoring GW but, it was simply a basic IPS which seemed to me that they moved from IPS world to run away from IPS competition to a more virgin area)."

The key difference between the two products is in their architectures:  the Guardium architecture was designed to support both real-time network inspection/parsing of SQL traffic AND continuous fine-grained database auditing (which requires a scalable data management architecture, along with lots of automated reporting features).  IDS/IPS systems like Imperva were never designed to efficiently store and manage massive amounts of database transactions, and then easily slice-and-dice the data to create detailed reports for SOX and PCI auditors, or use data mining tools to perform forensics on the audit trail.

Full disclosure: I am a Guardium employee.


Powered by YaBB 1 Gold - SP 1.4!
Forum software copyright © 2000-2004 Yet another Bulletin Board