Post on 15-Jan-2015
description
© 2010 IBM Corporation
Information Management
IBM InfoSphere Guardium Enterprise-wide Database Protection and Compliance
© 2010 IBM Corporation
SQL injection played a role in 79% of records compromised
during 2009 breaches
“Although much angst and security funding is given to …. mobile
devices and end-user systems, these assets are simply not
a major point of compromise.”
Database Servers Are The Primary Source of Breached Data
2010 Data Breach Report from Verizon Business RISK Team http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf
Source of Breached Records
… up from 75% in 2009 Report
© 2010 IBM Corporation
Information Management
Perimeter defenses no longer sufficient
A fortress mentality will not work in cyber. We cannot retreat
behind a Maginot Line of firewalls.
-- William J. Lynn III, U.S. Deputy Defense Secretary
Outsourcing
Web-Facing Apps
Employee Self-Service,
Partners & Suppliers
Insiders (DBAs, developers,
outsourcers, etc.)
Stolen Credentials
(Zeus, etc.)
© 2010 IBM Corporation
Information Management
Typical home-grown solutions are costly and ineffective
Create reports
Manual review
Manual remediation dispatch and tracking
Significant labor cost to review data and maintain process
High performance impact on DBMS from native logging
Not real time
Does not meet auditor requirements for Separation of Duties
Audit trail is not secure
Inconsistent policies enterprise-wide
Native Database Logging
Pearl/Unix Scripts/C++
Scrape and parse the data
Move to central repository
Native Database Logging
Native Database Logging
Native Database Logging
© 2010 IBM Corporation
Information Management
InfoSphere Guardium continues to demonstrate its leadership …
2011
Source: The Forrester Wave™: Database Auditing And Real-Time Protection, Q2 2011, May 6, 2011. The Forrester Wave is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based
on best available resources. Opinions reflect judgment at the time and are subject to change.
© 2011 IBM Corporation
IBM Security Solutions
6
What We Offer?
Database User Activity Monitoring
- Auditing and reporting
- Enforcing database user access
- Prevention (blocking)
Data Privacy
- Masking non-production data
- Encryption for production data
- Redaction for documents
Vulnerability Assessment
© 2010 IBM Corporation
Information Management
Collector
Real time database monitoring and protection with InfoSphere Guardium
No DBMS or application changes
Does not rely on DBMS-resident logs that can
easily be erased by attackers, rogue insiders
100% visibility including local DBA access
Minimal performance impact
Cross-DBMS solution
Granular, real-time policies & auditing
–Who, what, when, how
Automated compliance reporting, sign-
offs and escalations (financial
regulations, PCI DSS, data privacy
regulations, etc.)
Host-based
Probes (S-TAPs)
© 2010 IBM Corporation
Information Management
© 2010 IBM Corporation
Information Management
IBM InfoSphere Guardium Architecture
© 2010 IBM Corporation
Information Management
© 2011 IBM Corporation
IBM Security Solutions
Scalable Multi-Tier Architecture
Integration with LDAP,
IAM, SIEM, IBM TSM,
BMC Remedy, …
Oracle on
Linux for
System z
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2010 IBM Corporation
Information Management
IBM InfoSphere Guardium Installation
© 2010 IBM Corporation
Information Management
© 2010 IBM Corporation
Information Management
© 2010 IBM Corporation
Information Management
© 2010 IBM Corporation
Information Management
IBM InfoSphere Guardium Data Base Auto Discovery (DBAD)
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2010 IBM Corporation
Information Management
IBM InfoSphere Guardium Security Policy & Reporting
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2010 IBM Corporation
Information Management
IBM InfoSphere Guardium Classifier
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2010 IBM Corporation
Information Management
IBM InfoSphere Guardium Real Time & Correlation Alerts
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2011 IBM Corporation
IBM Security Solutions
© 2010 IBM Corporation
Information Management
IBM InfoSphere Guardium S-GATE
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
Information Management
IBM InfoSphere Guardium Quarantine & Redact
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
Information Management
IBM InfoSphere Guardium Configuration Audit System (CAS)
© 2010 IBM Corporation
© 2011 IBM Corporation
IBM Security Solutions
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
Information Management
IBM InfoSphere Guardium Vulnerability Assesment
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
Information Management
IBM InfoSphere Guardium Entitlement Reports
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
Information Management
IBM InfoSphere Guardium Application User Identification
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
© 2010 IBM Corporation
Information Management
IBM InfoSphere Guardium Paldies par uzmanību!