Smart Database Firewall DB INSIGHT SG Product Introduction - PowerPoint PPT Presentation

About This Presentation
Title:

Smart Database Firewall DB INSIGHT SG Product Introduction

Description:

Smart Database Firewall DB INSIGHT ... Secure & Fast Application Delivery Solution Provider ... , DB INSIGHT SG is the smart DB Firewall appliance without FOD ... – PowerPoint PPT presentation

Number of Views:94
Avg rating:3.0/5.0
Slides: 31
Provided by: Brian854
Category:

less

Transcript and Presenter's Notes

Title: Smart Database Firewall DB INSIGHT SG Product Introduction


1
Smart Database FirewallDB INSIGHT SGProduct
Introduction
  • June 2008
  • MONITORAPP Co.,Ltd.

2
Contents
  • about MONITORAPP
  • DB INSIGHT SG

3
about MONITORAPP
  • Company name MONITORAPP Co.,Ltd.
  • Established Date 2005-2-22
  • CEO Young KwangHoo Lee
  • Business Regions
  • Application Delivery Technology Research
    Development
  • Web Application Security product supply
  • Web Application Acceleration product supply
  • Database Security product supply
  • Web Application Security Service supply
  • Address
  • 306, Ace Techno Tower 1, 197-17, Guro 3-Dong,
    Guro-Gu, Seoul, Korea
  • Tel.)82-2-749-0799 / Fax.)82-2-749-0798

Be a leading application delivery Solution
provider in the world.
We leverage E-business by securing the
entire web environment.
4
Strategy Business Model
Reliable Web Application
  • Web Vulnerability Analysis
  • Web service quality Analysis

Secure Fast Application Delivery Solution
Provider
Fast Web Application
  • Web response latency
  • Web server load

Secure Database
  • IT Compliance
  • Increase of Database security

Secure Web Application
  • Increase of web hacking
  • Leakage of personal information

5
Products Technologies
  • Products
  • For Web Application
  • WEB INSIGHT SG Web Application Firewall
  • WEB INSIGHT AG Web Application Accelerator
  • For Database Application
  • DB INSIGHT SG Database Security Audit
  • Service Business
  • KT Bizmeka Service
  • Collaboration with MSSP
  • Technologies
  • APPLICATION INSIGHT Technology
  • Adaptive Profiling Technology
  • Innovative Web Acceleration Technology

6
DB INSIGHT SG v2.0
  • DB Security Overview
  • Product Introduction
  • DB INSIGHT SG Characteristics
  • DB INSIGHT SG Features

7
DB Security Overview
  • Change of Database environment
  • Increase of corporate information leakage
  • Decrease of reputation loss of finance
  • Increase of outsourcing by the external Company
  • The theft of important data by internal user
    7080

Protect information as important asset
Access Control for Database
  • Access internal network through VPN
  • IT Compliance requirement
  • Sarbanes-Oxley Act.(SOX)
  • PCI-DSS
  • HIPAA

IT Compliance Protect Privacy
Increase of access path into organization
8
DB Security Overview
  • Necessity of DB Security

Risk Challenge
Requirement
Solution
External user External outsourcing company
Internal user Internal DBA / manager
ACCESS CONTROL
ACCESS CONTROL
IP address
DB URER
Schedule
Application depend on Database Data integrity,
reliability Increase of the important information
AUTHORITY CONTROL
AUTHORITY CONTROL
OBJECT (TABLE , VIEW)
SQL (DML,DDL,DCL)
SQL Query Sentence
AUDIT MONITORING
Meet the IT Compliance Increase of the
information leakage
Detect log/monitoring
AUDIT MONITORING
IP address / DB / user
Local connection / BEQ
9
DB Security Overview
  • Access path to Database

IT department use various DB tools (ex.
Orange/Golden/Toad Etc) - IT department
users and outsourcing development company users
connect to DB server by 2 tier type DB tool.
Security Hole
RISK
IT department atypical
DBMS
Working department typical
Application Server
Working department users access to DB through
other application server(3 tier type), this
access method is safe than 2 tier type.
Key notes All DB connections must be
monitored, specially direct DB access by 2 tier
type must be restricted.
10
Product Introduction
  • DB INSIGHT SG
  • Smart Database Firewall
  • DB INSIGHT SG delivers smart database security
    without impacting database performance,
    infrastructure and reduces cost for managing
    database security.
  • Positive Security Model
  • Profile based automatic security policy
  • User defined positive security policy
  • High Performance Network appliance
  • Support Gigabit Performance
  • Physical Independent Impact
  • Fail open (LAN Bypass)
  • Fail over (Active Standby High Availability)

11
Product Introduction
  • DB INSIGHT SG Architecture

DB INSIGHT Inspection Engine
  • Audit Log
  • Detect Log

12
Product Introduction
  • DB INSIGHT Agent Architecture

DB Server
Audit Log local access
Client
Telnet
FTP
DB-Insight Agent
SSH
  • Audit Log

13
Product Introduction
  • Key Functions

Policy Functions Details
Positive Access Control IP address, DB user, schedule (time) IP address group, DB user group Security policy group
Positive Authority Control Control by objects (Table, View) SQL operation (DML,DDL ,DCL) SQL sentence
Positive Profile Automatic security policy by self learning SQL query Positive security based automatic Authority policy by Authority Profile Control SQL sentence form by Form Profile
Negative Pattern Rule Block/detect the user defined query pattern
Negative Column Rule Block/detect the specific column of object
Audit Archive Analysis Logging all the SQL query. Analyzing audit log security log
Management Management Central management for a several Analyzing the database traffic network traffic Monitoring system usage
14
Product Introduction
  • DB INSIGHT SG Looks

DISG-530 DISG-1030 DISG-2030 DISG-4060
View
Spec. 1U Rack mountable Core 2 Duo CPU 2GB Memory 1GB CFM Single Power Supply 10/100/1000M x 8 (3pairs GBE Bypass) 2U Rack mountable Xeon 3.6GHz 2 2GB Memory 1GB CFM 10/100/1000M x 4 (2Pairs GBE Bypass) Fiber 1G x 4 (1Pair Fiber Bypass) 10/100M 1 Redundant Power Supply 2U Rack mountable Dual Core CPU x 2 2GB Memory 1GB CFM 10/100/1000 x 6 (2Pairs GBE Bypass) Fiber 1G x 2 (1Pair Fiber Bypass) Redundant Power Supply 2U Rack mountable Quad Core CPU x 2 4GB Memory 1GB CFM 10/100/1000 x 10 (4Pairs GBE Bypass) Fiber 1G x 4 (2 Pairs Fiber Bypass) Redundant Power Supply
15
DB INSIGHT SG Characteristics
  • Adaptive Profiling Technology

Drop
DB INSIGHT SG
Check abnormal query based on Profile DB
DB INSIGHT SG Inspection Engine
Database
  • DML Profiling

Self Learning Engine
  • Form Profiling

Profiling DML Form by learning normal SQL
queries
  • Audit Log
  • Detect Log

16
DB INSIGHT SG Characteristics
  • Adaptive Profiling Technology
  • Technology for automatic database security policy
  • Self learning request SQL queries
  • Define automatic database security policy.
  • Reduce security administrators work.
  • Protect database security threat.
  • Self Learning method
  • Query type (Authority Profile) Query form (Form
    Profile)
  • Authority Profile makes the automatic authority
    control policy.
  • Form Profile makes the acceptable SQL sentence
    policy by common SQL sentence without value.

17
DB INSIGHT SG Characteristics
  • Simple Deployment

Proxy Gateway Proxy Gateway Network Deployment
Proxy Gateway In-line or One armed mode Bridge mode without IP address No changes to existing infrastructure Access Authority Control Useful for the authority control Proxy Gateway In-line or One armed mode Bridge mode without IP address No changes to existing infrastructure Access Authority Control Useful for the authority control
Sniffing Gateway Sniffing Gateway
Mirror based In-line or One-armed mode Bridge mode without IP address No changes to existing infrastructure Block by session reset. Limited Access Authority Control Useful for the audit logging Mirror based In-line or One-armed mode Bridge mode without IP address No changes to existing infrastructure Block by session reset. Limited Access Authority Control Useful for the audit logging
Difference Difference
Proxy Mode Sniffing Mode
Strong security Low performance than sniffing mode for Access Authority Control Limited security High performance than Proxy mode about 3 times for audit logging In the physical configuration,DB INSIGHT SG is the smart DB Firewall appliance without FOD (Fail open device) and Tap switch.
ltIn-line modegt
ltOne armed modegt
L4 redirect or mirror
Bridge
18
DB INSIGHT SG Characteristics
  • Various Deployment

Bridge Mode Active - Active HA Mode One_Armed Mode
In-line on network No changes to existing infrastructure Support LAN bypass on failure Active Standby HA Mode Health Check (Daemon, NIC, Link, System) Support Fail-over on failure By L4 switch supporting port redirection, one-armed mode configuration (Proxy sniffing mode) can be used. By L2 switch supporting port mirroring, one-armed mode configuration (Sniffing mode only) can be used.

DB INSIGHT SG
L2
DB INSIGHT SG
WAS / Middleware
DBMS
L4 redirect or Mirroring
WAS / Middleware
DBMS
WAS / Middleware
DBMS
DB INSIGHT SG
19
DB INSIGHT SG Features
  • Access Rule
  • Access Control of database subject
  • Allow the specific client IP address DB
    User.
  • Block any other users.

Control IP address
20
DB INSIGHT SG Features
  • Authority Role
  • DB Client (IP address, DB User)
  • Objects Operation (Operator, Owner, Object
    (table, view)
  • Allow the specific client IP address DB
    User.
  • Block any other users.

Client IP address, user
21
DB INSIGHT SG Features
  • Authority Profile
  • Profiling for the specific Client (IP address
    DB Users)
  • Profiling information - Operator (select,
    delete ) - Owner - object (table, view)
  • Block any other SQL

Profiling for the specific IP address DB Users
Profiling about operator/owner / object from
SQLfor the specific client
22
DB INSIGHT SG Features
  • Form Profile
  • Profiling SQL query form
  • Normalizing value.
  • Block mismatching SQL sentence with learned
    profile DB.

Each profile can be enableor disable
23
DB INSIGHT SG Features
  • Pattern Rule
  • User defined the specific keyword
  • Block / detect the various attacks.

Each pattern rule can be enable or disable
24
DB INSIGHT SG Features
  • Column Rule
  • Restrict the important column (ex.
    Personal information)
  • Negative policy for the specific column

25
DB INSIGHT SG Features
  • Audit Analysis
  • Logging all SQL queries
  • Quick Search by filtering
  • Top 10 Chart Analysis - DB server - DB
    Users - Application - Client IP - Time

26
DB INSIGHT SG Features
  • Authentication
  • 2 factors authentication - DB INSIGHT
    ID/password - DB user/password
  • The authenticated client can only access DB
    Server.
  • Tracing the client IP address MAC address
  • Tracing the access history

2. Send authentication requirement message
to client
3. Allow only authenticated client
1. Log in DB INSIGHT Manager by DB INSIGHT
Client Program
DBMS
27
DB INSIGHT SG Features
  • Approval

4-1. Send SQL Request5. Send SQL Response
4-2. Send a block message to client
  • Tool independent SQL Approval function
  • Managing client, deciding officer and group
  • Policy based on the Authority Role level -
    Client IP address - Authenticated user - DB
    user - Operator / Owner / object

1. SQL Request
DBMS
Client
2. Summit an approval
3. Approval or disapproval
Deciding officer
28
DB INSIGHT SG Features
  • Central Management
  • Central Management manage multiple DB
    INSIGHT SG
  • Log System monitoring - Detect log -
    Network / DB traffic - System usage

29
DB INSIGHT SG Features
  • Log view
  • Search detect/block logs - 14 options for
    filtering - detail / simple view
  • Chart Analysis - Top 5 or 10 view - Chart
    type 11 categories

30
Thank You
MONITORAPP Co.,Ltd. 306, Ace Techno Tower1,
197-17, Guro3-Dong, Guro-Gu, Seoul, Korea Tel
82-2-749-0799, Fax) 82-2-749-0798 E-Mail
sales_at_monitorapp.com Website www.monitorapp.com
Write a Comment
User Comments (0)
About PowerShow.com