概述
McAfee Database Activity Monitoring 能够自动发现网络上的数据库,并采用一套预设的防御措施保护它们,还能帮助您量身定制适合您环境的安全策略,以便您能够更轻松地向审核人员证明合规性,并提高重要资产数据的保护水平。McAfee Database Activity Monitoring 可通过监控本地每台数据库服务器上的活动以及实时警告或终止恶意行为,从而经济有效地保护您的数据免遭各种威胁,即使是在虚拟环境或云计算环境中运行也是如此。
全面的威胁防护 - 通过对利用已知漏洞展开的攻击进行阻止以及终止违反了安全策略的会话,来保护您的数据库(即便是未修补的数据库)免遭零日攻击的侵扰。
详细的审核跟踪报告 - 审核跟踪报告可有效地助您满足 SOX、PCI 和其他合规审核要求。在事后取证分析中,该审核跟踪报告可以帮助您了解丢失的数据量,以及更全面地监控恶意活动。
简化的修补流程,无需停机 - 根据 McAfee Database Activity Monitoring 漏洞扫描所发现的结果,安装缺少的补丁程序和修复错误的配置将会立杆见影地改善您的数据库安全状态,因为采用迈克菲的虚拟补丁技术无需任何停机。
特点和优势
针对敏感数据的最优保护,满足合规要求,减少安全事件导致的高昂成本
通过监控所有来源(包括网络/应用程序用户、本地特权帐户以及来自数据库内部的复杂攻击)对数据库造成的威胁,从而证明合规,并最大限度地降低数据泄露的可能性。
通过更快的部署和更高效的架构,节省您的时间和资金
简化构建自定义安全策略的流程,以便采用预配置的规则和模板审核和保护数据库。
通过实时识别和拦截攻击,做到防患于未然,从而将风险和责任降到最低
通过对 Oracle、Microsoft SQL Server 和 Sybase 数据库进行实时监控和入侵防护来终止可疑会话和隔离恶意用户,从而阻止数据破坏行为。
可以更灵活地在您选择的 IT 基础设施上部署 McAfee Database Activity Monitoring
在物理服务器上安装传感器,在虚拟机上配置传感器和数据库,并在云服务器上远程部署传感器。
自动查找数据库并对其进行组织以便监控和管理
通过扫描网络或从现有工具中导入来查找数据库,然后按供应商、版本或自定义标签(例如,HR、财务或 QA 等)进行分组。
立竿见影的保护让您远离已知漏洞和常见威胁
超过 380 个预定义规则可以解决数据库厂商修补的具体问题以及通用的攻击配置文件。
利用模板实现法规遵从
使用简单的分步式向导界面,创建针对 PCI DSS、SOX、HIPAA、GLBA 和 SAS-70 的自定义安全策略,并根据在数百个客户现场的工作经历创建最佳惯例。
获得对象级的敏感数据细化保护(无论攻击来源为何)
评估进程内存,以确定执行计划和受影响的对象,并识别本地用户或混淆代码违反策略的行为。
免费获得对 MySQL 数据库的全面审核
将企业级数据库安全纳入 MySQL 开放源代码数据库管理系统中,并从数据库收集全面的审核跟踪信息。
系统要求
以下仅为最低系统要求。实际要求将视具体环境而定。
最低系统要求
- McAfee ePolicy Orchestrator 4.5
- Microsoft Windows Server 2003 Service Pack 2 (SP2) 或更高版本
- Microsoft SQL Server 2005 SP1 或更高版本
- 2 GB RAM
- 1 GB 可用磁盘空间
- 浏览器(针对管理控制台):Firefox 2.0 或更高版本、Microsoft Internet Explorer 7.0 或更高版本
可监控的数据库
- 运行于 Sun Solaris、IBM AIX、Linux、HP-UX、Microsoft Windows 上的 Oracle 8.1.7 或更高版本
- Linux 上运行的 Teradata 12、13 和 13.1
- Linux 上运行的 MySQL 5.1 和 5.5
- 任何支持的 Windows 平台上运行的 Microsoft SQL 2000、2005 和 2008
- 在所有支持的平台上运行的 Sybase ASE 12.5 或更高版本
视频/演示
Protecting Your MySQL Databases from Hacks
McAfee‘s Slavik Markovich and Sean Roth demonstrate how MySQL databases — sitting beneath web applications — need protection from hacks and attacks.
演示
客户案例
University of Bristol (English)
Implementing Real-Time Database Activity Monitoring
产品特色
- Implemented solution campus-wide with minimal IT resources
- Immediate visibility into all suspicious activity across Oracle and Microsoft SQL server databases
- Identified and remediated vulnerabilities in internally developed applications by working closely with developers
新闻/活动
新闻
- McAfee Brings Security to the MySQL Open-Source Database Community (English)
三月 26, 2012主题 : Database Security
- McAfee Delivers Comprehensive Database Security Solution (English)
三月 23, 2011主题 : 风险与合规性, Database Security
- McAfee to Acquire Sentrigo to Enhance Database Security Portfolio (English)
三月 23, 2011主题 : 风险与合规性, Database Security
- Sentrigo Launches Comprehensive Enterprise-Class Vulnerability Assessment Solution for Databases (English)
九月 13, 2010主题 : Database Security
- Red Link Selects Sentrigo’s Hedgehog Enterprise to Secure Sensitive Customer Data and Meet Compliance Regulations (English)
五月 25, 2010主题 : Database Security
- Pelephone Deploys Sentrigo’s Best-of-Breed Database Security Solutions (English)
四月 5, 2010主题 : Database Security
活动
未找到结果- Securing the Next-Generation Data Center: Are You Rugged? (English)
网络广播点播
社区
论坛
未找到结果博客
- RDP+RCE=Bad News (MS12-020)
Jim Walter - 三月 14, 2012
See March 15 and 16 updates at the end of this blog. —————————————————- The March Security Bulletin release from Microsoft was relatively light in volume. Out of the six bulletins released, only one was rated as Critical. And for good reason. MS12-020 includes CVE-2012-0002. This flaw is specific to the Remote Desktop Protocol (RDP) present on Read more... - An Update on DNSChanger and Rogue DNS Servers
Jim Walter - 三月 06, 2012
In late 2011, the FBI released documents and data focusing on “Operation Ghost Click.” This malicious operation, leveraging a variety of DNSChanger-type malware, was defined by the FBI as an “international cyber ring that infected millions of computers.” Associated malware samples and events can be traced back several years, and multiple platforms were targeted. To this day many remain Read more... - McAfee Q4 Threats Report Shows Malware Surpassed 75 Million Samples in 2011
David Marcus - 二月 21, 2012
Today we released our Fourth Quarter 2011 Threat Report, revealing that malware surpassed the our estimate of 75 million unique malware samples last year. Although the release of new malware slowed a bit in Q4, mobile malware continued to increase and recorded its busiest year to date. Malware The overall growth of PC-based malware actually Read more... - Cultural Security: Promoting Security Policies Using Organizational Culture
Steven Fox - 九月 06, 2011
Most of us refer to security policies in much the same way as we refer to our car manuals – when something unexpected happens. We know these documents have useful information. However, their utility is tied to situations where answers do not present themselves readily. According to Chris Noel, SVP of Product Management at ANXeBusiness, Read more... - Building an Arsenal of Best-in-Breed Database Security Solutions
Eric Schou - 八月 19, 2011
Visit any news site on the Web, and undoubtedly you’ll come across a barrage of articles publicizing the details of yet another data breach. With the prominence of SQL injection attacks, and malicious insiders and hackers exploiting sensitive data stored on unpatched and vulnerable databases, enterprise organizations have found themselves reevaluating their security strategies. Following Read more...