概述
McAfee Vulnerability Manager for Databases 能够自动发现网络中的数据库,确定是否应用了最新补丁,并测试是否存在常见漏洞(如密码过于简单、默认帐户和其他常见威胁)。McAfee Vulnerability Manager for Databases 可以针对知名的数据库系统(如 SQL Server、DB2 和 MySQL)执行 3000 多项漏洞检查。
严密监控数据库漏洞 - McAfee Vulnerability Manager for Databases 通过加强数据库漏洞的监控并提供专家修补建议,可以降低重大违规的可能性,并通过更好地部署审核与合规工作来节省资金。
对所有已知威胁媒介进行风险评估 - 很多产品会让您疲于应付各种并不严重的威胁,而掩盖了亟需解决的严重问题,但 McAfee Vulnerability Manager for Databases 可以评估所有已知威胁媒介中存在的风险,将各种威胁明确划分为不同的处理优先级,并提供修复脚本和建议。
集中式数据库安全管理 - McAfee ePolicy Orchestrator (McAfee ePO) 软件可提供端对端监控以及详细的警报和报告,并且完全集成了 Vulnerability Manager for Databases。
特点和优势
可获得无可比拟的数据库安全状态监控
通过自动发现网络中的数据库并执行 3000 多项漏洞检查,从而精确了解风险所在以及将违规的可能性降到最低的方法。
通过降低对外部数据库安全顾问的依赖,为您省时省钱
获得有关最严重漏洞的修补建议,在许多情况下还会为您提供可以直接运行的修复脚本以帮您解决各种问题。
享受 3000 多项安全验证
获得针对最主流数据库平台的全面、最新检查,并查看有关重要信息的报告,如版本/补丁级别、变更的对象、修改的权限以及常见黑客工具的取证跟踪记录。
自动发现数据库和敏感表格
通过扫描网络或从现有工具中导入来查找数据库,并根据预设类型识别包含限制信息的表格。
快速、高效地检查密码
采用多种方式来检查强度较弱的密码和共享密码,包括哈希密码(SHA-1、MD5 和 DES),通过下载数据进行本地分析以避免影响数据库性能。
获得现成可用的合规报告和自定义报告
查看针对 PCI DSS 和其他法规的报告,以及针对各利益相关者(如数据库管理员 (DBA)、开发人员和 InfoSec 用户)的特定报告。
获取高风险漏洞的修补建议和修复脚本
按照风险严重程度排列漏洞,并根据知名安全研究人员的反馈提供可操作的修补建议。
与 McAfee ePolicy Orchestrator (ePO) 直接集成
您可以将 McAfee Vulnerability Manager for Databases 直接集成到 ePO 平台中,从而通过一个一致的信息显示板了解有关数千个数据库的集中报告和摘要信息。
系统要求
以下仅为最低系统要求。实际要求将视具体环境而定。
- McAfee ePolicy Orchestrator (ePO) 4.5
- Microsoft Windows Server 2003 Service Pack 2 (SP2) 或更高版本
- Microsoft SQL Server 2005 SP1 或更高版本
- 2 GB RAM
- 1 GB 可用磁盘空间
- 浏览器(针对管理控制台):Firefox 2.0 或更高版本、Microsoft Internet Explorer 7.0 或更高版本
扫描操作所支持的数据库
- Oracle 8i 或更高版本
- Microsoft SQL Server 2000 或更高版本
- Microsoft SQL Azure
- 面向 Linux、Unix 和 Windows 的 IBM DB2 8.1 或更高版本
- MySQL 4.0 或更高版本
- PostgreSQL 8.3 或更高版本
- Sybase ASE 12.5 或更高版本
演示/视频
Hardening Database Security
Learn how the McAfee Database Security Solution protects you from database breaches and falling victim to cybercrime. This solution includes McAfee Vulnerability Manager for Databases, McAfee Database Activity Monitoring, and McAfee ePolicy Orchestrator software.
McAfee Risk & Compliance (English)
Learn how McAfee Risk and Compliance products scan your entire network, providing complete visibility and ensuring proper protection.
视频
新闻/活动
新闻
- McAfee Delivers Comprehensive Database Security Solution (English)
三月 23, 2011主题 : 风险与合规性, Database Security
- McAfee to Acquire Sentrigo to Enhance Database Security Portfolio (English)
三月 23, 2011主题 : 风险与合规性, Database Security
- Sentrigo Launches Comprehensive Enterprise-Class Vulnerability Assessment Solution for Databases (English)
九月 13, 2010主题 : Database Security
- McAfee Unveils Unparalleled Risk Management Solution (English)
七月 19, 2010主题 : 终端保护, 风险与合规性, Database Security
活动
未找到结果社区
论坛
McAfee Communities : All Content - Vulnerability Manager (Foundstone)
- Past Due Tickets Notification
23 hours ago - Can't find full vulnerability scan template
1 day ago - 1 Post - Workstation vulnerability scanning-How do you do it?
1 day ago - 5 posts - Scan for open shared folder in the network
1 day ago - Vulnerability Manager 7.0 with ePO on the same server
2 days ago - 3 posts
博客
- RDP+RCE=Bad News (MS12-020)
Jim Walter - 三月 14, 2012
See March 15 and 16 updates at the end of this blog. —————————————————- The March Security Bulletin release from Microsoft was relatively light in volume. Out of the six bulletins released, only one was rated as Critical. And for good reason. MS12-020 includes CVE-2012-0002. This flaw is specific to the Remote Desktop Protocol (RDP) present on Read more... - An Update on DNSChanger and Rogue DNS Servers
Jim Walter - 三月 06, 2012
In late 2011, the FBI released documents and data focusing on “Operation Ghost Click.” This malicious operation, leveraging a variety of DNSChanger-type malware, was defined by the FBI as an “international cyber ring that infected millions of computers.” Associated malware samples and events can be traced back several years, and multiple platforms were targeted. To this day many remain Read more... - McAfee Q4 Threats Report Shows Malware Surpassed 75 Million Samples in 2011
David Marcus - 二月 21, 2012
Today we released our Fourth Quarter 2011 Threat Report, revealing that malware surpassed the our estimate of 75 million unique malware samples last year. Although the release of new malware slowed a bit in Q4, mobile malware continued to increase and recorded its busiest year to date. Malware The overall growth of PC-based malware actually Read more... - Cultural Security: Promoting Security Policies Using Organizational Culture
Steven Fox - 九月 06, 2011
Most of us refer to security policies in much the same way as we refer to our car manuals – when something unexpected happens. We know these documents have useful information. However, their utility is tied to situations where answers do not present themselves readily. According to Chris Noel, SVP of Product Management at ANXeBusiness, Read more... - Building an Arsenal of Best-in-Breed Database Security Solutions
Eric Schou - 八月 19, 2011
Visit any news site on the Web, and undoubtedly you’ll come across a barrage of articles publicizing the details of yet another data breach. With the prominence of SQL injection attacks, and malicious insiders and hackers exploiting sensitive data stored on unpatched and vulnerable databases, enterprise organizations have found themselves reevaluating their security strategies. Following Read more...