McAfee Vulnerability Manager for Databases

McAfee Vulnerability Manager for Databases

Protect your network databases from vulnerabilities & threats

Next Steps:

Overview

McAfee Vulnerability Manager for Databases automatically discovers databases on your network, determines if the latest patches have been applied, and tests for common weaknesses such as weak passwords, default accounts, and other common threats. Vulnerability Manager for Databases conducts more than 4,700 vulnerability checks against leading database systems, including Oracle, SQL Server, DB2, and MySQL.

Clear visibility into database vulnerabilities — By improving visibility into database vulnerabilities and providing expert recommendations for remediation, Vulnerability Manager for Databases reduces the likelihood of a damaging breach, and saves money through better preparation for audits and compliance with regulatory mandates.

Risk evaluation from all known threat vectors — Unlike other products that overwhelm you with a myriad of minor threats hiding the critical issues that must be addressed, Vulnerability Manager for Databases evaluates risk from all known threat vectors and clearly classifies threats into distinct priority levels, provides fix scripts, and includes recommendations.

Centralized database security management — McAfee Vulnerability Manager for Databases is fully integrated with McAfee ePolicy Orchestrator (McAfee ePO) software to provide end-to-end visibility, detailed alerts and reports, and a consolidated management platform for database and other protections.

Features & Benefits

Get unparalleled visibility into database security posture

Know exactly where risks are and how to minimize the likelihood of a breach by automatically discovering databases on the network, and conducting more than 4,700 checks for vulnerabilities.

Save time and money by reducing the need for external database security consultants

Get recommendations for remediation for the most high-priority vulnerabilities, in many cases augmented with fix scripts you can run to address any issues.

Gain access to more than 4,700 security verifications

Get comprehensive and up-to-date checks of the most popular database platforms reporting on meaningful criteria such as version/patch level, changed objects, modified privileges, and forensic traces from common hacker tools.

Discover databases and sensitive tables automatically

Find databases by scanning the network or by importing from existing tools, and identify tables containing restricted information based on preset patterns.

Check passwords quickly and efficiently

Use a variety of techniques to detect weak passwords and shared passwords, including hashed passwords (SHA-1, MD5, and DES), by downloading data for local analysis to avoid affecting database performance.

Get out-of-the-box regulatory compliance reports and custom reporting

View reports for PCI DSS and other regulations, as well as specific reports for various stakeholders such as database administrators (DBAs), developers, and InfoSec users.

Get recommendations and fix scripts for high-priority items

Organize items by priority and provide actionable recommendations for remediation based on input from leading security researchers.

Integrated directly with McAfee ePolicy Orchestrator (ePO)

McAfee Vulnerability Manager for Databases is directly managed with the ePO platform, providing centralized reporting and summary information for thousands of databases from a single, consistent dashboard.

System Requirements

These are minimum system requirements only. Actual requirements will vary depending on the nature of your environment.

  • McAfee ePolicy Orchestrator (ePO) 4.6 — 5.1
  • Microsoft Windows Server 2003 with Service Pack 2 (SP2) or higher
  • Microsoft SQL Server 2005 with SP1 or higher
  • 2 GB RAM
  • 1 GB free disk space
  • Browser (for management console): Firefox 2.0 or later, or Microsoft Internet Explorer 7.0 or later

Supported Databases for Scanning

  • Oracle 8i or later
  • Microsoft SQL Server 2000 or later
  • Microsoft SQL Azure
  • IBM DB2 8.1 or later for Linux, Unix, and Windows
  • MySQL version 4.0 or later
  • PostgreSQL version 8.3 or later
  • Sybase ASE version 12.5 or later
  • Teradata v12, v13, v14 — Database discovery, sensitive data discovery, custom checks, and password cracking
  • Informix v10.0, v11.1, v11.5, v11.7 — Database discovery, sensitive data discovery and custom checks
  • SAP HANA v1 — Database discovery, data discovery and custom checks

Videos / Demos

Demos

Learn how McAfee Risk and Compliance products scan your entire network, providing complete visibility and ensuring proper protection.

Videos

Learn how the McAfee Database Security Solution protects you from database breaches and falling victim to cybercrime. This solution includes McAfee Vulnerability Manager for Databases, McAfee Database Activity Monitoring, and McAfee ePolicy Orchestrator software.

McAfee Vulnerability Manager for Databases evaluates risk from all know threat vectors and clearly classifies threats into distinct priority levels, provides fix scripts, and includes recommendations.

News / Events

Resources

Data Sheets

McAfee Vulnerability Manager for Databases

For a technical summary on the McAfee product listed above, please view the product data sheet.

Solution Briefs

Not All Database Security Solutions Are Created Equal

This document highlights key database security capabilities and provides an objective, apples-to-apples comparison of the leading database security solutions.

Database-Friendly Security

McAfee Database Security offers real-time protection for business-critical databases from all vectors and types of threats: external, internal, and even intra-database exploits.

McAfee Database Security

McAfee Database Security offers real-time protection for business-critical databases from all types of threats: external, internal, and even intra-database exploits.

Top Five Reasons to Deploy a Dedicated Database Security Solution

Learn about the top five reasons why you should deploy a dedicated McAfee Database Security solution.

Managing Risk in Changing Times: Fixing What Matters Most

McAfee solutions offer real-time monitoring and reporting capabilities to manage your risk on a continuous basis.

White Papers

Operational Efficiencies of Proactive Vulnerability Management

Learn how automating and integrating Vulnerability Management Activities can reduce the operational cost of vulnerability management.

Overcoming the Challenges of Database Patching in Production Environments

See how organizations are using Virtual Patching to meet compliance requirements with no downtime.

A Practical Guide to Database Security

A serious data breach brings monetary damage in its many forms: business disruption, bad publicity, stiff ones for noncompliance, and undermined customer confidence. But most damaging of all is the trouble that it creates when it comes to signing up new customers. A tarnished reputation is a big objection for sales and business development to overcome. That’s why data security in general and database security in particular are a crucial part of any company’s overall corporate health.

Community

Blogs

  • Shedding light on ‘Shadow IT’
    David Small - January 9, 2014

    BYOD, BYOA, BYOx. The IT industry is full of acronyms depicting its constant evolution and relationship with the professional world. First came the devices; employees saw the power of personal devices and insisted on using them in the workplace. And so the consumerisation of IT was born. After the devices came the apps. Companies reported […]

    The post Shedding light on ‘Shadow IT’ appeared first on McAfee.

  • Walking the Talk on Public-Private Partnerships
    Tom Gann - August 16, 2013

    There’s been a lot of talk about the value of public-private partnerships in moving the U.S. toward a more robust cyber security posture. And let’s be honest:  there’s also been a lot of private sector skepticism about how much the Administration really believed in the concept or how much they would do to make it […]

    The post Walking the Talk on Public-Private Partnerships appeared first on McAfee.

  • Five Factors That Make D.C. Region a Cybersecurity Hub
    Tom Gann - May 29, 2013

    McAfee is based in Silicon Valley, but we know there’s more to tech than California. We recently joined the National Institute of Standards and Technology to launch the National Cybersecurity Center of Excellence, a joint effort among high-tech business, federal, state and local government and local universities located in Rockville, Md. The goal of the […]

    The post Five Factors That Make D.C. Region a Cybersecurity Hub appeared first on McAfee.

  • Getting Assurance in a Time Constrained World
    McAfee - May 20, 2013

    Nothing is as frustrating as when something goes wrong, especially when you have time constraints.  NIST has just released Special Publication 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations where a few notable items have been added to increase the confidence that security, practices, procedures and architectures of information systems […]

    The post Getting Assurance in a Time Constrained World appeared first on McAfee.

  • Response Now as Important as Prevention
    Leon Erlanger - February 24, 2012

    The National Institute of Standards and Technology (NIST) has updated its Computer Security Incident Handling Guide to take into account the increasingly dire state of cyber security. As anyone who has followed the rush of high-profile incursions over the past year knows, it’s looking less and less possible to prevent the inevitable attack, no matter […]

    The post Response Now as Important as Prevention appeared first on McAfee.

Related Solutions
Threats and Risks