Similar to a firewall, SQL Guard's filtering rules alert security managers to traffic from defined sources and users or to traffic that includes particular commands, such as excessive logons, one-user/one-IP, clients executing administrative commands, SQL overflows and SQL injection attacks.

Databases have a tremendous amount of built-in security to protect data. What they lack is the ability to defend their underlying code and engines from external attacks and internal misuse.

Guardium's SQL Guard is part of the emerging class of security devices that sit in front of databases, monitoring traffic for illegal and malicious activity. Its robust features maintain detailed audit logs and can alert security managers at the first sign of trouble. Built on a Linux appliance, SQL Guard supports all leading database implementations: Oracle, IBM, Sybase and Microsoft. Its passive monitoring won't impede database performance, though Guardium rates throughput at 400 requests per second. It captures traffic type, source, requests and user names to determine whether the activity is authorized and for forensic analysis in the event of a breach.

The link for this article located at TechTarget.com is no longer available.