Maximum visibility into database transactions. Minimum effort.
NitroView DBM is a complete database protection solution that delivers non-intrusive, detailed security logging of databases and applications by monitoring all access to sensitive corporate and customer data. Nitro- View DBM's pre-defined rules and reports and privacy- friendly logging features make it easy to comply with compliance regulations such as PCI-DSS, HIPAA, NERC- CIP, FISMA, GLBA, SOX and others, while strengthening your overall security profile.
NitroView DBM is the only database activity monitoring product that not only consolidates database activity into a central audit repository, but also provides normalization, correlation, and real-time analysis of that activity-- enabling advanced security operations in addition to enterprise compliance auditing and reporting.
- Overview
- Key Features
- DBM vs DB Audit
- Specifications
- Use Cases
NitroView DBM monitors all database activity, and normalizes it for analysis with other pertinent security information, and by doing so it expands your visibility of user/data interaction to include user information, application contents, OS activity, vulnerabilities, and even network location.
NitroView DBM is able to:
- Track users across applications and connection pools
- Examine full session activity from login to logoff
- Detect sensitive data, and identify policy violations
- Discover spoofed identities and ghost accounts
- Detect leakage of data through authorized channels
- Correlate database activity to relevant security events
- Produce an audit trail of all database activity
- Generate detailed compliance reports for PCI, NERC, SOX and others
Database discovery
NitroView DBM discovers all database instances including unauthorized or rouge databases.
Sensitive data discovery
NitroView DBM can detect when a database contains sensitive information—such as personal identity information—so that you monitor all access to that information in accordance with PCI-DSS and other compliance requirements.
Database activity logging for a complete audit trail
All database transactions, from login to logoff, are retained in detail to support compliance auditing requirements.
Maintains full session details: reconstructs sessions for analysis with one click
When investigating a database event, you can see the entire session from login to logoff with a single mouse click.
Network-based monitoring means no impact to database performance
Unlike native database auditing, or agent-based monitoring, NitroView DBM is a network-based appliance that passively monitors activity, and has zero impact on database performance.
Optional host agents add extra visibility with minimal performance impact
If you want added visibility to local terminal activity, NitroView DBM's optional host agent can provide it—while still lowering the performance impact over competitive host agents or native auditing.
Fully integrated with NitroView ESM
NitroView DBM is fully integrated with NitroView ESM, providing a central resource and interface for all database monitoring and compliance needs, and enabling database transactions to be used by event correlation and other advanced SIEM features.
NitroView DBM improves the visibility into your database activity, including database transactions, events, and even specific database queries and responses—providing significantly more information about who is accessing your data and why than from native auditing alone.
| |
Database Audit Logs |
NitroView DBM Logs |
|
Impact on Database Performance
|
Yes |
None |
|
Segregation of Security Duties from the DBA
|
No |
Yes |
|
Impact on database server process, configuration, operation or administration
|
Yes |
No |
|
Content monitoring i.e. probing the query response for PII, PHI content
|
No |
Yes |
|
Monitoring of database attacks e.g. SQL Injection, buffer overflow, etc.
|
No |
Yes |
|
Rules for monitoring and enforcing data access policies e.g. client out of HOME NET
|
No |
Yes |
|
Remediation options for blocking offending queries and/or violations
|
No |
Yes |
|
Tracking of application user identity (pooled connections and generic logins)
|
No |
Yes |
|
Database discovery and content discovery
|
No |
Yes |
|
Reporting and management user interface
|
No |
Yes—NitroView ESM |
|
Maintains chain of custody of events
|
No |
Yes |
|
Real-time alerting
|
No |
Yes |
|
Centralized data aggregation
|
No |
Yes |
|
Network-based monitoring
|
No |
Yes |
|
Appliance-based and Agent-based options
|
No |
Yes |
|
Support for competing database vendor solutions
|
No |
Yes |
|
Integration with SIEM, Log Management, Alerting, Enterprise solutions
|
No |
Yes—NitroView ESM |
|
Masking of sensitive content
|
No |
Yes |
|
Transaction Tracking, Auto Change Reconciliation, and Ticketing Generation
|
No |
Yes |
NitroView DBM's database transaction monitoring supports a variety of a use cases, including:
Compliance
- Discover sensitive information and data stores
- Establish an audit trail for protected data access
- Establish an audit trail for user account activity and changes
- Show consumers of protected records
- Show top consumers of protected data records
Threat & Data Loss Detection
- Detect fraudulent account activity
- Detect fraudulent data retrieval
- Detect rogue databases
- Detect rogue user accounts
- Monitor back-end application activity
- Show policy violations
Network and Security Operation
- Analyze application performance
- Analyze database performance
- Determine SQL server utilization
For more detail on popular use cases, please visit our Use Cases page, or Contact Us to arrange a personal webinar, and see how NitroView can meet your individual requirements.
Learn more about NitroView … download now
The highest rated SIEM and Log Management solution … learn more
"The way it scaled to the network still is not matched by any other vendor out there." … read more
See how NitroView can work for you … register now
