If it seems like there are more compliance regulations now than ever before, that’s because there are, and for good reason. Attacks on databases, especially those containing financial and personal information, seem to be a weekly occurence anymore. "Well there’s a very easy connection to make to say 'well, what are people going after these days?'" says Jason Wright, a product marketing manager for network security appliance vendor Fortinet. "Well it’s the databases; that’s where all the goodies are, right? That’s where the credit card information is, the personally identifiable information; that’s the kind of stuff that you really want."
And these attacks are no longer being made just by hackers who want recognition. Wright says "That’s kind of an evolution that we see—it’s definitely an evolution in the organization in crime, the targeting towards databases. It’s a whole different type of attacker, a whole different type of attack, and their much more sophisticated and that’s why we’re moving in this direction as well."
In an attempt to prevent database attacks, current compliance regulations are not only vertically aligned (e.g., the Health Insurance Portability and Accountability Act--HIPAA--for the healthcare industry), but also horizontally aligned. "Well now instead of vertically aligned legislation you have horizontally, so it’s cross vertical. So PCI refers to anyone with a credit card machine of sorts, SOX refers to anybody who’s publically traded; it doesn’t matter what vertical you’re in. So that’s kind of an evolution to the legislation that’s getting more succinct and detailed and less vague. It used to be real wide open, now it’s very specific."
Fortinet’s new FortiDB-400B and FortiDB-2000B help you meet these compliance standards head on. Like their predecessor FortiDB-1000B, these appliances provide database vulnerability scanning. "When we initially rolled out the technology ... the device was only able to do the vulnerability assessment scanning and remediation recommendations," says Wright. "So it would, you know, scan the database, it would send a bunch of queries, it would kind of size up the database from an operating system, an application, and a configuration point of view and then say okay, what are the vulnerabilities that I know that you’re probably susceptible to and how do I recommend that you go about, you know, fixing those vulnerabilities so that you’re not exposed to those things anymore."
Now all three FortiDB products not only offer vulnerability scanning functionality but also database activity monitoring and auditing capabilities. "So all database activity monitoring and auditing are now part of the FortiDB appliance family," says Wright. "This doesn’t require any additional cost or licensing or anything, to us this is part of the operating system and the features are included free of charge for anyone that purchases the devices or has a standard maintenance contract."
FortiDB’s new monitoring capabilities include taking a baseline of user behavior for content analysis. "This is actually kind of taking a baseline of the user behavior,” says Wright. "So we’ll see how long people stay in databases, how long their sessions are, what kind of records they typically touch, how many changes they’ll make, or if there’s an excessively long session or a high frequency of logins or anything like that. Then we can baseline it and use probabilistic modeling to discover whether that behavior kind of falls outside of the norm and we can track that and send up a flag as well."
The auditing capabilities that are now included in FortiDB-400B and FortiDB-2000B track everything on the database, providing a complete audit trail and helping you meet regulatory compliance standards.
FortiDB-400B supports as many as 10 databases and is meant for small-to-midsized businesses (SMBs). It comes with a 500GB hard drive that is expandable up to 1TB. FortiDB-2000B supports as many as 60 databases and is an enterprise database security appliance. It includes a 1TB hard drive that is expandable up to 6TB. These appliances support SQL Server 2005 and 2000, Oracle, DB2, and Sybase. FortiDB 3.2.1 is expected to support SQL Server 2008.
FortiDB-400B starts at $8,995, and FortiDB-2000B starts at 29,995. You can learn more about Fortinet’s database security appliances at www.fortinet.com.