November 01, 2012
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Comprehensive feature set, solid platform, excellent documentation and support.
- Weaknesses: Some functions require the command-line interface, but that’s a nitpick.
- Verdict: A solid device we would use in our own SQL environments.
Given the importance of the data contained within any corporation's databases, the task of keeping that data safe should be a top priority for any IT security team. Fortinet's FortiDB-400c is dedicated to helping security professionals do precisely that.
For such a feature-rich device, setup was easy. After setting up the interface IPs and updating the firmware, we were ready to begin monitoring our first database. Database servers were referred to as targets during setup, and we defined these by selecting the database server type (in our case, Microsoft SQL), the server IP and the username and password of an account on that server. We were given the option to connect at a server or database level. We chose to connect at a server level, although we appreciated the granularity offered. By making use of the product's autodiscovery feature, we only had to specify an IP range, database type and a port range and the device scanned our network and automatically found and added our SQL server to the list of monitored targets.
Focusing solely on database protection, the FortiDB-400c has a wide array of features allowing administrators to control precisely when and what database services are being accessed and who is accessing those services. The device offers easy black- or whitelisting based on user, application or IP address. It monitors all database activities, including data manipulation queries, such as select, insert and update; data definition language queries, such as create, alter and drop; and data control language queries, such as grant and revoke. Based on the policies that administrators define governing those queries, the device can issue transmission control protocol (TCP) reset packets in the event of policy violations via its database firewall feature. It offers built-in vulnerability assessment tools, which can be scheduled to run at any interval, and automatically generate reports, which can be sent to database administrators or anyone responsible for database security. Report and monitoring data can be archived off the device via its archive scheduler. However, there does not appear to be a way to archive the device configuration itself without using the command line interface and an FTP server. It's a small nitpick, but we would have liked to be able to perform all device maintenance via the GUI. The device comes preconfigured with a number of auditing and compliance reports, and custom reports are easy to create. The tool supports multiple administrator profiles with roles defined for reporting, security and database target and policy management.
Fortinet offers eight-hours-a-day/five-days-a-week or 24/7 support options, which it supplies via phone or web chat. Administrators who subscribe to the Advance Support program are assigned a technical account manager, making it even easier to get the help needed. Fortinet also demonstrates a high level of confidence in its product, offering free basic-level support for proof-of-concept deployments. Adding to that, it maintains a sizeable knowledge base and user support forums on its website.
Base price for the FortiDB-400c is $14,995, plus $2,249 per year for upgrades and eight-hours-a-day/five-days-a-week support, or $3,749 per year for upgrades with 24/7 support.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Education sector bullied by ransomware and can barely defend itself, report
- Cisco warns of exploitation of new flaws linked to Shadow Brokers exploits
- DetoxCrypto ransomware imitates Malwarebytes software
- Hackers crack Tesla CAN Bus, DoT issues policy for securing connected car
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Hard Rock Hotel & Casino Las Vegas hit with POS breach
- X-ray and MRI machines among devices used as springboards for data breach attacks
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace
- Wi-Fi warning! Study finds U.S. unaware of public Wi-fi risks
- OpenSSL patches 14 vulns, including high-severity flaw that can be exploited for DoS attacks
- IoT assault, connected devices increasingly used for DDoS attacks
- Cybercriminals already able to hack ATM biometric readers
- Cities planning transparency laws for police surveillance tech
- Malicious apps leveraging top UK brands has increased by 130%