McAfee Database Activity Monitoring v4.2
November 01, 2011
starting under $5,000
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: A strong rule-creation tool. Users can easily create active responses based on the details in an alert.
- Weaknesses: Rules and signature driven. Have to create very complex rules system to prevent zero-day threats.
- Verdict: Vulnerability assessment tool with great tuning ability and a solid compliance reporting engine.
McAfee Database Security is a software solution that monitors the database management system (DBMS) and protects it from both internal and external threats. The McAfee Database Security solution comprises three components: the Database Security Sensor, Database Security Server and the Database Security Web Console. The sensor monitors access to the DBMS and sends transaction data to the security server. Based on the policies defined via the web console, the server logs the transaction, issues an alert and/or prevents access to the DBMS.
The software was simple to load. It is wizard driven and provides options to install any required dependencies. Once deployed, the user interface is accessed through a web browser. The interface is a tabbed page providing easy navigation between various admin, dashboard and reporting features. McAfee Database Activity Monitoring finds databases that exist on the networks and deploys quickly if using the preconfigured policies with which it ships.
Database Activity Monitoring protects sensitive data from threats by tracing activity locally on each database server, and by alerting or terminating malicious behavior in real time. Admins can actively terminate a session based on security policy violations. There is also some good best practice and compliance reports available, including those focused on segregation of duties and privileged user activity.
Reporting was good out of the box, with a handful of system- and compliance-based templates available. Alerting was strong, integrated with lightweight directory access protocol (LDAP), simple network management protocol (SNMP), Syslog and Twitter for inband, and out-of-band alerting.
Pricing starts under $5,000, based on server capacity, including the first year of support. Volume discounts apply.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Syrian Electronic Army redirects Gigya, briefly compromises media sites on Thanksgiving Day
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say