McAfee Database Activity Monitoring
November 01, 2012
Starting at $5,000
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Full database monitoring and protection for many types of databases.
- Weaknesses: Documentation could have included visuals.
- Verdict: Slightly weak on the documentation, but overall a very strong product and well worth our Best Buy rating this month. If you run a McAfee shop, this one’s a no-brainer.
Database Activity Monitoring from McAfee provides both threat protection as well as database auditing for compliance needs. Right out of the box this product can scan the environment and find databases automatically and protect them with an array of preconfigured security policies. Furthermore, this tool also features the ability to help administrators design and build a customized policy that provides the correct protection for the needs of the environment.
We found this solution to be simple to deploy and configure. The initial installation was done by running the server installation executable. Once the installer was launched, we were taken through a brief setup wizard, which helped us configure the ports necessary for installation, as well as a few other settings. After the install was complete, we were able to access the web-based management console. After we logged into the management console for the first time, we were taken to a menu in which we could scan the network for databases or add them manually. This was pretty much the end of the initial configuration and we were then able to start creating policy and managing security options. We found the management console to be well-organized and intuitive to navigate. However, it does include a lot of functionality, so there are several menus and screens through which to navigate.
Highly configurable security policies drive this product. The Database Activity Monitoring server can monitor activity locally on each protected database and alert or terminate suspected malicious activity in real time, along with blocking possible attacks against unpatched databases. This product also provides a full audit trail of possible malicious activity - even by privileged users. Along with being highly configurable, this offering also provides support for a wide array of databases, including Oracle, Microsoft SQL Server, Teradata, MySQL, IBM DB2 LUW and Sybase ASE. All these can be monitored, protected and audited by the Database Activity Monitor.
Documentation included installation and administrator's guides. The installation guide provided an excellent amount of detail on how to install the product, along with initial configuration instructions. The full administrator's guide offered configuration and management instructions and clear step-by-step configuration procedures. However, both guides lacked screen shots and visuals, which we find make configuring and managing products easier and more intuitive.
McAfee includes the first year of support in the initial purchase price. After the first year, customers can purchase additional assistance as part of an annual agreement at a cost of 20 percent of the purchase price. Support offered includes 24/7 phone- and email-based technical support, as well as access to a large online support area.
At a price starting at around $5,000 with the first year of support included, we find this solution to be an excellent value for the money. McAfee Database Activity Monitoring provides a solid set of features for monitoring, protecting and auditing databases across the enterprise while being easy to use and manage.
SC Magazine Articles
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- Spearphishing attack nets $495K from investment firm
- Updated: Gmail, Yahoo email credentials among millions found on the dark web
- Report: Ransomware feeds off poor endpoint security
- Organizations need formal vendor risk management programs, study
- 2.5K Twitter accounts hacked to spread links to adult content
- Study: Federal agencies still lack strong cyber hygiene practices
- Petya and Mischa - the Ransomware Twins (sort of)
- Bad guys update ransomware DMA Locker with version 4.0
- Lieu, Hurd urge colleagues to use encryption, improve cyber hygiene