NitroSecurity NitroView DBM v8.5
November 01, 2011
starts at $25,995
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Network-based so as not to impact performance; powerful dashboard; strong correlation and forensic capabilities and usability.
- Weaknesses: Pricewise, it is on the higher end of products we reviewed this month, but worth it.
- Verdict: Fully integrated with existing IPS, SIEM or vulnerability assessment/application scanners. A full-featured solution for database security. Really delivers actionable intelligence. This is our Best Buy.
NitroView DBM is part of the NitroSecurity unified security management system. There are several layers of offerings available. We reviewed the NitroView Database Monitor (DBM), which is managed by the NitroView Enterprise Security Manager (ESM).
The product is delivered as a series of appliances: the ESM, which is the management component, and the DBM, which acts as the network sensor. The setup is pretty straightforward: Browse to the ESM, login and easily attach the DBM, and begin managing it.
This tool has one of the better user interfaces we have seen. The DBM is used to collect all database activity over the network. If one requires a deeper inspection capability, there is an optional server-side agent for local data-gathering. From what we saw, one gets a lot of data out of the network sensor. There is full session-level detail - from login to logout, including transactional data. Sessions can be reassembled from login to logout to show all activity in sequence.
One strong benefit to this product is its correlation capability. Built on NitroView's database technology and using the same packet-capture technology available in NitroSecurity's IDS products, this solution provides an amazing amount of data capture. More impressive is its ability to filter, correlate and present that data in a useful format. One even has the ability to pull in and correlate application logs, so that a database server account can be tied to the user authenticated to the application.
Reporting is complete with canned reports, a report-writing tool and compliance templates. Alerting is solid and integrates with security information and event management (SIEM) and intrusion prevention systems (IPS) solutions for active response capabilities.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Study: Employees acknowledge risky security behavior, continue to engage in it
- Hack of airplane systems described in FBI docs raises security questions
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes