Fortinet FortiDB 1000D

The FortiDB 1000D is a hardware appliance that monitors, audits and identifies vulnerabilities in databases. There are three deployment options: network sniffer, native audit and network agents. Network sniffer looks at all the traffic going to and from the databases. In native audit, the FortiDB logs in to the databases and requires almost no setup. Using network agents, the databases send data back to the FortiDB appliance. All of the deployment options allowed for non-intrusive setup and did not require any downtime in our environment. Once setup, a full audit is a few clicks away and reports are downloadable with ease. FortiDB is compatible with all major databases and can be easily installed in any environment.

When we pulled the FortiDB out of the box, we found a sleek-looking server that stood out when we put it in the rack. We attempted to connect through the provided serial cable, which after some troubleshooting, we eventualy determined was faulty. We were able to configure the device with one of the spare cables in our lab. An error in the documentation caused confusion and prevented us from a complete setup until after we called support. Once that stumbling block was over, setup was easy and straightforward. 

The web GUI is a delight to use, and the device is fast. While working with it, there was almost zero delay on any actions. It was clear to us that Fortinet puts a lot of emphasis on performance. The GUI was simple, intuitive and, overall, was easy to understand. Adding databases is a breeze as the FortiDB 1000D can search automatically for databases. We had a clear, concise and professional audit report in mere minutes. On its first scan, it caught everything we expected it to and quite a bit more. The report was thorough and provided simple and helpful solutions to fixing the problem. It has support for multiple standards. 

The quick-start guide was lacking a bit and, as mentioned, the documentation had an error that slowed our setup. Further, navigating the website was convoluted and finding the full documentation was more tedious than we like to see. However, the full documentation was long and detailed, and the product was so easy to use once it was set up we really didn't need to reference it.

Support for FortiDB is subscription based with FortiCare and is available in different levels. A FortiCare eight-hours-a-day/five-days-a-week Enhanced Support contract is $3,000 and the FortiCare 24/7 Comprehensive Support contract is $4,999 . 

Fortinet provided us with a great product and while we encountered some hiccups in setup, we felt that it redeemed itself through its feature set. The FortiDB is a great database security asset and can deliver peace of mind in the security of your database. In our tests we found it reliable, informative and straightforward. Its reports were so informative and well done that it would be useful to anyone - from database administrators to CISOs. In our test database, FortiDB found more security holes than we expected. It was so good that it could be used as a benchmark to compare other audit tools to. It excels at what it does, but $19,995 is a steep price for some environments. If you can afford it, and are in a security-minded environment, FortiDB 1000D is well worth the investment. 

Product title
Fortinet FortiDB 1000D
Product info
Name: Fortinet FortiDB 1000D Description: The FortiDB 1000D is a hardware appliance that monitors, audits and identifies vulnerabilities in databases. Price: $19,995 (hardware appliance)
Great reports with thorough, easy to use and solid performance.
Some minor challenges during setup, and documentation could be stronger.
Can provide the type of strong security that gives peace of mind to CISOs and DBAs alike. This one is our Recommended product this month.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.