BENEFITS DATABASE SERVER OVERVIEW Chakra Max Basic
Total Page:16
File Type:pdf, Size:1020Kb
BENEFITS OVERVIEW • Database Access Control Chakra Max is a database security solution designed to protect databases which are important assets • Work Flow Control (SQL Approval) of companies. The basic security method of Chakra Max is to control users’ database accesses by • Data Masking privilege level. It sets up access privileges of application servers and DB users causing in/out data • Dynamic Monitoring flows of databases. It allows valid transactions and blocks invalid transactions. Chakra Max can • Security Audit process work approval through the SQL execution privilege according to the organizational policy • Log Integrity and apply limitation to data reading privilege by masking key data such as personal information • Data Analysis & Report before supplying them to users. Furthermore, it provides a function to simulate data before and • Saving All Before & After Data after change in case SQL is executed to modify databases. All traffic information and user identification information are monitored in real time by administrator and saved as auditing data. In this way, Chakra Max ensures integrity of the saved auditing data and the Chakra Max policy DATABASE SERVER management history and protects them safely. In addition, it helps administrator to manage auditing data safely by backing up them with an encryption algorithm. Administrator can search the auditing • Oracle data on conditions later and output them in 14 or more document forms including *.pdf, *.doc, 7.3, 8.0, 8i, 9i, 10g, 10gR2, 11g, 11gR2 *.hwp, *.csv, *.xls and so on. Its quality has been recognized by acquiring the international CC • Microsoft SQL Server (Common Criteria) certification (EAL4) on Jan 2012, which shows that Chakra Max is a secure and 6.5, 7, 2000, 2005, 2008(32,64bit) stable solution that have removed all the latest vulnerabilities. • IBM DB2 V7, V8, V9, AS 400 V5, V6 • Sybase ASE 12, 15 Chakra Max Basic Configuration • Sybase IQ 12, 15 • Mysql 4, 5 • Informix 7, 8, 9, 10, 11 • Tibero 3, 4 • Teradata 2R6, 12, 13 • Altibase 3, 4, 5 • Cubrid 6, 7 • Symfoware V7, V8, V9, V10 • PostgreSQL 7.4 and higher Sniffing Mode Chakra Max monitors and controls database access history with zero load on the database and 100% logging of audit data in the sniffing mode. It doesn’t require any agent to be installed in users’ systems and databases and there is no impact to the existing business and network environment. Copyright © 2012, WareValley and/or its affiliates. All rights reserved Gateway Mode (Inline + Forwarding) Chakra controls in/out data of databases 100% in the gateway mode. It supports both the installation of an agent in a user’s laptop and no installation of any agent. This gateway mode is able to control jobs in SQL unit so you can achieve high security if you apply it to internal developers or outside personnel. HA (High Availability) The availability of database system and access control can be maintained through the redundant configuration of Chakra Max servers in HA mode. The redundant Chakra Max server can be operated as Active-Active or Active-Standby Copyright © 2012, WareValley and/or its affiliates. All rights reserved Chakra Max the Other Configurations BUSINESS PARTNER 3-tier WAS Agent Chakra Max collects, monitors, and controls packets in network streams. If there is a Web server in the normal configuration, only the information of the Web server can be collected and the end user’s identification cannot be identified. This 3–Tier WAS Agent method allows the installation of an agent in the Web server to identify end users and apply access control policy. Software-TAP Software-Tap is a method to collect packets by installing an agent in database without installing any physical tap device or port mirroring switch when sniffing the packet flows of users and databases. Even though there is no burden of purchasing a device, we don’t recommend this method for an environment with a lot of traffic. Interworking with Orange Through the interworking of Chakra Max and Orange, the use of illegal applications can be blocked and file leakage can be controlled without exposing the password to users. If you use this method, you can prevent the sharing of one DB account among multiple users because the DB account of users can be controlled. Furthermore, this method can fundamentally prevent risks from vulnerabilities which can exist in any illegal applications. Copyright © 2012, WareValley and/or its affiliates. All rights reserved NEW FEATURES FUNCTIONS • Personal Information Access Database Access Control Control Chakra Max provides the database access control function through user identification information, database information, user session and SQL information, database response data, date and time, • Audit Data Forgery Detection and the amount of traffic. It manages control by setting users’ database access privilege. and Protection Furthermore, it can block packets that do not conform to normal traffic patterns. • Support for ISO 27001 Report SQL Approval Chakra Max can control users’ SQL execution time and count through the SQL approval policy. SQL • Simple Renewal of Policy and approval is a form of administrative security from the viewpoint of workflow. It can minimize User Account mistakes during work because it requires prior drafting of SQL jobs. Furthermore, it provides the advantage of detailed audit history. • Simplified Patch Job Data Masking Chakra Max can provide users with only partial data of tables through a policy to mask all or part of the data in a specific table or column. Furthermore, it also allows masking of personal data such as social security number and account number through automatic pattern analysis. If a user queries a table, it provides the partially masked data as shown below. Even though Clean Texts are stored in a database, they are hidden by Chakra Max when they are sent to users. Name Social Security No. Mobile Number Address **** ****** ***** David ***-**-**** 917-***-**** *** ** *** NY 10153 **** **** *** ** ** John ***-**-**** 614-***-**** ** ** *** ** FL 32830 Database Activity Monitoring Chakra Max monitors end user identification information, traffic information and access control status in real time. Furthermore, it also monitors the performance of database and Chaka Max and the capacity of Chakra Max Repository. Auditing & Security Logging Data Chakra Max logs end users’ identification information, traffic information and access control status and saves them in the repository. It also saves the security administrator’s security policy management history. It must save all information in principle, but it may save on the essential elements as audit data according to policy. Chakra Max guarantees integrity of the saved audit data and protects them safely. Besides, it provides various audit data backup policies for efficient audit data management. Audit data can be deleted and restored and administrator can see audit data normally after restoration. Chakra Max supports conditional search of the audit data. Furthermore, it provides search results according to administrators’ criteria such as user session, SQL, server protocol session, command execution history, approval history, user and administrator work history, unused policy/account view, and SQL summary. Reporting Logging Data Chakra Max provides a function to print out the contents of the searched audit data by security administrator. Furthermore, it is also possible to output reports by accessing the personal information table. Chakra Max uses OZ Report as the report module which can output documents in *.pdf, *.ozd, *.xls, *.doc, *.ppt, *.html, *.csv, *.txt, *.jpg, *.rif, *.svg, *.hwp, *.mht, and *.gul. Copyright © 2012, WareValley and/or its affiliates. All rights reserved SERVER PROTOCOLS Ten Reasons Why Chakra is the Best Solution • Telnet for Database Security and Management • SSH • FTP 1. It is the database access control and monitoring solution providing the best stability and • rlogin performance. • rcmd • Window Terminal 2. More than 1,000 key enterprises, banks, public institutes and so on choose and are using Chakra Max to protect and manage their databases. SERVER PL ATFORMS 3. It supports all DBMS(s) based on Unix, Linux or Windows platform including 13 databases such • Linux Cent OS 5.5 and higher as Oracle, MS-SQL, DB2, Sybase ASE, Sybase IQ, Teradata, Informix, Tibero, Altibase, MySQL, • Windows 2008 64bit Cubrid, Symfoware and PostgreSQL. (scheduled to support) 4. Chakra Max strongly controls the access privilege of each user for all information in databases monitors access history & transaction information and saves audit history in real time. MANAGER/CLIENT PL ATFORM S 5. It provides dynamic data masking without modification to database and Web server. Charka Max • Windows 2000 provides masked data for key information in database to authorized users based on their privilege. • Windows XP • Windows 2003 6. Chakra Max helps you meet the compliance requirements through its powerful and effective • Windows Vista auditing and database security functions. It audits usage history of all users and administrators, • Windows 7 and warns violations in real time. 7. Chakra Max provides reliable audit history data to trace the responsibilities of database users and QUALITY CERTIFICATIONS Chakra Max administrators. • CC(Common Criteria) Certification of EAL4 - ITSCC 8. Charka Max provides a protection function for audit history. It secures integrity for the audit history and provides a secure backup function. • Chakra Max GS Authentication