Database security firm Guardium and mainframe software firm Neon Enterprise Software have announced a new database security monitoring product designed for the DB2 mainframe database.
Database security firm Guardium and mainframe software firm Neon Enterprise Software have announced a new database security monitoring product designed for the DB2 mainframe database. The mainframe has traditionally been a black hole where security auditing is concerned. This is especially so where the database is concerned.
The new Guardium for Mainframes product, a combination appliance and software, provides visibility into all DB2 activity, including who's reading what on the database. "This would be important for PCI because you need to know who's accessing sensitive data," says Phil Neray, vice president of marketing for Guardium. "Until now, there's not been a practical way to track all database activities without impacting performance."
While built-in mainframe database logging offers some of these capabilities, it wasn't built for auditing, but instead for disaster recovery purposes, he says. The analysis doesn't occur in real time, so a breach wouldn't be detected until after the fact, and it dramatically slows performance. "You could turn on trace logging in the database... You'd get lots of read operations, but it will produce massive amounts of data and kill performance. And it would have to be stored in the database itself."
Guardium for Mainframes product is based on a Linux appliance, which analyzes the data off-mainframe, as well as stores the audit data.