INTRODUCTION - SERVICE OVERVIEW
Database Monitoring is the need of the hour for enterprises to ensure that there are no data breaches, and to act swiftly in identifying incidents and mitigating them without any outages. An ideal database monitoring will not just send across notifications but even provide the root cause for the issues and provide the solutions. Given that database monitoring is crucial that requires highly skilled workforce, enterprises are leaning on third party vendors/ cloud managed services for database monitoring. Being a pioneer in providing end-to-end managed security services, Cloud4C takes the responsibility of managing and monitoring your mission-critical workloads.
- The Cloud4c MSS Managed Database Activity Monitoring Service (“Service”) consists of management and Activity monitoring of Databases for potential misuse and data extra filtration incidents.
- Management activities include DAM Agent provisioning, deployment, tuning and policy-based changes (including on a per-DB instance basis as needed), as well as vendor software and firmware updates.
- Monitoring activities include collection, storage, reporting, and Customer notification of Detected DAM security events. Tools for self-service reporting and analysis are provided through the Cloud4c MSS Customer Portal ("Customer Security portal-CSP").
HOW DOES IT WORK? (HOW DAM SOLUTION WOULD BE DEPLOYED)
Cloud4c MSS will deploy, manage the DAM solution in one of the Below 2 ways
DAM AGENT-BASED APPROACH
In this approach either an DAM Agent for each DB instance Windows would be deployed on customer DataBase servers and all DB activity would be monitored by Agent and will send the DB security incidents to the Cloud4c MSS DAM server for Analysis, Based on the Analysis result, DAM server would decide weather to notify the same to End user via email or not based on alerting policy.
NETWORK OFFLINE WITH SENSOR BASED METHOD APPROACH
In this approach, an DAM Server is deployed at Cloud4C MSS DC and it would connect all database servers at Customer premises in real time and using relevant commercial DB Application, It will collect all DB activity audit log and bring back to its central Anaylsis engine for Activity data correlation and accordingly generate Alerts, Reports to customer designated contacts.
- DAM provides full visibility into database user activity and can issue alerts or stop suspicious activities based on predefined vPatch rules and custom rules.
- It also includes prevention, cluster support, third-party integration, and advanced reporting functionality.
- Database protection — Prevention of intrusion, data theft, and other attacks on your databases. DAM uses memory-based sensors to detect threats with a single, non-intrusive solution.
- Threat identification and intervention — High-risk violations can be configured to automatically close suspicious sessions and quarantine malicious users, allowing time for the security team to investigate the intrusion
- Custom security policies — DAM enables you to create custom rule-based policies for users/ queries and database objects.
- vPatch updates — Virtual patching updates are provided regularly for newly discovered vulnerabilities, protecting sensitive data until a patch is released by the database vendor and can be applied. The updates can be implemented without database downtime.
- Audit log — Access to sensitive data, including complete transaction details, can be logged for audit purposes.
Threat identification and intervention
Custom security policies
40+ security controls
Single SLA up to application login layer