INTRODUCTION - SERVICE OVERVIEW
Database Activity Monitoring is the need of the hour for enterprises to ensure that there are no data breaches, and to act swiftly in identifying incidents and mitigating them without any outages. An ideal database monitoring will not just send across notifications but even provide the root cause for the issues and provide the solutions. Given that database monitoring is crucial that requires highly skilled workforce, enterprises are leaning on third party vendors/ cloud managed services for database monitoring. Being a pioneer in providing end-to-end managed security services, Cloud4C takes the responsibility of managing and monitoring your mission-critical workloads.
- The Cloud4C MSS Managed Database Activity Monitoring Service (“Service”) consists of Management and Activity monitoring of Databases for potential misuse and data extra filtration incidents.
- Management activities include DAM Agent provisioning, deployment, tuning and policy-based changes (including on a per-DB instance basis as needed), as well as vendor software and firmware updates.
- Monitoring activities include collection, storage, reporting, and Customer notification of Detected DAM security events. Tools for self-service reporting and analysis are provided through the Cloud4C MSS Customer Portal ("Customer Security Portal-CSP").
How does It work? (How DAM solution would be deployed?)
Cloud4C MSS will deploy and manage the DAM solution in one of the ways mentioned below:
DAM AGENT-BASED APPROACH
In this approach, a DAM Agent for each DB instance window would be deployed on customer database servers and all DB activity would be monitored by Agent. It will send the DB security incidents to the Cloud4C MSS DAM server for analysis. Based on the analysis result, DAM server would decide whether to notify the same to end user via email or not, based on the alerting policy.
NETWORK OFFLINE WITH SENSOR BASED METHOD APPROACH
In this approach, a DAM Server is deployed at Cloud4C MSS DC. It would connect all database servers at customer premises in real time. Using a relevant commercial DB Application, it will collect all DB activity audit log and bring back to its central Analysis engine for activity data correlation and accordingly generate alerts, reports to customer designated contacts.
- DAM provides full visibility into database user activity and can issue alerts or stop suspicious activities based on predefined vPatch rules and custom rules.
- It also includes prevention, cluster support, third-party integration, and advanced reporting functionality.
- Database protection — Prevention of intrusion, data theft, and other attacks on your databases. DAM uses memory-based sensors to detect threats with a single, non-intrusive solution.
- Threat identification and intervention — High-risk violations can be configured to automatically close suspicious sessions and quarantine malicious users, allowing time for the security team to investigate the intrusion
- Custom security policies — DAM enables you to create custom rule-based policies for users/ queries and database objects.
- vPatch updates — Virtual patching updates are provided regularly for newly discovered vulnerabilities, protecting sensitive data until a patch is released by the database vendor and can be applied. The updates can be implemented without database downtime.
- Audit log — Access to sensitive data, including complete transaction details, can be logged for audit purposes.
Threat identification and intervention
Custom security policies
40+ security controls
Single SLA up to application login layer
Here’s how Cloud4C helped ABC Bank to get on the cloud from A to ZRead More
Words that you can bank on
Our view is that the Cloud4C has an infrastructure that is extremely safe and sound which has improved our digital landscape and capabilities.
CIO, ABC Bank