• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • IBM Beefs Up Database Security with Guardium Buy

    December 14, 2009 Alex Woodie

    IBM two weeks ago bought database security software vendor Guardium. The acquisition nets Big Blue a powerful suite of products that monitor transactions across all major relational database management systems (RDBMS)–including DB2/400–in real time for signs of suspicious activity, such as unauthorized use by insiders or SQL injection attacks by outside hackers.

    Guardium was founded in Israel about seven years ago to address what its founders considered a sizable hole in IT security tools and best practices. While most organizations have a range of security tools in place to protect their networks, applications, and data, they typically have very few security controls in place at the database layer, say officials with the company, which was based in Waltham, Massachusetts, before IBM bought it.

    “The key issue for database security is that most companies have no visibility into what’s really going on with their database,” Phil Neray, Guardium’s vice president of marketing, told IT Jungle earlier this year. “They don’t really know who’s accessing those databases, and they don’t have any mechanisms for identifying unauthorized or suspicious activity.”

    Guardium’s solutions provide that visibility into database access, as well as the capability to clamp down on security policy violations in real time. In particular, the software allows organizations to protect themselves against inside threats, such as systems administrators with “super user” authorities who could easily bypass application- or network-level security control points.

    Guardium’s offering is also effective against SQL injection attacks, which can be difficult to spot using traditional security tools. In its February X-Force report, IBM’s own Internet Security Systems subsidiary identified SQL injection attacks as an increasingly popular route of ingress for hackers seeking to infiltrate corporate computer systems over the Web.

    There is a slight performance hit of 2 to 4 percent as a result of running all database transactions through Guardium’s policy-based controls and anomaly detection routines, company officials have said. The product also keeps a detailed audit trail of all database activities, which is useful for regulatory compliance.

    Guardium has delivered its technology–which is currently at version 7 and starts at about $75,000–as a combination of a hardened appliance deployed atop VMware, as well as a series of probes that relay data from the guarded databases. The product supports all major databases, including IBM DB2 (for Unix, Linux, and Windows), DB2/400, DB2 for z/OS, and Informix; Oracle 8i through 11g; Microsoft SQL Server 2000 through 2008; and others such as MySQL, Teradata, and Sybase. Support for DB2/400 (or DB2 for i, as iBM likes to call it) was added this April.

    IBM plans to integrate Guardium’s technology into its Information Management division within Software Group. “This acquisition is another significant step in our abilities to help clients govern and monitor their data, and ultimately make their information more secure throughout its lifecycle,” Arvind Krishna, general manager of the Information Management division, stated in a press release. No details were provided about specific integration plans.

    Guardium has been growing quickly and recently became profitable. Its software is used by about 400 customers, including at the Washington Metropolitan Area Transit Authority, which processes more than 9 million credit card transactions per year. Guardium had about 150 employees in the Boston area.

    According to IBM, it’s the 28th acquisition for the Information Management division for this decade. IBM did not provide financial details of the acquisition. But according to an Israeli newspaper, the value of the deal was $225 million.

    RELATED STORIES

    Guardium Adds DB2/400 Support to Database Security Tool

    Web Site Vulnerabilities Continue Unabated, IBM X-Force Says



                         Post this story to del.icio.us
                   Post this story to Digg
        Post this story to Slashdot

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags: Tags: mtfh_rc, Volume 18, Number 44 -- December 14, 2009

    Sponsored by
    TL Ashford

    TL Ashford writes software to generate Barcode Labels and Forms for the IBM i.

    Our software products are the most feature-rich, cost-effective solutions available!

    TLAForms converts traditional IBM i spool files into high quality, professional forms that are output as PDF documents. A form is associated with a spool file and the form is designed. TLAForms then ‘watches’ the IBM i output queue for a new spool file to be generated. When a new spool file is generated, TLAForms reads the data from the spool file, places the data on the form, and outputs a PDF document. The PDF documents can be archived to the IFS, automatically emailed, and printed.

    Features:

    • Select Data directly from an IBM i Spool File
    • Burst IBM i Spool Files based on page or Spool File data
    • Add spool file data to form as Text using a wide variety of fonts and colors (the MICR font for printing checks is included in the software)
    • Add spool file data to form as bar code – including 2-dimensional bar codes PDF-417 and QRCode
    • Configure SQL statements to retrieve and use IBM i File data on forms
    • Utilize Actions to show or hide objects on the form based on data within the spool file
    • Import Color Graphics
    • Use Color Overlays
    • Create Tables
    • Forms can be archived to the IFS
    • Forms can be emailed automatically
    • Forms can be printed to any IBM i, Network or Windows printer
    • Forms are automatically generated when a new spool file is generated in the IBM i output queue
    • NO PROGRAMMING required
    • On-Line Video Training Library

    Learn more about TLAForms at https://tlashford.com/tlaforms/

    Barcode400 is native IBM i software to design and print labels directly from your IBM i in minutes! Compliance and RFID labeling is easy using Barcode400’s tools and templates.

    Features:

    • Software resides on the IBM i
    • IBM i security and Backup
    • Labels are centrally located on the IBM i
    • Label formats are available to all users the instant they are saved – even in remote facilities
    • GUI designer (Unlimited Users)
    • Generate Labels as PDF documents!
    • Print to 100’s of thermal transfer printers
    • Print to HP and compatible printers
    • Print labels interactively – No Programming Necessary!
      • OR Integrate into existing application programs to automatically print labels – Barcode400 has been integrated with nearly every ERP and WMS software available on the IBM i, including thousands of in-house written applications.
      • On-Line Video Training Library
      • Free Compliance Labels
      • Generate Checks using the MICR font
      • RFID Support (optional)
      • History / Reprint Utility
      • Integration Assistant
      • Low Cost (no tiered pricing)

    Learn more about Barcode400 at https://tlashford.com/barcode400/

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Admin Alert: The Ins and Outs of IBM Business Partners Data Masking Tool from Camouflage Now Supports DB2/400

    Leave a Reply Cancel reply

TFH Volume: 18 Issue: 44

This Issue Sponsored By

    Table of Contents

    • Power Systems i: Serve’s Up
    • Abacus Offers i 6.1 Upgrade Virtual Test Drive Service
    • The Server Market Sees Some Stability
    • As I See It: What’s Next?
    • Untested Backup and Recovery Fools Midrange Shops
    • Happy Holidays, Time to Take a Break or Two or Ten
    • Reader Feedback on Power Systems i: Thinking Inside the Box
    • Micro Focus Bolstered by Acquisitions, Real Growth
    • Disk Array Sales Hold Up Better Than Servers, Says Gartner
    • IBM Beefs Up Database Security with Guardium Buy

    Content archive

    • The Four Hundred
    • Four Hundred Stuff
    • Four Hundred Guru

    Recent Posts

    • Power10 Midrange Machine: The Power E1050
    • IBM Puts The Finishing Touches On PowerHA For IBM i 7.5
    • Guru: Regular Expressions, Part 2
    • Get Your Security Education, And Not From The School Of Hard Knocks
    • IBM i PTF Guide, Volume 24, Number 33
    • Power10 Entry Machines: The Power S1024 And Power L1024
    • Thoroughly Modern: Latest IT Trends – Bring Security, Speed, And Consistency To IT With Automation
    • Big Blue Unveils New Scalable VTL For IBM i
    • As I See It: Thank God It’s Thursday
    • IBM i PTF Guide, Volume 24, Number 32

    Subscribe

    To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

    Pages

    • About Us
    • Contact
    • Contributors
    • Four Hundred Monitor
    • IBM i PTF Guide
    • Media Kit
    • Subscribe

    Search

    Copyright © 2022 IT Jungle

    loading Cancel
    Post was not sent - check your email addresses!
    Email check failed, please try again
    Sorry, your blog cannot share posts by email.