McAfee Database Security

McAfee Database Activity Monitoring automatically finds databases on your network, protects them with a set of preconfigured defenses, and helps you build a custom security policy for your environment – making it easier to demonstrate compliance to auditors and improve critical asset data protection. Database Activity Monitoring cost-effectively protects your data from all threats by monitoring activity locally on each database server and by alerting or terminating malicious behavior in real time, even when running in virtualized or cloud computing environments.

Comprehensive threat protection

Protect even your unpatched databases against zero-day attacks by blocking attacks that exploit known vulnerabilities and terminating sessions that violate your security policies.

Detailed audit trail reports

Audit trail reports are available to meet SOX, PCI, and other compliance audit requirements. During post-incident forensic analysis, this audit trail can help you understand the amount of lost data and gain greater insight into malicious activity.

Streamlined patching with no required downtime

Applying missing patches and fixing misconfigurations found by the Database Activity Monitoring vulnerability scan will improve the security posture of your databases immediately – without requiring any downtime via McAfee’s virtual patching technology.

Features & Benefits

• Get maximum protection for sensitive data, meet compliance requirements, and reduce exposure to costly breaches – Demonstrate compliance and minimize the likelihood of a breach by monitoring threats to databases from all sources, including network/application users, local privileged accounts, and sophisticated attacks from within the database itself.
• Save time and money with faster deployment and a more efficient architecture – Simplify the process of building custom security policies to audit and protect databases with preconfigured rules and templates.
• Minimize risk and liability by identifying attacks as they occur, and stopping them before they cause damage – Stop breaches by terminating suspicious sessions and quarantining malicious users with real-time monitoring and intrusion prevention for Oracle, Microsoft SQL Server, and Sybase databases.
• Increase your flexibility by deploying McAfee Database Activity Monitoring on the IT infrastructure of your choice – Install sensors on physical servers, provision sensors along with the database on virtual machines, and deploy sensors remotely on cloud servers.
• Discover databases automatically and organize them for monitoring and management – Find databases by scanning the network or by importing them from existing tools, and then group them by vendor, version, or custom tags (for example, HR, finance, or QA).
• Get out-of-the-box protection for known vulnerabilities and common threats – Receive more than 380 predefined rules that address specific issues patched by the database vendors, as well as generic attack profiles.
• Leverage templates for compliance regulations – Use a simple, step-by-step interface for building customized security policies for PCI DSS, SOX, HIPAA, GLBA, and SAS-70, as well as best practices based on experience at hundreds of customer sites.
• Receive granular protection of sensitive data at the object level, regardless of the source of the attack – Evaluate process memory to determine execution plan and affected objects, identifying policy violation even from local users or obfuscated code.

More Documentation

• McAfee Database Activity Monitoring Data Sheet (322 KB)
• McAfee Data Center Security Suite for Databases (310 KB)

McAfee Virtual Patching for Databases shields databases from the risk presented by unpatched vulnerabilities by detecting and preventing attempted attacks and intrusions in real time, without requiring database downtime or application testing. With Virtual Patching for Databases, organizations secure protection from threats even if they have not yet installed a vendor-released patch to deal with a known vulnerability.

Uninterrupted protection for production databases

Protect older versions of database management systems, even those no longer supported by the vendor. For applications running on older versions of the database where patches are no longer provided, Virtual Patching for Databases can protect the systems from attacks, helping to satisfy governance requirements.

Actionable data to address risk

Installation is nonintrusive, as the sensor is read-only, installs as a user process, and makes no changes to the database management system software. Only minimal testing of applications is necessary.

No database downtime required

Implement patch protection without having to take down databases during installation.

Features & Benefits

• Protect sensitive databases between the release and installation of vendor patches – Safeguard databases with virtual patches. McAfee host-based software uses a small, nonintrusive sensor on each database server to detect and prevent attempted exploits of vulnerabilities.
• Get ongoing updates to defend against exploits – Trust continuous research of the evolving threat landscape to provide timely patch updates that keep organizations protected despite the changing nature of attack vectors.
• Facilitate compliance by keeping systems up to date – Meet compliance standards, including PCI DSS, HIPAA, SOX, and other corporate governance rules.
• Check password strength in the fastest and most efficient manner possible – Detect weak passwords, shared passwords, and hashes passwords while downloading data for local analysis to avoid affecting database performance.
• Secure your databases with an easy-to-implement solution – Save time with less frequent patches, reducing the effort required for application regression testing and physical patch installation.

More Documentation

• McAfee Virtual Patching for Databases Data Sheet (313 KB)
• McAfee Data Center Security Suite for Databases (310 KB)

McAfee Vulnerability Manager for Databases automatically discovers databases on your network, determines if the latest patches have been applied, and tests for common weaknesses such as weak passwords, default accounts, and other common threats. Vulnerability Manager for Databases conducts more than 3,000 vulnerability checks against leading database systems, including SQL Server, DB2, and MySQL.

Clear visibility into database vulnerabilities

By improving visibility into database vulnerabilities and providing expert recommendations for remediation, Vulnerability Manager for Databases reduces the likelihood of a damaging breach, and saves money through better preparation for audits and compliance with regulatory mandates.

Risk evaluation from all known threat vectors

Unlike other products that overwhelm you with a myriad of minor threats hiding the critical issues that must be addressed, Vulnerability Manager for Databases evaluates risk from all known threat vectors and clearly classifies threats into distinct priority levels, provides fix scripts, and includes recommendations.

Features & Benefits

• Get unparalleled visibility into database security posture – Know exactly where risks are and how to minimize the likelihood of a breach by automatically discovering databases on the network, and conducting more than 3,000 checks for vulnerabilities.
• Save time and money by reducing the need for external database security consultants – Get recommendations for remediation for the most high-priority vulnerabilities, in many cases augmented with fix scripts you can run to address any issues.
• Gain access to more than 3,000 security verifications – Get comprehensive and up-to-date checks of the most popular database platforms reporting on meaningful criteria such as version/patch level, changed objects, modified privileges, and forensic traces from common hacker tools.
• Discover databases and sensitive tables automatically – Find databases by scanning the network or by importing from existing tools, and identify tables containing restricted information based on preset patterns.
• Check passwords quickly and efficiently – Use a variety of techniques to detect weak passwords and shared passwords, including hashed passwords (SHA-1, MD5, and DES), by downloading data for local analysis to avoid affecting database performance.
• Get out-of-the-box regulatory compliance reports and custom reporting – View reports for PCI DSS and other regulations, as well as specific reports for various stakeholders such as database administrators (DBAs), developers, and InfoSec users.
• Get recommendations and fix scripts for high-priority items – Organize items by priority and provide actionable recommendations for remediation based on input from leading security researchers.
• Integrate directly with McAfee ePolicy Orchestrator (ePO) – Plug McAfee Vulnerability Manager for Databases directly into the ePO platform to get centralized reporting and summary information for thousands of databases from one consistent dashboard.

More Documentation

• McAfee Vulnerability Manager for Databases Data Sheet (315 KB)
• McAfee Data Center Security Suite for Databases (310 KB)

McAfee Security Scanner for Databases automatically finds databases on your network, determines if the latest patches have been applied, and tests for weak passwords, default accounts, and other common threats – making it easier to demonstrate compliance to auditors and improve protection of critical data assets.

Maximum visibility into security posture

Security Scanner for Databases gives auditors, pen testers, consultants, and database administrators a solution for gaining unmatched visibility into an organization’s security posture by conducting a thorough check of more than 3,500 potential database vulnerabilities.

Actionable data to address risk

With Security Scanner for Databases, you can review expert recommendations to address these risks, helping to build an effective database security policy and meet regulatory mandates.

Features & Benefits

• Prepare for and perform well during a security audit – Detect altered data, including modifications of privileges and user tables, while spotting security issues such as SQL injection vulnerabilities.
• Accelerate time to compliance and minimize audit cycles – Use out-of-the-box compliance reports to uncover potential issues before an audit, minimizing the time and cost involved in confirming remediation post-audit.
• Deliver speedy fixes to help address vulnerabilities while prioritizing issues – Organize items by priority and review actionable recommendations for remediation. The database browser interface allows for quick application of fixes across multiple databases.
• Check password strength in the fastest and most efficient manner possible – Detect weak passwords, shared passwords, and hashes passwords while downloading data for local analysis to avoid affecting database performance.

More Documentation

• McAfee Security Scanner for Databases (315 KB)