ApexSQL President Brian Lockwood stresses that while some customers may go
the route of using a collection of database tools to address their needs, others
are looking for an integrated solution for auditing and compliance needs. "[Standalone]
log readers aren't really the best auditing tools," says Lockwood. "Most people
want a more sophisticated (and integrated) auditing solution."
Lockwood explains that ApexSQL Audit has robust support for auditing using
Data Definition Language (DDL) triggers and provides templates to streamline
and simplify the creation of those triggers. It also integrates with a standalone
ApexSQL Audit Viewer. Like Idera, ApexSQL has focused on developing applications
solely for SQL Server and supports SQL Server 2005, 2000, and 7.0.
But what if your company supports more than one enterprise database application?
Auditing solutions exist for heterogeneous environments as well, often with
support for leading platforms such as Oracle, Sybase, and IBM DB2. Offerings
in this category include DB Audit 3.2 from SoftTree Technologies, Lumigent
AuditDB 6.0, and Quest Software's InTrust for Databases series of audit-related
applications. All these products work on multiple platforms and use unified
management consoles that provide a common interface across those platforms.
This integration can help IT address compliance concerns across a disparate
enterprise where multiple database architectures are in use.
Lumigent Technologies' Senior Director of Product Marketing Mike Puglia stresses
that not only is supporting multiple platforms desirable for some enterprises,
but integrating that support with multiple auditing approaches—all in
one vendor solution—is often desirable. "Our AuditFlex architecture is
platform agnostic," explains Puglia. "It also combines transaction-log reading,
native auditing, and network capture into one auditing solution. We support
all three methods and let the customer choose which of those methods is most
important to them."
Auditing Appliances
Yet another database auditing and compliance solution comes in the form of network
hardware appliances that also provide database protection and monitoring functions.
Products such as Guardium's SQL Guard Security Suite (with AuditGuard software
module), Tizor Mantra, and Imperva's SecureSphere Database Monitoring Gateway
all provide standalone devices that promise to simplify certain auditing, monitoring,
and security tasks. On the security side, some enterprises have also turned
to appliances that more heavily emphasize perimeter defense, such as Xceedium
Gatekeeper.
Since many of these appliances are installed separately from the database server,
their use doesn't affect performance of the database itself. Hardware vendors
also tout their plug-and-play convenience.
Hardware or Software?
Although hardware solutions promise to provide less of an impact on database
performance, software vendors say that argument is flawed, pointing out that
improper use of full native SQL Server 2005 transaction logging and auditing
has created a misconception that all software-based auditing slows system performance
significantly.
Lumigent's Puglia argues that correctly installed software-based auditing solutions
can be configured so that they only minimally affect server performance. Hardware-appliance
vendors can also have a software footprint, Puglia says, pointing out that Guardium's
software tap (S-TAP) and Tizor's Enterprise-Tap (E-TAP) are both software applications
that need to be installed on host machines to track database access by local,
privileged users who don't go on the network. Without those software tools running
on a host machine, the appliances couldn't track access by local users.
The proliferation of separate network appliances that provide security, auditing,
load balancing, and other features can lead to crowded rack space. Hardware
vendors argue that some of the proliferation is a necessary evil, since the
other option—installing the software equivalent of those features on
a host machine—would bring system performance to a crawl.
"Many of the functions that hardware appliances offer can't easily be consolidated
into one unit," says Imperva CTO Amichai Shulman. "Perimeter security, enduser
security, database auditing, and network operations… these are all areas
that different people in different departments may need to access, often with
different security levels and permission levels." Shulman argues that functionality
might eventually be consolidated on some devices, but a host of compliance,
security, infrastructure, and privacy demands preclude the development of a
single appliance that can solve every problem by simply plugging it into the
network.
No Silver Bullets
Regardless of the set of solutions you choose, many vendors caution users to
avoid looking for a single, "super product" that promises to solve every auditing,
compliance, and security need in every instance. A poorly implemented software
solution can seriously degrade system performance, whereas reliance solely on
hardware solutions can lead to rack-space congestion and other problems.
Vendors do agree that IT needs to approach auditing and compliance with the
specific auditing needs of their enterprise first, then spend some time talking
to vendors, attending Web seminars, and trying out products. Perhaps most importantly,
all agree that even the best products can't replace the solid research, detailed
planning, and sound business processes that need to be in place long before
the first purchase order for an auditing solution is issued.
Prev. page
1
[2]
3
next page 
