• 
  • Solutions Overview
  • Database Activity Monitoring
  • • Privileged User Monitoring
  • • Monitoring Applications for Fraud
  • • Preventing SQL Injection Attacks
  • Auditing & Compliance
  • • Compliance Workflow Automation
  • • SOX
  • • PCI
  • • Data Privacy
  • Change Control
  • Vulnerability Management
  • Database Leak Prevention
  • Mainframe Visibility
• 
  • Product Overview
  • Architecture
  • • Core Technology
  • • Enterprise Scalability
  • • Enterprise Integration
  • • Secure Platform
  • Audit & Report
  • Monitor & Enforce
  • Assess & Harden
  • Discover & Classify
  • Supported Platforms
• 
  • Partner Overview
  • Reseller Partners
  • System Integrators
  • Trusted Advisors
  • Technology Partners
  • Partner Certification
  • Channel Portal
• 
• 
  • Support Overview
  • Technical Services
  • Professional Services
  • Training
  • Customer Login
• 
• 
  • Guardium Overview
  • Why Guardium
  • • Industry Recognition
  • Leadership
  • Careers
  • Contact Us

Home> Products > Architecture > Secure Platform

Secure Platform

.

The Guardium architecture is designed, from the ground up, to meet the most stringent security requirements of discerning auditors worldwide.  Its robust security features include:

• Secure audit repository: All audit information is stored in a secure repository that cannot be modified by anyone—even privileged users—in order to support separation of duties and provide a verifiable audit trail
• Not a repository for sensitive data: By default, sensitive data values are not captured by the system, so they are not vulnerable to compromise by administrators with legitimate access to the system
• Hardened OS and database kernel: Root access to the appliance is not provided, preventing administrators from accessing the base OS, file system, or embedded database to view or modify audit data
• Role-based administration: Access to all applications and reports is controlled according to organizational roles such as security, database administration, and risk and compliance
• Strong authentication: Supports RSA SecurID® two-factor authentication to establish the trusted identity of users accessing critical security assets managed by the Guardium system. This includes security policies, audit trails and information about where sensitive data is located
• Secure key management for monitoring encrypted traffic: Guardium monitors encrypted connections—such as Oracle ASO, Kerberos and SQL Server SSL—in real-time, without the added security risk and complexity of uploading keys to the Guardium system, where they could be viewed by administrators with legitimate access to the system
• Self-monitoring: The appliance and S-TAP host-based probe instantly report (via SMTP, SNMP, Syslog, etc.) when they have been disabled or are no longer collecting traffic
• Self-auditing: The system creates a secure audit trail of all changes that were made to its policies, audit parameters, workflow processes, archiving settings, etc.
• Encrypted archiving: All audit data is encrypted when archived to external storage devices such as file servers, NAS, IBM Tivoli Storage Manager (TSM) devices and near-line devices such as EMC Centera

©2010 Guardium, Inc. All Rights Reserved

Privacy Policy | Terms of Use | Site Map | Contact Us