Fortinet FortiDB 1000B

Overview:

The FortiDB-1000B appliance provides scalable database vulnerability assessment and compliance solutions for mid-sized enterprises in a quickly-installed, easily managed package. Its centralized web-based management application ensures consistent database security policies across the organization without imposing a high management burden on database and IT staff. Following auto-discovery of every database on the network regardless of subnet boundaries, the FortiDB-1000B scans for security problems and provides advice on how to fix them with vulnerability assessments that can be viewed within minutes of installation. Ongoing scans of all your databases assure continued protection based on extensive built-in best practices plus easily-customized individual organizational standards. 24 x 7 database activity monitoring captures all forms of database activity to detect erroneous or malicious activity. Database auditing records all database activity for complete and accurate audit trails, with independent storage for additional security.

FortiDB-1000B Benefits:

• Enterprise-class protection for up to 10 databases extends built-in database security features for comprehensive protection against internal and external threats.
• Automated near real-time detection and alerts reduce security and operational vulnerabilities.
• Native audit guarantees a 100% capture rate.
• Web-based centralized management of multiple distributed, heterogeneous databases enables consistent policy enforcement.
• Auto-Discovery assures complete coverage by finding all databases on the network and across subnet boundaries, even on irregular ports.
• Quick time-to-value with hundreds of pre-populated policies covering known exploits, configuration weaknesses, OS issues, operational risks, and data access privileges, with automatic updates to latest regulatory/industry best practices.
• Reports with expert-level remediation advice offer out-of-the-box support of compliance programs with best practices for major regulations: PCI, SOX, HIPAA, and GLBA.
• Policies are easily run to verify that databases conform to corporate standard configurations, implement tests for custom applications, or conduct Extended Penetration Testing to test for common passwords, etc.
• Database auditing records database activity for complete and accurate audit trails; independent audit storage provides an additional security layer for audit integrity.
• Standardized, exportable audit reports customizable with company branding are designed out-of-the-box to support compliance programs, with graphic trend analysis to spot and isolate patterns.
• Database Activity Monitoring captures all types of database activity from administration events to user activity, regardless of originating command type (plain SQL or stored procedures) or connection type (ex - standard, pooled, or console).
• Non-intrusive, agentless operation enables easy deployment, places no load on database operations, and avoids putting any applications at risk.

FortiDB-1000B Features:

• Supports up to 30 database instances (licensed per appliance)
• Tens of millions of audit records processed from databases per day
• 4 10/100/1000 Base-T Ethernet interfaces
• 1 TB storage capacity (2 TB option)
• Database support: DB2 UDB V8 (except UBM object policy), DB2 UDB V9 (VA only); MS SQL Server 2000, MS SQL Server 2005; Oracle 9.2.x, Oracle 10gR1, Oracle 10gR2, Oracle 11.1.0.x (VA only); Sybase ASE 12.0 (DAM only), Sybase ASE 12.5, Sybase ASE 15.0.2 (VA only)
• Repository Database support: Apache Derby 10.x, DB2 UDB v9, Microsoft SQL Server 2005, Oracle 10gR2, PostgreSQL 8.3
• Browser support: Internet Explorer 7.x, Firefox 3.x (VA only)

Knowledge is Power

Databases store some of the most highly sensitive customer and business data in the enterprise. However, while network security has become established practice, database security has often been overlooked. To meet the growing demand for more pervasive access to database applications that expose the database to more people and applications, database administrators (DBAs) are increasingly faced with security issues that rival network security—including insider threats, and rising data breach costs for compromised or lost records. As a result, securing the database has become integral to protecting any enterprise infrastructure, with regulators stepping in to review database-specifi c security compliance. Enforcing acceptable use policies, identifying and blocking new database security threats, and complying with emerging industry and governmental regulations regarding privacy and disclosure of security practices requires sophisticated database activity monitoring (DAM) and vulnerability assessment (VA) capabilities.

Solutions for Dynamic Security Management

The FortiDB Family of products provide centrally managed, enterprise-scale, database hardening features with fast, comprehensive policy compliance with database activity monitoring and vulnerability assessment for improved data security across the enterprise. DBAs realize quick time-to-value with easy to install, intuitive, high value standard compliance policies (PCI-DSS, SOX, GLBA, HIPAA) and reports ready out-of-the-box to ensure database regulatory compliance requirements are met. FortiDB dedicated hardware appliances easily plug into the network for fast deployment. FortiDB provides full-featured monitoring and auditing technology used by companies around the world to address critical issues such as Change Control, Internal Controls, Privileged User Monitoring, and Privacy Protection. Automation through scheduling and scripting dynamically detects database security weaknesses and noncompliance with standard policies. Appliances are pre-populated with hundreds of policies that cover standard industry and governmental requirements, and security best practices. A comprehensive set of standards-based graphical reports are built into the system to produce immediate results.

Key Features and Benefits: Full Database Activity Coverage Captures all types of database activity from administration events to user activity, regardless of originating command type (plain SQL or stored procedures) or connection type (ex - standard, pooled, or console). Automatic Database Discovery High-performance scans quickly fi nd all databases on the network and across WAN and subnet boundaries—even on irregular ports. Accelerated Security and Compliance Best Practices (PCI, SOX, HIPAA) Automatic updates to latest regulatory / industry best practices add to hundreds of pre-populated security and compliance policies. Centralized Policy Management Centralized web-based access allows DBAs to more quickly identify and react to database security threats across the network. Business-Driven Assessments with Flexible Sets of Policies Easily run policies to verify that databases conform to corporate standard confi gurations, implement tests for custom applications, or conduct Extended Penetration Testing to test for common passwords, etc. Standardized Compliance Reports with Trend Analysis Standardized, exportable audit reports customizable with company branding are designed out-of-the-box to support compliance programs, with graphic trend analysis to spot and isolate patterns. Enterprise Scalability Supports fl exible deployments across the network of up 60 databases per appliance for consistent enterprise-wide policy enforcement, processing tens of millions of audit records from databases per day.

Low Impact Total Cost of Ownership (TCO) Failing to keep up with today’s regulations for data security can be cost prohibitive. FortiDB simplifi es the process with regular policy and signature updates via XML, and current industry leading remediation advice that strengthens the integrity and security of databases—mitigating internal threats, managing database vulnerabilities to prevent costly breaches, and improving visibility of access policy security violations. Native audit guarantees a 100% capture rate. And the low impact, non-intrusive agent-less architecture simplifying deployment does not interfere with database operations or put applications at risk.

Database Activity Monitoring & Auditing with FortiDB - Complete, Accurate Audit Trails

Full Database Activity Capture for Auditors

Incomplete and inaccurate information compromises both compliance and security. FortiDB captures all database activity in a security and compliance context for specific behaviors that might, for instance, indicate a SQL injection attack or inappropriate access by a privileged user.

Network security at the perimeter is not enough. Some experts say privileged users account for 78% of the threat. While there are tools that look at network traffic to try to deduce database activity, network monitoring of the database has some shortcomings in terms of capturing stored procedures, some connection types, encryption, aborted longrunning transactions, and server-only activity among other things. For instance, network sniffers cannot tell whether the stored procedure “sp_ignoreme” is deleting every transaction in an order entry table or modifying user privileges.

In contrast full monitoring with FortiDB captures all types of database activity. In order to meet the compliance requirements, businesses must implement controls that prevent erroneous data or prevent misuse of data. For these controls to be effective, they must be operational 24x7.

Continuous database monitoring:

• Continuous database monitoring or schedule-• based monitoring
• Captures all types of database activity from administration events to user activity
• Captures all changes whether the originating commands were plain SQL or stored procedures
• Captures activity irrespective of connection type (ex - standard, pooled, or console)
• Captures activity on encrypted networks without requiring bypasses
• Captures full activity, including metadata changes, privilege changes, data changes, content changes and user behavior

Behavioral and Content Analysis

FortiDB can also learn user behavior, not only in support of IPS networkbased tools like those in FortiGate, but also to detect and prevent anomalous database queries by authorized users. FortiDB learns user behavior and discovers when activities fall outside of normal behavior, including suspicious access frequency, suspicious logins, excessive reads and abnormally long sessions. By correlating database activities across multiple databases and learning what is appropriate content using probabilistic modeling, FortiDB discovers unusual or unexpected data values, and verifies that input from applications and batch jobs matches expectations.

Accurate Audit Trails

Selected by some of the world’s leading security compliance auditors, Database Auditing with FortiDB records database activity for complete and accurate audit trails. Independent audit storage provides an additional security layer for audit integrity. Alerts can be individually provided to email, paging, and control centers.

Technical Specifications:

FortiAnalyzer Series Specifications:
FortiDB Models
	FortiDB-400B	FortiDB-1000B	FortiDB-2000B
System Specifications
Security Hardened Platform	Yes	Yes	Yes
Number of Licensed Database Instances	10	30	60
Hardware Specifications
10/100/1000 Ethernet	4	4	4
RAM	2 GB	2 GB	4 GB
Number of Hard Drives	1	1	1
Total Hard Drive Capacity	500 GB (1 TB option)	1 TB (2 TB option)	1 TB (6 TB option)
Storage key (boot image)	1 GB Compact Flash	1 GB USB	1 GB USB
RAID Storage Management	No	No	No
Redundant Hot Swap Power Supplies	No	No	Yes
Dimensions (H, W, L)	1.7 x 17.25 x 14.5 in (4.5 x 43.8 x 36.8 cm)	1.7 x 16.7 x 30.4 in (4.3 x 42.6 x 77.2 cm)	3.5 x 17.5 x 27.5 in (8.9 x 44.5 x 69.8 cm)
Weight	10 lbs (4.5 kg)	35.8 lbs (16.3 kg)	55.3 lbs (25.1 kg)
Rack Mountable	Yes	Yes	Yes
AC Power Required	100-240 VAC, 50-60 Hz, 4.0 Amp (Max)	100-240 VAC, 50-60 Hz, 4.8 Amp (Max)	100-240 VAC, 50-60 Hz, 9.4 Amp (Max)
Auto-Switching Universal	110/220 Volts	110/220 Volts	110/220 Volts
Average Power Consumption	121 Watts	275.4 Watts	316.9 Watts
Environmental
Operating Temperature	32 to 104 deg F (0 to 40 deg C)	50 to 95 deg F (10 to 35 deg C)	50 to 95 deg F (10 to 35 deg C)
Storage Temperature	-31 to 158 deg F (-35 to 70 deg C)	-40 to 149 deg F (-40 to 65 deg C)	-40 to 149 deg F (-40 to 65 deg C)
Humidity	20-90% non-condensing	5 to 95% non-condensing	20 to 80% non-condensing
Regulatory
Regulatory	FCC Class A, CE, UL/CB/CUL	FCC Class A Part 15 / CE Mark	FCC Class A Part 15 / CE Mark
Features	Fortinet Database Security Software
Security Hardened Platform	Yes
Number of Licensed Database Instances	Licensed per database
System Requirements	2.0 GHz CPU, 1024 MB RAM, 200 MB HDD
Operating System support	AIX 5.3 (64-bit); Red Hat Enterprise Linux 4.0 or 5.0 (64-bit); Solaris 10 (64-bit); Windows XP / Vista; Windows Server 2003, SP1 (32-bit or 64-bit)
Features	All Fortinet Database Security Products
Database support	DB2 UDB V8 (except UBM object policy), DB2 UDB V9 (VA only); MS SQL Server 2000, MS SQL Server 2005; Oracle 9.2.x, Oracle 10gR1, Oracle 10gR2, Oracle 11.1.0.x (VA only); Sybase ASE 12.0 (DAM only), Sybase ASE 12.5, Sybase ASE 15.0.2 (VA only)
Repository Database support	Apache Derby 10.x, DB2 UDB v9, Microsoft SQL Server 2005, Oracle 10gR2, PostgreSQL 8.3
Browser support	Internet Explorer 7.x, Firefox 3.x (VA only)

Features:

An Automated Process

Without an automated database security solution, important database changes and policy breaches could easily go unnoticed, affecting the reliability of financial data and more, e.g., automated checks on running supported versions, specified patch levels, and complying with secure configuration settings. Automation allows for more frequent assessments, broader database coverage, improved availability, and added confidence in repeatable and demonstrable policy compliance without increasing labor costs.

Insider Threat Assessment

Privileged User Assessment and Separation of Duties mitigate insider threats, assessing permissions, user passwords, structures.

Deployments:

Centralized Vulnerability Assessment with FortiDB - Compliance Policy Enforcement and Reporting
 

Understanding the Dynamic Security Environment While many companies implement network security as the main guard against security compromises, often the target of these attacks is the most often overlooked network asset—the database. Databases need to be scanned regularly for vulnerabilities just like other IT assets. Understanding how databases fit into an effective security policy is key to protecting some of the most business-sensitive data in the enterprise. FortiDB eases this process, automating a manual process for consistent application of database security policy, verifying that databases conform to corporate standard configurations, and even conducting Extend Penetration Testing to test for passwords commonly used within an organization.
	Keeping up with Compliance—PCI-DSS, SOX, GLBA, HIPAA New regulatory, compliance and legal mandates largely in response to headlinegrabbing security breeches and accounting scandals require businesses to not only understand database events, but also proactively implement and enforce database security policy. Selecting a compliance solution that keeps up with the latest industry and regulatory compliance requirements with periodic fully automated updates like FortiDB simplifies the process. Separation of Duties—important for all compliance standards—allows unique access privileges and rights to be assigned to different FortiDB users based on requirements and needs. FortiDB takes care of 9 of the top 12 Payment Card Industry Data Security Standard (PCI-DSS) requirements, more with FortiGate UTM Firewall protection. FortiDB also supports database compliance with risk assessment to help establish an environment of accountability as required by sections 302, 404, and 409 of the Sarbanes-Oxley (SOX) act. Similarly, FortiDB pre-defined policies for commercial and investment banks simplify compliance with provisions of the Gramm-Leach-Bliley Act (GLBA). Comprehensive security and privacy policies in FortiDB address the large regulatory burden that the Health Insurance Portability and Accountability Act (HIPAA) places on organizations that deal with certain types of health-related information, including security of electronic protected health information (ePHI).
	Security Reporting—Security Management FortiDB addresses the analysis and reporting challenges in today’s complex regulatory environments. Implemented on a scalable, high-performance platform, FortiDB allows DBAs to capture security compliance information from their entire network of distributed, heterogeneous databases. Pre-defined detailed, summary, global, and trend reports can be exported to PDF, Excel, Comma Separated Values (CSV) and Tab-Delimited formats for use with third party tools. Administrators can group by a specific policy or target, e.g., policy severity or target port, and a whole host of customization options for company branded User- Defined Reports. Templates reserve space for business names and logos. FortiDB supports more effective security management with intelligent reports to assess database security posture at a glance.

Typical Applications:

Services & Support:

FortiCareSupport Services

•  24 x 7 x 365 FortiCare Web Service [1]
• 8x5 Telephone-based Technical Support [2]
• 1-Year Limited Hardware Warranty
• 90-Day Limited Software Warranty

[1] Annual renewal required to maintain service
[2] 24 x 7 Telephone Technical Support available.

Documentation:

Download the Fortinet FortiDB Database Security Datasheet (PDF).