Guardium Partners with NEON Enterprise Software to Extend Industry-Leading Database Security and Monitoring Technology to Mainframe Environments

Business Wire, Oct 9, 2007

Announces First Solution for 100% Real-Time Visibility Into All Mainframe Database Activity Without Impacting Business Processes; Practical and Comprehensive Solution for Preventing Unauthorized Access to Sensitive Data in Large Corporations

WALTHAM, Mass. and SUGAR LAND, Texas -- Guardium, the database security company, and NEON Enterprise Software, the technology leader in mainframe data management solutions, today announced Guardium for Mainframes, the first security solution for tracking all mainframe database activity - including access to sensitive data and unauthorized changes by privileged users - without impacting business processes. The new breakthrough solution was co-developed and will be distributed by both companies.

Tracking the details of who does what is required for compliance with key regulations such as Sarbanes-Oxley (SOX) and the Payment Card Industry Data Security Standard (PCI-DSS). In addition to automating and simplifying compliance processes, Guardium for Mainframes enables proactive, real-time database security by immediately identifying anomalous behavior as well as activities that violate corporate policies, and by instantly generating policy-based actions such as security alerts.

"Hackers and privileged insiders go wherever the data and money lead them - including mainframes," said Ram Metser, CEO of Guardium. "Leaving mainframes exposed is like a bank securing ATMs but leaving the safe unlocked. Regulators and auditors are now cracking down on this security gap, requiring enterprises to safeguard data wherever it resides. For that reason we partnered with the mainframe software experts at NEON."

Until now, the only way to monitor mainframe database activities was to use internal DBMS utilities such as trace or transaction logs - all of which are inadequate or impractical. The use of trace utilities comes with the cost of high CPU usage, severely impacting the performance of critical business applications. Log utilities capture only part of the database activities - failing to capture critical activities such as read operations on sensitive data - and analysis is performed "after the fact," allowing violations and breaches to go undetected or undiscovered until days or weeks later. Additionally, these utilities do not meet auditor's requirements for separation of duties since they are run by database administrators, whose activity also must be audited.

The same limitations apply even with complementary solutions such as security information and event management (SIEM) tools. These tools provide an important function by importing and filtering log data from a range of network devices and systems, but they require internal DBMS utilities to be turned on and don't natively monitor any database activity information on their own.

Guardium for Mainframes overcomes all of the problems inherent with current DBMS utilities by providing full database activity monitoring and efficient processing:

* All database activity is monitored and tracked, including access to sensitive data and unauthorized changes by privileged users.

* Performance impact is minimal because all storage, analysis and reporting of database activity information is efficiently performed off-mainframe, using a high-performance, Linux-based appliance.

* Database activity is monitored in real-time, immediately identifying anomalous behavior and violations to corporate policies and allowing for preventive actions via security alerts and other policy-based actions.

Because Guardium for Mainframes monitors database activity at the DBMS-level, all activity is captured regardless of whether the activity was initiated through a mainframe-resident or networked application or through a database utility. Monitoring can occur by role, such as privileged users, or by application, making it easy to meet auditing requirements.

"Comprehensive mainframe security requires specialized expertise," said Don Pate, president and CEO of NEON Enterprise Software. "Our Fortune 1000 mainframe customers told us they were looking for a practical solution that addresses the core need to protect critical data, without impacting mainframe performance or increasing their mainframe management burden."

Tightly-Integrated Architecture for Heterogeneous Environments

Guardium for Mainframes consists of four core components that have been tightly integrated in a distributed architecture:

* Z-TAP[TM], a low-impact monitoring service for z/OS developed by NEON, which resides on the mainframe and tracks all database activities at the database level itself. For example, the service tracks all DB2 queries executed by a CICS application or all database changes implemented by DBAs. Performance impact is minimal because all analysis is performed off-mainframe and the service does not rely on internal DBMS utilities. To further minimize costs, which are tied to MIPS consumed by central processors, the Z-TAP offloads processing to IBM's specialty co-processors called zIIPs (z Integrated Information Processors).