What is our primary use case?
The primary use case is to protect the database from privileged use, weak authentication, database exposure, SQL injection, and database platform vulnerability. This product answered those five and more.
I found ways to add more rules within the product, to a different area in the database, which helps me use the product in addition as a kind of DLP solution. If one of the users makes heavy requests from the database, and take exception reports, I get an alarm, or I can automatically block those transactions.
How has it helped my organization?
The improvement is from the management point of view because, when implementing database security, you don't see any improvement in performance or productivity. The purpose of the product is to give visibility to management that the heart of the company is secured in the maximum way possible, and this solution is giving us that.
The report that I present to the management team shows this, that it's safe, that we are monitoring the database all the time, and the vulnerability of the database is prevented, thanks to this solution. The improvement is the security that it provides.
What is most valuable?
With this product, the performance of the database wasn't affected at all.
In addition, it is easy to use, and you can define rules that protect the database beyond the built-in rules of the product. I found another purpose for the product besides the basic things that it does, protecting the database: privileged use, weak authentication, SQL injection and and database platform vulnerability.
I came to this solution because there was a data leak from one of the internal users who was taking information from inside the company, from the ERP system. When she left the company, she was giving it to our competitors. I found a way with this product to also create a DLP solution. I got two products in one solution, so it is very efficient.
What needs improvement?
Maybe a better GUI platform; that would make it easier to present information to management, so I would not need to fix the data before I present it.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
The stability is very, very good. I was very impressed that it didn't effect the performance of the database at all. At first I put it in monitoring mode, so I could see that it's stable, and not affecting the database performance. After a month running on monitoring, I put it in prevention mode, and it did it without any performance issues. So that was great.
What do I think about the scalability of the solution?
I think scalability is very good. You can grow the product, you can add more databases to it. It depends on the license that you purchase. You can grow with the product without any issues.
How are customer service and support?
I'm working with a security company called Intensity. After doing my own PoC, and also checking an IBM solution, I was fine with this product. Intensity, the partner, implemented the product, and they were working with customer support of the product.
Customer support is very good, because we didn't run into any issues that weren't resolved. The implementation ran very smoothly on Oracle Database. So I would evaluate support as very good.
Which solution did I use previously and why did I switch?
I didn't use database security before this. I was protecting the data of the company with other products, not directly on the database. But when we ran into data leaks from one of the users, I searched for a DLP solution. DLP solutions, to implement in a company, are very, very complex. So I searched for another solution that would gives us the same result but in a different way, and this product did it.
How was the initial setup?
It's not straightforward. You need to have database knowledge to know which parts of the data you want to protect within the database, to map your data and tables in order to make the rules. For the basic things that the product does, the knowledge you need is straightforward for system integration. But when you're diving into the product and you want to enhance the solution, you need a DBA to protect your database in a significant way, as I was implementing it.
Which other solutions did I evaluate?
I also evaluated Nyotron. I went with McAfee for the stability, that it's handled by McAfee and they are an experienced company.
What other advice do I have?
When you're searching for a vendor, first of all you want to be secure and comfortable with the partner that you're working with. The partner can see many vendors in the industry, and is working with many companies. When he's recommending a vendor, I'm more comfortable working with that vendor. So I'm listening to my partner's recommendation, and then I start to check out those vendors.
The criteria include that it is a stable vendor, has been in the market a long time, has a good solid, financial base so it can support the product that I'm working with.
My advice would be to speak with other companies who have implemented the solution to get references.
I would rate this solution a nine out of 10.
When I'm looking for a product like this, I don't want it to interfere with the performance of my database or system. The purpose of database security is to protect our ERP system database, and if the performance is going to be harmed or affected, from a business point of view that's a big issue. This product did not affect performance.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
