FORTIDB-1000B DATABASE SECURITY APPLIANCE

The FortiDB-1000B appliance provides scalable database vulnerability assessment and compliance solutions for mid-sized enterprises in a quickly-installed, easily managed package. Its centralized web-based management application ensures consistent database security policies across the organization without imposing a high management burden on database and IT staff. Following auto-discovery of every database on the network regardless of subnet boundaries, the FortiDB-1000B scans for security problems and provides advice on how to fix them with vulnerability assessments that can be viewed within minutes of installation. Ongoing scans of all your databases assure continued protection based on extensive built-in best practices plus easily-customized individual organizational standards. 24 x 7 database activity monitoring captures all forms of database activity to detect erroneous or malicious activity. Database auditing records all database activity for complete and accurate audit trails, with independent storage for additional security.

• Enterprise-class protection for up to 30 databases extends built-in database security features for comprehensive protection against internal and external threats.
• Automated near real-time detection and alerts reduce security and operational vulnerabilities.
• Native audit guarantees a 100% capture rate.
• Web-based centralized management of multiple distributed, heterogeneous databases enables consistent policy enforcement.
• Auto-Discovery assures complete coverage by finding all databases on the network and across subnet boundaries, even on irregular ports.
• Quick time-to-value with hundreds of pre-populated policies covering known exploits, configuration weaknesses, OS issues, operational risks, and data access privileges, with automatic updates to latest regulatory/industry best practices.
• Reports with expert-level remediation advice offer out-of-the-box support of compliance programs with best practices for major regulations: PCI, SOX, HIPAA, and GLBA.
• Policies are easily run to verify that databases conform to corporate standard configurations, implement tests for custom applications, or conduct Extended Penetration Testing to test for common passwords, etc.
• FortiDB Security Service delivers dynamic updates to vulnerability management policies through intelligence gathered by Fortinet's dedicated global threat research team.
• Policy Versioning to keep track of pre-defined policies and generate reports with the policy information that existed when the original scan was run.
• Database auditing records database activity for complete and accurate audit trails; independent audit storage provides an additional security layer for audit integrity - including self-auditing of FortiDB itself.
• Standardized, exportable audit reports customizable with company branding are designed out-of-the-box to support compliance programs, with graphic trend analysis to spot and isolate patterns.
• Database Activity Monitoring captures all types of database activity from administration events to user activity, regardless of originating command type (plain SQL or stored procedures) or connection type (ex - standard, pooled, or console).
• Non-intrusive, agentless operation enables easy deployment, places no load on database operations, and avoids putting any applications at risk.

• Supports up to 30 database instances (licensed per appliance)
• Tens of millions of audit records processed from databases per day
• 4 10/100/1000 Base-T Ethernet interfaces
• 1 TB storage capacity (2 TB option)
• Database support: DB2 UDB V8 (except UBM object policy), DB2 UDB V9 (VA only); MS SQL Server 2000, MS SQL Server 2005, MS SQL Server 2008; MySQL 5.1 (VA only); Oracle 9.2.x, Oracle 10gR1, Oracle 10gR2, Oracle 11.1.0.x; Sybase ASE 12.0 (DAM only), Sybase ASE 12.5, Sybase ASE 15.0.2 (VA only)
• Repository Database support: Apache Derby 10.x, DB2 UDB v9, Microsoft SQL Server 2005, Oracle 10gR2, PostgreSQL 8.3
• Browser support: Internet Explorer 7.x, Firefox 2.x (VA only), Firefox 3.x (VA only)