• 
  • Solutions Overview
  • Database Activity Monitoring
  • • Privileged User Monitoring
  • • Monitoring Applications for Fraud
  • • Preventing SQL Injection Attacks
  • Auditing & Compliance
  • • Compliance Workflow Automation
  • • SOX
  • • PCI
  • • Data Privacy
  • Change Control
  • Vulnerability Management
  • Database Leak Prevention
  • Mainframe Visibility
• 
  • Product Overview
  • Architecture
  • • Core Technology
  • • Enterprise Scalability
  • • Enterprise Integration
  • • Secure Platform
  • Audit & Report
  • Monitor & Enforce
  • Assess & Harden
  • Discover & Classify
  • Supported Platforms
• 
  • Partner Overview
  • Reseller Partners
  • System Integrators
  • Trusted Advisors
  • Technology Partners
  • Partner Certification
  • Channel Portal
• 
• 
  • Support Overview
  • Technical Services
  • Professional Services
  • Training
  • Customer Login
• 
• 
  • Guardium Overview
  • Why Guardium
  • • Industry Recognition
  • Leadership
  • Careers
  • Contact Us

Guardium Partners with NEON Enterprise Software to Extend Database Security and Monitoring Technology to Mainframe Environments

Announces First Solution for 100% Real-Time Visibility Into All Mainframe Database Activity Without Impacting Business Processes; Practical and Comprehensive Solution for Preventing Unauthorized Access to Sensitive Data in Large Corporations

WALTHAM, Mass. and SUGAR LAND, TX (October 9, 2007) ─ Guardium, the database security company, and NEON Enterprise Software, the technology leader in mainframe data management solutions, today announced Guardium for Mainframes, the first security solution for tracking all mainframe database activity ─ including access to sensitive data and unauthorized changes by privileged users ─ without impacting business processes. The new breakthrough solution was co-developed and will be distributed by both companies.

Tracking the details of who does what is required for compliance with key regulations such as Sarbanes-Oxley (SOX) and the Payment Card Industry Data Security Standard (PCI-DSS). In addition to automating and simplifying compliance processes, Guardium for Mainframes enables proactive, real-time database security by immediately identifying anomalous behavior as well as activities that violate corporate policies, and by instantly generating policy-based actions such as security alerts.

“Hackers and privileged insiders go wherever the data and money lead them - including mainframes,” said Ram Metser, CEO of Guardium. “Leaving mainframes exposed is like a bank securing ATMs but leaving the safe unlocked. Regulators and auditors are now cracking down on this security gap, requiring enterprises to safeguard data wherever it resides. For that reason we partnered with the mainframe software experts at NEON.”

Until now, the only way to monitor mainframe database activities was to use internal DBMS utilities such as trace or transaction logs ─ all of which are inadequate or impractical. The use of trace utilities comes with the cost of high CPU usage, severely impacting the performance of critical business applications. Log utilities capture only part of the database activities ─ failing to capture critical activities such as read operations on sensitive data ─ and analysis is performed “after the fact,” allowing violations and breaches to go undetected or undiscovered until days or weeks later. Additionally, these utilities do not meet auditors’ requirements for separation of duties since they are run by database administrators, whose activity also must be audited.

The same limitations apply even with complementary solutions such as security information and event management (SIEM) tools. These tools provide an important function by importing and filtering log data from a range of network devices and systems, but they require internal DBMS utilities to be turned on and don’t natively monitor any database activity information on their own.

Guardium for Mainframes overcomes all of the problems inherent with current DBMS utilities by providing full database activity monitoring and efficient processing:

• All database activity is monitored and tracked, including access to sensitive data and unauthorized changes by privileged users.
• Performance impact is minimal because all storage, analysis and reporting of database activity information is efficiently performed off-mainframe, using a high-performance, Linux-based appliance.
• Database activity is monitored in real-time, immediately identifying anomalous behavior and violations to corporate policies and allowing for preventive actions via security alerts and other policy-based actions.

Because Guardium for Mainframes monitors database activity at the DBMS-level, all activity is captured regardless of whether the activity was initiated through a mainframe-resident or networked application or through a database utility. Monitoring can occur by role, such as privileged users, or by application, making it easy to meet auditing requirements.

“Comprehensive mainframe security requires specialized expertise,” said Don Pate, president and CEO of NEON Enterprise Software. “Our Fortune 1000 mainframe customers told us they were looking for a practical solution that addresses the core need to protect critical data, without impacting mainframe performance or increasing their mainframe management burden.”

Tightly-Integrated Architecture for Heterogeneous Environments
Guardium for Mainframes consists of four core components that have been tightly integrated in a distributed architecture:

• Z-TAP^TM, a low-impact monitoring service for z/OS developed by NEON, which resides on the mainframe and tracks all database activities at the database level itself. For example, the service tracks all DB2 queries executed by a CICS application or all database changes implemented by DBAs. Performance impact is minimal because all analysis is performed off-mainframe and the service does not rely on internal DBMS utilities. To further minimize costs, which are tied to MIPS consumed by central processors, the Z-TAP offloads processing to IBM’s specialty co-processors called zIIPs (z Integrated Information Processors).
• Z2000, a high-performance, Linux-based appliance developed by Guardium for efficient, off-mainframe analysis and storage of massive amounts of mainframe audit data. The appliance provides sufficient self-contained capacity for online storage of up to 2-4 billion database transactions, as well as an integrated interface to IBM Tivoli Storage Manager (TSM), EMC Centera and other systems for periodic archiving of audit data in encrypted format.
• The Guardium Security Suite, an integrated family of intuitive, Web-based security and compliance monitoring applications that run on the appliance itself. The suite has continually been refined over the past five years based on ongoing feedback from Big 4 auditors and blue-chip Global 1000 customers worldwide. For example, it includes applications for defining granular access policies, creating baselines to rapidly identify anomalous behavior and common attacks such as SQL injection, correlating unauthorized activities and policy violations, automating compliance reporting and oversight workflows, tracking and managing incidents, and forensic analysis.
• Guardium Enterprise Manager, which provides centralized, cross-platform management of database security policies and a single enterprise-wide view and repository of database audit data - aggregated and normalized across heterogeneous DBMS platforms. With Enterprise Manager and Guardium’s multi-tier architecture, customers can easily scale up to meet the most demanding environments, simply by adding appliances that automatically work together in a federated model, even across multiple data center locations and mixed mainframe and open systems environments.

For UNIX, Linux and Windows, Guardium supports all major DBMS platforms - including IBM DB2 and Informix, Oracle, Microsoft SQL Server, and Sybase ASE and IQ - with its family of S-TAPTM monitoring probes and G2000 appliances. Guardium Enterprise Manager allows customers to easily combine these with Z-TAPs and Z2000 appliances in a single unified solution for heterogeneous environments.

“A large percentage of mission-critical enterprise data resides on mainframes and organizations need an easy way to secure and audit their mainframes without impacting business processes or requiring database changes,” said Jon Oltsik, senior analyst at Enterprise Strategy Group (ESG). “In addition, since virtually all organizations with mainframe environments also have distributed systems, it is critical to reduce costs and complexity with comprehensive solutions that address both mainframe and non-mainframe requirements.”

Availability and Pricing
Guardium for Mainframes will be available to pre-release customers in 90-120 days. The solution will be previewed at the IBM Information on Demand Conference in Las Vegas (Mandalay Bay Convention Center, October 15-17), in Guardium’s booth (#914) and NEON Enterprise Software’s booth (#D7). In addition, Guardium’s CTO, Ron Ben-Natan, Ph.D., and NEON’s Corporate Technologist, Craig S. Mullins, will be delivering technical presentations about the joint solution during the IBM conference. Please contact Guardium for pricing information.

About NEON Enterprise Software
NEON Enterprise Software is the technology leader in mainframe data management software and services. As the rules of business change, our solutions let you efficiently control, protect and manage your data with confidence. Founded in 1995, NEON Enterprise Software serves customers worldwide with its dedicated team of industry experts. For more information about NEON Enterprise Software, visit http://www.neonesoft.com or call 281-491-6366 or 888-338-6366.

About Guardium
Guardium, the database security company, develops the most widely-used solution for database activity monitoring, security and auditing, with a blue-chip customer base that spans organizations in all major geographies and industries. Founded in 2002, Guardium was the first company to address the core data security gap by delivering a practical, appliance-based platform that both protects databases in real-time and automates the entire compliance auditing process.

Guardium’s investors include Cisco Systems and leading venture capital firms. The company has partnerships with Oracle, Microsoft, IBM, Sybase, BMC, EMC and RSA and is a member of IBM’s Data Governance Council.

###

Media Contacts
Corinne Sheehan and Adam Parken
Corporate Ink
617.969.9192

Robin Reddick
NEON Enterprise Software
281.207.4989

Sarah Miller
Pierpont Communications, Inc.
713.627.2223 ext. 1155