News
  • Breaking news
  • General news
  • Business
  • Sports
  • Outlook
  • Muse
  • Brunch
  • Spectrum
  • My Life
  • Database
  • Horizons
  • Motoring
  • Real Time
  • Perspective
  • Asia Focus
  • Education
  • Gadget news
    • Web Services
  • Forum
  • E-Paper
  • Easy English
  • Read Thai news
  • Frontpage print
  • The Magazine
  • Allied printers
  • Horoscope
  • Teen interest
  • Funny VDO
  • Travel votes
  • Find jobs
  • Archives
  • Back issues
  • Hotel
        reservations
  • Post weather
  • Weather forecast
    • Classified
  • Autos
  • Education
  • Property
  • Sales & Service
  • Announcement / Investment
  • Entertainment
  • Tours and accommodations
    • Advertising
  • Media kit online
    • Subscribe Now!
    Contact
  • Webmaster
  • Advertising
    • Post Publishing annual report
    Database >> Wednesday November 05, 2008
     
    SECURITY

    Fortinet offers full protection

    DON SAMBANDARAKSA

    Security appliance vendor Fortinet has launched FortiDB, a device that takes security monitoring beyond the network level and to the application level, in this case monitoring high-level SQL database queries for attacks or breaches of compliance.

    Fortinet Southeast Asia sales director Benjamin Teh explained how the company was playing in the high growth unified threat management (UTM) area while the traditional firewall VPN (virtual private network) market was forecast to decline over the coming years. Many firewall companies are trying to move to UTM space, as are many IDS/IPS (intrusion detection system/intrusion prevention system) players. However, Teh said that because Fortinet was based on home-grown technology, strong research and development of core and custom Asics (application specific integrated circuits), nobody else in the industry was comparable, as others simply partnered with software solutions in a way that could not scale.

    IPS used to work well before blended threats came about. For instance, spam is today no longer a nuisance but often a security attack. An annoying email, that in itself is safe and does not set off any alarms, uses social engineering to get a user to click on an external link. This means the user is the one initiating the port 80 (HTTP or web browsing) connection from inside the firewall, rather than the attacker coming in from the outside. But it could be banned if the site the user is navigating to is known to be a cesspool of malware. Only UTM solutions that combine anti-virus, IPS, content-aware firewall, VPN, anti-spam and anti-spyware can detect and protect against such threats.

    The threat surface is growing with instant messaging, unified communications, VoIP and so on. If you just buy another device to plug into your network, that is not going to be scalable. You hear things such as XML firewalls and VoIP firewalls, he said.

    Security consolidation is about reducing the number of vendors and appliances and doing security in a smarter way. For clients who fear a single point of failure, Teh says that putting individual firewalls in-line means multiple points of failure, any of which can cripple an organisation.

    One change in recent years is that corporations are not just securing the perimeter of the organisation that faces the Web. With more sophisticated intranets, companies need UTM on the inside and in this segment, performance is a key concern. It is here, as well as in the telco space, that Teh says that Fortinet's custom Asics and new line of high-end devices with more gigabit ports come into play.

    The FortiDB is the result of the acquisition of IPLocks, whose products address application and database vulnerabilities and security. It protects databases by probing them for vulnerabilities and checking that the latest patches are applied. It can alert if there is unusual access or rule violations. It checks for compliance issues for PCI, Sarbanes-Oxley, HIPAA or any other local laws.

    Above that it provides an audit trail, so that if something does happen, the culprit can be pinpointed more easily.

    Often, the attacks come from the inside, for example a database administrator abusing his power to steal confidential information. FortiDB makes it possible to watch these watchers and make sure that they do not abuse their administrator privileges.

    While the Thai cyber crime law calls for access logs, Teh said that what administrators really want is a log that includes firewall logs, anti-virus logs, anti-spam logs right through to database access logs and does so via a single interface, here called the FortiAnalyser.

    The first phase after installing FortiDB would be running it in vulnerability assessment mode. It can scan not just 30 or 40, but thousands of databases to check if all the latest patches are installed and if they have been set up with the correct settings for compliance. Today, this is mostly done manually with the database administrator running scripts to check.

    The next phase is monitoring. Listening to high level database requests and reporting any anomalies. FortiDB has a lot of templates for normal behaviour across various industries, databases (IBM DB2, Oracle, SyBase and Microsoft SQL Server) and applications (CRM, financials, ERP).

    Teh stresses that unlike the competition's products, FortiDB does not run an agent on the database server, an idea that makes many administrators cringe, but simply listens and alerts administrators if it believes something is wrong - it cannot stop a query.

    In Thailand, Fortinet is launching FortiDB through system integrator Datacraft and is aiming at the government, financial services and enterprise markets.

    Prev 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 Next










    © Copyright The Post Publishing Public Co., Ltd. 1996-2008
    Privacy Policy
    Comments to: Webmaster
    Advertising enquiries to: Internet Marketing
    Printed display ad enquiries to: Display Ads
    Full contact details: Contact us / Bangkok Post map