Loglogic Database Security Manager appliance review
LogLogic’s new database security solution aims to avoid any downtime with its unique vPatches. In this review we find out if it can protect your databases without impacting on your SLAs.
LogLogic’s DSM is priced similarly to most competing database security solutions but stands out with its unique vPatch feature as this does away with the need for expensive downtime when applying patches and updates. It’s also easy to deploy and the sensors have no impact on database performance but if you want base lining you will need to factor in the additional cost of an MX or LX log management appliance.
The appliance automatically picks up new sensors and posts them in its web interface as ready for administrative approval after which they are activated. The DSM console provides a slick dashboard with a couple of traffic lights showing at-a-glance status readouts for all sensors and databases.
Rules watch out for particular database activity and will fire off actions if triggered. These include SNMP traps, syslog, DSM alerts and running scripts or you can muscle dodgy users off the network using brute force TCP resets.
The latter is a last resort and DSM's quarantining feature could be more appropriate. This is a function available in rules where you can block a user for so many minutes while you investigate the reason they triggered an alert. Users won't be aware they are being blocked and you can lift the quarantine when you've finished checking up on them.
Rule creation is aided by wizards where you choose criteria such as user names, database commands, schema, dates or times and assign single or multiple triggers and actions. Rules are then assigned to selected databases and you can use tags which group rules together allowing multiple rules to be applied to a database.
-
This DeepSeek-powered pen testing tool could be a Cobalt Strike successor – and hackers have downloaded it 10,000 times since JulyNews ‘Villager’, a tool developed by a China-based red team project known as Cyberspike, is being used to automate attacks under the guise of penetration testing.
-
NinjaOne expands availability on CrowdStrike MarketplaceNews CrowdStrike Falcon customers now have simplified access to NinjaOne’s automated endpoint management capabilities
-
Oracle is reaping the rewards of OpenAI’s compute power spending spreeNews Blockbuster infrastructure deals have sent Oracle shares skyrocketing
