Re: Anyone Have Experience With McAfee DB Products?
Date: Tue, 18 Feb 2014 07:19:04 +0000
Message-ID: <CABe10sa64_fn+fHpCasAqaZSV2JGEchk12z1OgRB6FM-7400UQ_at_mail.gmail.com>
We use DAM here and I'm pretty happy with it. You will likely find, much as anyone who has ever turned on auditing finds, a large number of alerts to start with until you get your rules sorted - each *use* of a privilege or potentially insecure feature gets flagged - so you probably want to limit access to the console to start with. If you search for Sentrigo Hedgehog you'll no doubt find more user reviews and opinion. We don't yet use it against SQL and we don't use the other product you mention so I'll not comment on them
On Feb 17, 2014 8:01 PM, "Scott Canaan" <srcdco_at_rit.edu> wrote:
> Our security office is looking at having the McAfee Database Activity
> Monitor and McAfee Database Vulnerability Scanner installed on all of our
> Oracle and SQL Server databases and servers. This is not the standalone
> configuration, but the configuration with the ePo server that would collect
> all of the information from each server and database and consolidate the
> information into a standard console that many people would have access to.
>
>
>
> Has anyone had any experience with either or both of these products? If
> so, do you have any concerns about the level of access the user has on the
> server and in the database?
>
>
>
> Thank you,
>
>
>
> Scott Canaan '88 (srcdco_at_rit.edu)
>
> (585) 475-7886 - work
>
> "Life is like a sewer, what you get out of it depends on what you put into
> it." - Tom Lehrer
>
>
>
-- http://www.freelists.org/webpage/oracle-lReceived on Tue Feb 18 2014 - 08:19:04 CET