|
|
 |
|
Differentiating Features
 |
Audit Technology – Quest Software's patent-pending technology is the only one designed specifically for auditing. It can guarantee capture of all database activity regardless of its source, while preventing the database administrators from tempering with it. The technology hooks inside the database engine and is protected from tampering by the operating system. One of the unique features of this technology is that table access is captured regardless of seeing SQL execution, so no matter how tables are accessed (stored procedures, triggers, views, synonyms, etc.) the product will know. The most important part of an auditing solution is the credibility, quality and reliability of the data collection. Quest has made significant investments in this area which separates it from any other vendor. |
|
Repository Technology – Quest's research team has designed a uniquely optimized repository capable of effectively storing all database activity for extensive periods of time. This allows an auditor to go back in time and review activity that was not originally thought of as significant. It also allows forensic investigations to look at the full context of the activity and not only the suspect event. The repository is encrypted with FIPS grade encryption, and contains secured digital signatures as well as other cryptographic means to prevent tampering with the repository. These measures allow proving authenticity of the audit data. |
|
Policies and Profiles – Quest security and auditing experts have devised a revolutionary approach to defining and managing auditing policies. This approach allows creation of a small number of policies that can be applied to many databases of different types and platforms, as well as reducing the number of changes to those policies due to changes in the applications and the organization. The secret lies in the underlying profile management system that allows categorization of assets into various meaningful groups, which is by itself an important aspect of being compliant. We know your time is valuable and so the system also provides aggregations, thresholds, real-time notification, dashboards, reports and more to ensure easy management with maximum automation and the fewest false positives. |
|
Artifact Management – An essential part of an auditing system is the management and retention of auditing artifacts. InTrust for Databases contains an incident management system to keep track of all policy violations. It also contains a ticketing system linked to the incidences that can be used to document the investigation of an incident by storing the approved status closure (i.e., mitigation, remediation or exception). The ticketing approval feature is only a small example of the overall security, cryptography and separation of duties engineered deep into the design, workflow and operation of the product. |
|
|
|
|
|