Database audit is deployed in a bypass disposition pattern. It records user access to the database in real time, generates fine-grained audit reports for compliance management, and sends real-time alarms for risk operations and attack behaviors.
Users can set data reduction rules to detect data operation on specific database tables from unauthorized users, IP addresses,or applications. When the amount of operated data exceeds the specified threshold, HexaTier alerts administrators and records this event in a data reduction log to protect user data from leakage.
Pre-configured characters are used to partly or fully replace sensitive data based on masking rules.
Database Security Service (DBSS) provides functions such as database protection and database audit to fully protect your databases and assets on the cloud.
Deployed as a reverse proxy between an application server and a database, database protection provides you with database protection functions such as database firewall and dynamic data masking.
Based on a user's permissions and a policy, sensitive or personal data is dynamically masked in real time, without the need to modify the database or application (stored procedures and views can also be masked).
An intrusion detection system (IDS) monitors network transmissions in real time and sends alarms when it detects suspicious transmissions.
An intrusion prevention system (IPS) is used between a firewall and a network device. When detecting an attack, the IPS stops the malicious communication before the attack spreads in the network.
Learning mode is the process of analyzing applications' access to databases, establishing a baseline for typical database access patterns, and creating a security policy from those patterns.
Based on TCP/IP, the Lightweight Directory Access Protocol (LDAP) is a protocol that allows access to the Directory System Agent (DSA). LDAP involves some simplified functions of X.500.
The regular expression is a simple and flexible method to specify and identify text character strings (for example, certain characters, words, or character modes). A regex mode is an object containing the following fields: name and regex-defined character string.
Risk profiles are action groups configured for risky operations. Different actions (allowing and blocking) are configured for different operations (such as viewing, modifying, creating, deleting, and running) on objects such as servers, databases, and service blocks. In addition, whether or not the action is logged is also configured. You can use risk profiles to create risk-based IPS/IDS policies.
In computer networks, a reverse proxy is a type of proxy server that retrieves resources on behalf of a client from one or more servers. These resources are then returned to the client, appearing as if they originated from the proxy server itself. Unlike a forward proxy, which is an intermediary for its associated clients to contact any server, a reverse proxy is an intermediary for its associated servers to be contacted by any client.
Thank you for your score！Your feedback would help us improve the website.