Engineers within Symantec Corp.’s research and development organization have built a new database security appliance that could eventually lead the Cupertino, California, company into the database security business. The project has been tested by a handful of Symantec customers since September, and the company is expected to decide within the next few months whether to bring it to market.

The unnamed appliance is a pre-configured server that sits on the network and monitors the database traffic, looking for inappropriate queries. "We’re providing Big Brother in a box, if you like, to just keep a gentle eye on people. And if people deviate from their normal patterns, we can flag that," said Gerry Egan, group product manager with Symantec’s Advanced Concepts Group.

The appliance, which has been under development for several years, monitors network traffic using the same underlying "sniffing" engine as Symantec’s Network Security 7100 Series intrusion prevention appliance. But the 15 engineers working on the project have also developed their own software, which then analyzes the database queries.

The current version of the Symantec appliance does not actually block suspicious queries -- it simply monitors and reports on what the database is up to -- but that feature is being considered for a future version of the product, Egan said.

"Our product particularly comes into play where there are valid or authorized users of the database who now start to abuse the privilege," Egan said. The product could be used to detect employee or partner fraud, or to warn database administrators (DBAs) when their applications appear to be acting in a malicious manner.

View: Read more at CSO
News source: CSO

Here are some color variants we've already completed, there is more to come ;)


There are 14 additional comments
Advertisement
Quote this comment Reply to this comment #1 Posted by capeche on 16 Oct 2005 - 09:08
Will Neowin be availing itself of this monitoring system?

(4 replies) Quote this comment Reply to this comment #2 Posted by Raa on 16 Oct 2005 - 10:23
And the point of having this system (legally) would be?
Quote this comment #2.1 Posted by matt74441 on 16 Oct 2005 - 10:50
Well I don't recall the statistics right now, but people waste an incredible amount of time at work doing non-work related stuff on the Internet. I suppose something like this would motivate people to do their work or get the boot.
Quote this comment #2.2 Posted by denzilla on 16 Oct 2005 - 12:41
And yet the world still chugs along......If you rule your workplace with an iron fist, then you end up with an unhappy, low morale workforce that will decrease productivity as well. If your staff like their environment, they're willing to do more for the cause. It tickles me to hear brass talk about "more work, less play" and then stroll by their desktps with solitare in full view. Humans aren't machines and should never be expected to act like them.
Quote this comment #2.3 Posted by nyqos on 16 Oct 2005 - 19:26
it's probably more for particularly eggregious misuse (admit it, you know of at least one or two schmoes that do very little BESIDES surf the internet.) Certainly they understand the idea of a high morale workforce.
Quote this comment #2.4 Posted by 8-n-1 on 18 Oct 2005 - 17:05
So you're going to spend X-thousands of $$ on this monitoring system for "one or two schmoes"?

Anytime a company nonchalantly mentions "Big Brother", as if it's no big deal, people should get nervous.
Quote this comment Reply to this comment #3 Posted by y0sh on 16 Oct 2005 - 10:32
Hmm, they're just feeling threatened.
Quote this comment Reply to this comment #4 Posted by Colin-uk on 16 Oct 2005 - 12:14
just start using a proxy then
Quote this comment Reply to this comment #5 Posted by ObCeeDee on 16 Oct 2005 - 13:12
Big waste of money if you purchase this to keep an eye on your employees if you ask me.. Watching your occassional porn at work really helps reducing stress and stuff, which then of course motivates you for your work
(2 replies) Quote this comment Reply to this comment #6 Posted by leesmithg on 16 Oct 2005 - 14:53
Well 2005 is the last year I will be using symantec products (except Ghost), prices going up, software becoming buggy, don't notice a strain on system resources.

I will however be hunting down a similar firewall and AV solution.

I might be switching to zone labs full suite as I have a key from another PC and the upgrade price is cheap.
Quote this comment #6.1 Posted by SquareSoft0 on 16 Oct 2005 - 18:17
Are you sure about that? Have you tried their corporate line of products yet? If not, you really should.
Quote this comment #6.2 Posted by panacea on 17 Oct 2005 - 21:19
no kidding. anything branded norton is almost garanteed to be crap

symantec corporate antivirus on other hand is amazing. very light on resourses, simple and quick. catches almost everything too
(1 reply) Quote this comment Reply to this comment #7 Posted by memodude on 17 Oct 2005 - 00:03
It doesn't look like this is supposed to monitor web queries - there's already software for that - it's supposed to monitor SQL traffic.
Quote this comment #7.1 Posted by panacea on 17 Oct 2005 - 21:16
EXACTLY.

to everyone above - it has NOTHING with blocking you from using internet at work for personal business.

example use would be to monitor a real estate database to see if people are accessing something they should not, or have a strange access pattern which most like is fraud activities.
[1]

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.


Scroll to the Top
....
My Preferences
....
Communicating with server
Loading
Please Wait...
....
Loading
 X 
....