Home About Services Partners News Events Blogs Products Contact

Highlights

The Identity Theft you prevent with Brother-WatchDog may be your own.  Act now to reduce corporate data risks, achieve PCI and HIPAA compliance, and improve Sarbanes-Oxley internal controls.

Register for a personal
Web Briefing

PDF Literature

Who is accountable now?

SOX, GLBA, HIPAA, PCI, FDA Compliance

Supported Audited Database Server Platforms

IBM DB2 LUW V8.1.7, V8.2, V9+

  • Redhat Enterprise Linux 3
  • Redhat Enterprise Linux 4
  • AIX 5.1, 5.2, 5.3
  • Sun Solaris 8, 9, 10
  • Windows XP, 2003+

Supported Respository Database Server Platforms

* IBM DB2 LUW V8.2.2+, V9+ (required)

  • Redhat Enterprise Linux 3
  • Redhat Enterprise Linux 4
  • Redhat Enterprise Linux 5
  • AIX 5.2, 5.3
  • Windows XP Pro,
    Server 2003

Supported Web Servers

  • BEA WebLogic
  • IBM WebSphere
  • Generally, any Java based web application server. Contact DBI for details.

Also Available

  • Audit Oracle 9i, 10g & 11g Databases
  • Oracle Application Server (OAS)

Other Products

Data Breaches

The Masquerade Party is Over

Ladies and Gentlemen, take off your masks.  The corporate database anonymity party is over.  Brother-WatchDog is taking a bite out of data crimes and corruption worldwide by accurately revealing database user activities to authorized personnel.  What's more, with Brother-WatchDog's robust auditing capabilities, your organization can better achieve PCI compliance, HIPAA compliance, and improve Sarbanes-Oxley internal controls.

No More Hiding

You have Thousands of privileged End Users, Hundreds of privileged Decision Makers, dozens of very privileged administrators, Several Web Application Servers, corporate databases with financial and sensitive data, and somebody - a privileged user - inappropriately tampered with, or accessed, the data, but nobody knows which user is responsible.   

Who did it? Who is accountable?  Brother-WatchDog KnowsSM ... Who, What, Where, When, and How Much.

The Anonymity Problem: Connection Pooling

Today’s web applications enable hundreds or thousands of end users to efficiently connect to application servers.  To ease database security administration and improve application performance, these application servers establish a number of persistent pooled connections to the corporate database under the authority of a single powerful user, such as WEBADM.  In the eyes of the database, all data access and updates are conducted by this single, powerful, userid and the real end user identity is obfuscated by the connection pool.   Network sniffing to trace user activity falls prey to the same insidious problem because WEBADM is the identity that flows across the corporate network.

DBI’s Unique Solution:

Brother-WatchDog provides breakthrough technology for tracking access and updates to corporate database data.  Web application End User identities and locations are captured, exposed, and correlated to their database statement activity thus making it possible to determine:

  • Who initiated data access or updates (Web, Client, Local, and DBA/SYSADM Users)
  • What data was accessed or updated (XQuery or SQL statement texts)
  • Where the activity originated from (IP Address)
  • When the database activity occurred (date and time)
  • How much data was impacted (number of records read, fetched, or written)
  • Whether the access or update succeeded or failed
  • What was the cost of the activity (CPU time used)

Brother-WatchDog does not rely on network sniffing.   Instead, its US Patent Pending technique utilizes:

  1. An unobtrusive Web Server “zap” that captures end user identity and location “fingerprint” information (no application changes are required), and passes this fingerprint into the database via the existing connection pool.
  2. A database agent process receives the fingerprint information and correlates the fingerprint to database statement activity, thus enabling the association of an end user to the statements executed inside the database on their behalf.
  3. Database statement activity with correlated fingerprint identity information is hardened to prevent alteration of records via “tamper evident seals”, and then this information is loaded into Brother-WatchDog’s application repository for scheduled reporting, notifications, and adhoc inquiries.

Brother-WatchDog’s Application Server Repository is built upon IBM DB2 UDB for Linux for performance, scalability, rock-solid reliability, and ease of simple, familiar, autonomic administration.

Key Features

  • Unmasks the identities of corporate data users to make everyone accountable
  • Reveals detailed database activity records for Web End Users, remote database Clients, and Local administrative users
  • Ability to create and schedule periodic reports and notifications
  • Ability to conduct Google®-like ad hoc discovery searches
  • Tamper Evident Seals harden activity data to ensure its accuracy
  • Built on IBM DB2 LUW for reliability, performance, scalability, and ease and familiarity of administration
  • Optionally interfaces with, and exploits, the light weight, low overhead scopes of the db2audit facility to provide an integrated auditing solution.

WHO – WHERE – WHAT – WHEN – HOW MUCH – MYSTERY SOLVED!

Copyright 2010 DBI. All rights reserved.
Sitemap :: Services :: News :: Downloads :: Home :: Privacy :: Legal