Lumigent Audit DB
March 01, 2007
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: A unique tool to assess and monitor the security of critical databases
- Weaknesses: The product is confusing for non-database administrators
- Verdict: There are very few quality options to provide this level of security to most organisations most valuable asset. This is one of them
For years vulnerability assessment and penetration tests have been less than effective at testing the security internal to a database. The Lumigent Audit DB product changes that. It is composed of two parts, the assessment module and the activity-monitoring module. Both will work with Microsoft SQL server or an Oracle database.
The audit module creates a central configuration database that stores the metadata about the environment that is used to create the encrypted repository. The repository is another database that holds the audit information about the production database.
The activity-monitoring module allows an administrator to define actions that will create an alert. These warnings can be set for accessing critical tables or if there is a conflict of interest when the user tries to access two tables simultaneously. All activities are logged with the activity monitor and reports can be generated and viewed through a web-based interface.
The Lumigent Audit DB product was a bit difficult to install, especially for the non-database administrator. The steps that were outlined in the printed installation guide differed from those actually needed to install the software.
The dialog boxes offered little information as to what information was required for the installation, so we often had to return to the printed manual and the included PDFs to attempt to find the correct answer for the dialog box.
There are several PDFs included on the installation CDs. The main one is the user guide. As we were working with the product, we often wished that the PDF had an index and table to speed up searching.
Lumigent offers the most common types of support, through phone, email and online. The company's website does not include a knowledge base or frequently-asked-questions section, but there is a mechanism for submitting an online support ticket.
Since the Lumigent Audit DB was a slightly different product than the other candidates in this review it would not be fair to compare its price against the other products. While this application is a more expensive option than a desktop policy enforcement product, the value of the data which it protects is also significantly greater.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Cyber-security must reflect risk not just regulation
- Met Police grab suspect with phone unlocked to get hold of data
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report