www.jSONAR.com • 855.476.6279 • info@jSONAR.com

Database Activity Monitoring (DAM) continues to expand its role in enterprise information security and compliance initiatives as organizations strive to move beyond an audit-centric strategy and more fully leverage the power of DAM monitoring solutions.

Leveraging years of Guardium expertise and next generation Big Data technology, SonarG modernizes Guardium DAM environments in three critical dimensions: 1) Simplifying data collection, management and long term retention, 2) Enabling flexible, self-service data access and enrichment and 3) Delivering security analytics, machine learning and UBA specifically targeted at the database tier.

SonarG dramatically increases the value of your Guardium investment by solving for both sides of the value equation: Reducing infrastructure and operating costs by >25% while increasing the breadth of functionality and benefits available for every DAM deployment. FOCUS ON THE DAM DATA, NOT THE DATA COLLECTION!

OPTIMIZED HW ARCHITECTURE

SonarG eliminates the need for Guardium aggregators by replacing them with a low cost central data store. It also reduces collector storage requirements by 80% along with backup/archive needs. This yields an overall reduction of Guardium HW by >25% and a simplified architecture that dramatically reduces your infrastructure costs while improving functionality and stability.

CENTRALIZED DATA, FLEXIBLE ACCESS

SonarG consolidates >1 year of activity data into a Big Data repository and empowers multiple users to easily access this data via numerous reports, dashboards or commercial tools such as Excel, Tableau, Splunk and many others. Combining Self-Service capabilities with data level access control ensures multiple teams can access relevant data using familiar tools.

ULTRA-FAST QUERYING AND ANALYSIS

Using advanced Big Data NoSQL technologies, SonarG provides immediate and easy access to large Guardium data sets spanning TB’s of data, without waiting hours for batch reports to be available or daily aggregation processes to complete. The integrated high performance query engine provides the horsepower needed to enable both powerful interactive access and sophisticated analytics execution.

POWERFUL ANALYTICS

The SonarG SAGE system delivers out of the box analytics for critical database security and compliance scenarios including Noise Cancellation, Profiling, Trusted Connection Management, User Behavior Analysis and DB360°. All solutions are designed for “unsupervised” operations with minimal configuration, yet can be further customized and extended to additional use cases and even operational metrics.

Optimizing Guardium DB Monitoring with SonarG

SONARG

>1 Year Retention

Data Enrichment

Self-Service Reporting

BI/Tools Integration

Analytics/Forensics

www.jSONAR.com • 855.476.6279 • info@jSONAR.com

EXTENSIVE ENTERPRISE FUNCTIONALITY

Enterprise organizations are continuing to evolve their database security programs in search of expanded coverage, richer context, improved automation and many other capabilities. Achieving compliance is no longer the end goal and SonarG offers a number of integrated applications that help organizations mature their programs and realize increased value from their DB security investments.

Enriching Guardium data via external sources, creating a Database-centric view of security that merges multiple tool feeds, or automatically distributing and managing event level workflows are just a few of the powerful capabilities that SonarG provides.

HOW SONARG WORKS

Using integration developed in collaboration with IBM, data from Guardium collectors are exported hourly using CSV extracts: a fast, proven and preferred data extraction method. This highly efficient method creates a straightforward interface between collectors and SonarG and actually increases the throughput of the collectors due to its performance efficiency and shifting collector processing workload to SonarG. Since data is moved off the collectors hourly , there is no need to consider storing the data on the collector for more than several days, which reduces the storage requirements by over 80% and enables the use of smaller, lower cost virtual machines.

SAGE

SonarG’s integrated Security Analytics Engines provide powerful solutions for automatically and persistently inspecting the entire collection of Guardium data for a variety of security and operational concerns. Rather than trying to manually build and manage a Trusted Connection whitelist, let SAGE identify clusters of users and notify you of new connections.

www.jSONAR.com • 855.476.6279 • info@jSONAR.com

JUSTIFY

SonarG provides a flexible, event-level workflow management system for more efficiently and accurately reconciling results. Instead of attestation of the entire report, SonarG can distribute each entry within the report to “virtual queues” for the relevant stakeholders and progress these events through a customizable workflow. Roles and processes are easily customized and there is no limit to the number of unique flows that can be created. This lets customers apply this capability to a wide range of use cases.

SonarG consolidates data from a variety of database security tools, including DAM, VA, Discovery and Classifier to create a comprehensive security profile of any database. Is it being monitored? What was the latest VA score ? Does it contain sensitive data ? Trend data is easily created to monitor program coverage and effectiveness.

DB360°