GreenSQL Brings Enterprise Edition To Database Activity Monitoring Market

GreenSQL has introduced an enterprise edition of its database activity monitoring (DAM)/database firewall product, as it looks to compete beyond its initial SMB/SME target market. The new release features data masking and high availability, in addition to other features available in the GreenSQL Pro product, including reporting, auditing, user rights management and support for multiple database instances.

DAM/DB firewall products, which are typically deployed on the network or, in some cases, on the database server itself, monitor and analyze traffic to flag and, depending on policy, block anomalous queries that may indicate an attack or unauthorized use. This might include, for example, an administrator accessing credit card numbers or a sales rep making queries on an HR database. These products will also watch for familiar attacks, such as SQL injection.

Companies are showing a great deal of interest in deploying DAM products or expanding their use, says Adrian Lane, analyst and CTO for Securosis.

"It’s definitely an untapped market," he says. "A lot of companies who originally had deployed on just an internal financial database or some production servers for activity monitoring are pushing across most of the organization."

As software, GreenSQL can be deployed on premise or in cloud infrastructures. It sits inline in front of the database as a reverse proxy and therefore is able to perform caching to improve performance and limit access to the database itself by policy.

"High-performance caching is a differentiator," says Lane. "They are able to do blocking and return results very, very fast." GreenSQL’s aggressive pricing should also help in the midmarket and in making inroads into the enterprise.

In addition to performance advantages, the reverse proxy allows GreenSQL companies to restrict access to sensitive information on the database itself to authorized users. Routine queries to other data can be served up by the cache. The cache also helps with data masking. While theinitial masking is typically performed by changing the query in some way initially, the masked data can sit on the cache for subsequent queries, relieving the database of the repeated burden.GreenSQL emphasizes ease of use, which is particularly important for the midmarket and what the company refers to as "SMB in the enterprise," for selected deployments within larger organizations.

However, it offers highly flexible policy and rule formulation, which can be table- or even column-based. Policies and rules can be set by group or by user, although integration with Active Directory and other directories is still on the company’s near-term roadmap.

GreenSQL is a recent entry into a fairly mature market, which has been driven heavily by compliance with regulations such as Payment Card Industry Data Security Standard (PCI DSS) and Sarbanes-Oxley. Advanced reporting and auditing are therefore essential features. There has been significant consolidation: Fortinetbought IPLocks; IBM acquired Guardium; McAfee acquired Sentrigo, NitroSecurity bought RippleTech; and Oracle bought Secerno. Independent vendors include Application Security, Imperva, Lumigent and NitroSecurity.

GreenSQL was introduced in 2007 as an open source project to secure MySQL and, later, PostgreSQL databases. The commercial products, however, were built from the ground up without any of the open source code when the company secured initial funding in 2009, according to David Maman, GreenSQL CTO. GreenSQL is a small (20 person) Israeli company, which sells via Internet downloads and through channel resellers.

The commercial products support MySQL, PostgreSQL and Microsoft SQL Server. Oracle support will be added later this year. Lane is skeptical that many MySQL and PostgreSQL users will pay for database security, however.

"If they really need security, they will look at the open source version," he said. "How many are willing to pay? I’m not sure it would be a lot. They tend to do things on their own, tend to be really organic and don’t tend to have a lot of budget because they are developers."

The standard edition of GreenSQL costs $1,800; the pro edition costs $3,997, and the enterprise edition costs $10,990.

See more on this topic by subscribing to Network Computing Pro Reports Database Defenses (subscription required).