copyright © imaxsoft corporation 2015. all rights reserved. enterprise security solution imaxsoft...

Copyright © iMaxsoft Corporation 2015. All Rights Reserved.

Enterprise Security SolutioniMaxsoft Corporation

By: Lee Tsai

iMaxsoft Corporation was founded in 1987, Cupertino California [email protected]

(408) 253-1094 (Direct Line)

Page: 1

mailto:[email protected]

Copyright © iMaxsoft Corporation 2015. All Rights Reserved. Page: 2

iMaxsoft and VerticoDATA

• Company was founded in 1987• VerticoData Security Solution has been in production

since 2006• VerticoData is specifically designed for ORACLE database• VerticoData runs on both HP-UX and LINUX• VerticoData customers include banks, retailers,

healthcare service providers, and …• VerticoData partners include BULL, Atos, HP, ORACLE

and …


VerticoDATAWhat is the VerticoDATA’s Main Focus on Enterprise Security?

• VerticoDATA, sensitive data:– Are there malicious programs that access the sensitive data?– Are there un-authorized users that access the sensitive data?– Are there long transactions that collect the sensitive data?

• VerticoDATA, handle attacks:– When the sensitive data was sabotaged, and what?– How did the attack occur, and who?– What should be reported to the press, auditor and OCR?– Is there any damage to the sensitive data, and how to recover and fix them?

• VerticoDATA, security officer and IT:– Monitor and trap any potential hacks and cyber attacks, minimize the risk.– Alert and block any potential hacks and cyber attacks, minimize the damage.


VerticoDATA Architecture and Technology Overview

Production Environment

User ApplicationAmisys Advance

VerticoDATARead and Write Transactions

Monitor Breach Alarm

Report

VerticoData Audit Log



User Identity Customization (WHO)

Amisys Advance HPUX

Micro Focus CobolServer Program and Shared Library

Business Object

Web Client

VerticoDATARead and Write Transactions

Oracle OCI Layer

WHO

WHO

User Identity and Transaction:

• Client-Server Architecture• Persistent or Connect-Less• Transaction Object Header – User

ID Plug-in Rule


• VerticoDATA requires no change to your existing application or database• VerticoDATA runs on your application servers, not on database servers• VerticoDATA core engine can be triggered selectively and dynamically from

user to user, program to program, system to system, and server to server. So batch process on standalone/isolated server, just turn VerticoDATA off for raw performance.

• VerticoDATA core engine can be configured to monitor those unknown malicious programs thru our program figure-print technology.

• VerticoDATA can work in conjunction with ORACLE log miner for speedy database damage rescue.


Seamless Integration and No Performance Degradation


• Performance: you have to pay, just how much?1. Always encrypt those columns that are non index column and non sort column, i.e. credit

card number, SSN, DOB, address line 1 (weak one, you may want to do LIKE on it), and …2. Tablespace datafiles, table rows, and table columns encryption – regardless what ORACLE

says, it is expensive for complex query (join, like, group by, order by, aggregate function, stored procedure, …)

3. Don’t inter-mix database security with OS security, i.e. because someone can dump datafile from OS level, therefore you need to encrypt the entire tablespace. If one can cruising around your file system, your entire system is already toasted.

• Security: choose the best-fit database security strategy.1. Don’t go beyond database domain.2. ‘Where to apply it’ – figure out how many non-standard tunnels that connect to your

database, block them, constraint them, or monitor them?3. ‘implementation efforts’ – application changes? procedure changes? 4. ‘what to accomplish’ – i.e. protect EPHI only and has a clear set of EPHI access policies, any

violations are immediately blocked and reported.

VerticoDATA ORACLE Database Encryption and Protection (1)


• Maintenance:1. Encryption sync – backup database, archived database, data warehouse, and …2. Encryption key(s) management?3. EPHI policies management – how to apply new policies back to those old data … 4. Database structure changes5. Application changes

• Summary:1. If your network traffic is already encrypted and monitored, do you still need database

encryption?2. Intranet or internet? Prevent sabotage from insiders or cyber-attackers?3. ‘What are the must have policies’, i.e. access of (SSN, DOB, NAME, PHONE#, ADDRESS1)

concurrently must be logged, and if more than 30 different rows are accessed concurrently, it must be stopped and trigger an alert.

4. A best security solution should be able to differentiate normal vs. abnormal activities, should be able to catch/block/alert those un-known database processes that are implanted by hackers.

5. Flexibility to integrate into your existing corporate security platform, i.e. sharing the USER ID, and flexibility to interface with your assets management and human resource systems.

VerticoDATA ORACLE Database Encryption and Protection (2)


DEMOwww.dircle.net or www.mdgrep.com

PC/Browser, iPhone, iPad, and Android Phone/PadDEMO login: [email protected]

Call or email Lee (408) 253-1094 for DEMO password

Page: 9

http://www.dircle.net/

http://www.mdgrep.com/


VerticoDATA DEMO Overview – Servers Layout Diagram

Apache, PHP, MySQL, Linux Web Server inMotion Hosting, San Diego, CA

Linux and HP-UX Database ServeriMaxsoft, Cupertino, CA

VerticoDATA DEMO runs onSmartphone, Tablet and Browsers

www.dircle.net orwww.mdgrep.com

SSH Tunnel




VerticoDATA DEMO Hints

1. You must ‘Login’ first, and then click on ‘DBMonitor’ from the top menu.2. DEMO is connected to a live demo Security Vault (San Diego, CA), and a live demo ORACLE database (Cupertino,

CA).3. All modules are fully functional, except a few ORACLE actions that require super-user capability, and the

‘Tablespace/Partition AutoTune’ module.4. If you encounter error:

VerticoDATA Error:Page : _vdsedc_sqlplus_table.phpTrxID: 1001000Error: (SecurityVault), Security Vault server CSF license expired, report this problem immediately!

Which means that our ‘SSH Tunnel’ is not up, you may call 1-408-253-1094 for re-establishing the SSH Tunnel connection, or switch to another test site, www.dircle.net or www.mdgrep.com.

5. Click on ‘DBMonitor’ brings you to a main page which contains a list of servers, and some of the servers may encounter different level of potential security violations, you can click on any of the server for further investigation.

6. In the section of ‘VerticoDATA ORACLE SECURITY MONITOR’, all modules requires no input except ‘Viewer Tracer Document Management’ in which you enter begin data before 2012/01/01 in order to get meaningful data, you may click on document link from the list to view document in safe mode via Google viewer.

7. In the section of ‘VerticoDATA ORACLE PERFORMANCE TOOLSET’,• In module ‘Query Performance Checker’

• Click TableDef green button for a list of owner, click on ‘HMO’ for tables, click on a table link or detail table definition in a popup window.

• Enter ‘select * from HMO.PROVIDER_MASTER;’ for testing performance and query buttons. (You may enter any valid queries in accordance with demo ORACLE schema.)

• In module ‘Tablespace/Partition Manager’• Enter ‘MDM’ for Tablespace Usage analysis.• Enter ‘FACT’ for Partition Usage analysis.• It will popup 2 windows, one is a list of tablespace/partition objects and the other shows each object’s

corresponding details.




Question and Answer

Page: 12

copyright © imaxsoft corporation 2015. all rights reserved. enterprise security solution imaxsoft...

Documents