|
Two-Factor Authentication
Enzo can communicate to CRYPTOCard
and RSA Token Authentication servers to enforce the use
of one-time passwords to Microsoft SQL Server databases.
This technology requires neither client-side nor
server-side agents; Enzo is totally transparent for easy
deployment. More... |
|
Account Aliasing
Enzo offers the ability to alias
database accounts for Microsoft SQL Server databases.
Using this technology users no longer have a valid
account on the database server preventing malicious
users to bypass inline security features. This also
allows corporations to consolidate database accounts and
distribute account administration to remote locations.
|
|
Session Timeout
Enzo will forcefully disconnect
existing database connections if no activity was
recorded. This capability answers key requirements of
HIPAA and PCI. |
|
Case-Sensitive Passwords
Passwords are now case-sensitive
when using an Account Alias for increased security.
|
|
4D Access Control
Enzo provides a four-dimentional
database access control solution that allows
administrators to define unprecedented granular database
access rules. The four dimensions are: User,
Application, Time and Location (who, what, when and
where). All four dimensions have to be valid for a
database connection to be granted. |
|
Oracle and SQL Server 2005
Support
Enzo supports the
latest version of SQL Server and Oracle. Although SQL
Server 2005 includes many security enhancements, Enzo
2005 adds a new level of security that cannot be
otherwise provided. |
|
Performance Counters
Enzo also includes performance
counters that show security violations and overall login
throughput. When installed, these performance counters
offer unique visibility into the performance of your
security system. |
|
Database Proxy
Thanks to Enzo's database proxy
architecture corporations can envision database
consolidation and flexible reconfiguration initiatives
without the need to inventory and modify front-end
application configurations. |
|
Monitoring and Alerts
Enzo automatically posts EventLog
entries when security violations occur. In addition,
Enzo can be configured to send SMTP messages and send
events to a set of SYSLOG servers for centralized
forensic analysis. |
|
Active Directory
Enzo is an Enterprise system. As
such support for Active Directory was introduced as part
of the first release of Enzo for SQL Server.
Administrators can specify database access rules by
network user or group. |
|
Interactive and Service
Modes
Enzo functions as
a Windows service for unattended operations.
Alternatively it is possible to run Enzo in Interactive
mode for a higher degree of visibility of incoming
packets and to monitor live activity. |
|
Automatic Stealth Mode
When unspecified networks attempt
to connect to the database server, it will appear as if
the server does not exist by throwing a native error
message. This makes the database server invisible to
networks that are not supposed to have access. |
|
Variable Access Control
Without Enzo, databases can either
allow or deny access to an account. Enzo introduces the
concept of variable access authorization by location. As
such an account may have full privileges from the
private network but have limited access from the VPN (by
controlling the time window and the authorized
applications) and no access from the DMZ. |
|
M-of-N Access Control
Administration
For large
enterprises where access control management should be
split between multiple administrators, Enzo allows a
unique seperation of duty. With Enzo corporations can
enforce M-of-N Access Control administration simply by
delegating the task of managing Enzo to security
administrators. As such Database Administrators will
keep complete control over data access control while
security administrators will keep complete control over
database access control. |
|
Compliance Concerns
Enzo assists corporations in
meeting specific requirements by providing the strongest
database access control on the market. Also key to
compliance is the ability to trace user activity at the
database level. Enzo enables this requirement by
forwarding the initial credentials and session requests
"as-is" to the database as long as the four dimensions
have been validated (who, what, where and when). In
addition, Enzo shows exception reports that your
auditors will rave about, including the ability to see
all "off-hour" failed logins by MAC address and more.
|
|
ODBC Logging
You may specify an ODBC compliant
database to log events, such as SQL Server, Oracle or
MySQL. These events can be used for custom reporting and
custom alerting. |
|
Enzo Director
This edition of Enzo comes with the
Enzo Director. The Enzo Director is an Enterprise
management console capable of managing a large
deployment of Enzo servers in an Enterprise environment.
The Enzo Director offers many features, such as
configuration backup and restore, reporting,
configuration security and more. |
Features