|
Account Aliasing
Enzo offers the ability to alias
database accounts for Microsoft SQL Server databases.
Using this technology users no longer have a valid
account on the database server preventing malicious
users to bypass inline security features. This also
allows corporations to consolidate database accounts and
distribute account administration to remote locations.
|
|
Session Timeout
Enzo will forcefully disconnect
existing database connections if no activity was
recorded. This capability answers key requirements of
HIPAA and PCI. |
|
Case-Sensitive Passwords
Passwords are now case-sensitive
when using an Account Alias for increased security.
|
|
4D Access Control
Enzo provides a four-dimentional
database access control solution that allows
administrators to define unprecedented granular database
access rules. As explained above the four dimensions
are: User, Location, Time and Application (who, what,
when and where). All four dimensions have to be valid
for a database connection to be granted. |
|
Oracle and SQL Server 2005
Support
Enzo supports the
latest version of SQL Server and Oracle. Although SQL
Server 2005 includes many security enhancements, Enzo
2005 adds a new level of security that cannot be
otherwise provided. |
|
Performance Counters
Enzo also includes performance
counters that show security violations and overall login
throughput. These performance counters offer unique
visibility into the performance of your security system.
|
|
Database Proxy
Thanks to Enzo's database proxy
architecture corporations can envision database
consolidation and flexible reconfiguration initiatives
without the need to inventory and modify front-end
application configurations. |
|
Monitoring
Enzo automatically posts EventLog
entries when security violations occur. |
|
Active Directory
Enzo supports Active Directory for
SQL Server. Administrators can specify database access
rules by network user or group. |
|
Automatic Stealth Mode
When unspecified networks attempt
to connect to the database server, it will appear as if
the server does not exist by throwing a native error
message. This makes the database server invisible to
networks that are not supposed to have access. |
|
Variable Access Control
Without Enzo, databases can either
allow or deny access to an account. Enzo introduces the
concept of variable access authorization by location. As
such an account may have full privileges from the
private network but have limited access from the VPN (by
controlling the time window and the authorized
applications) and no access from the DMZ. |
|
M-of-N Access Control
Administration
For large
enterprises where access control management should be
split between multiple administrators, Enzo allows a
unique seperation of duty. With Enzo corporations can
enforce M-of-N Access Control administration simply by
delegating the task of managing Enzo to security
administrators. As such Database Administrators will
keep complete control over data access control while
security administrators will keep complete control over
database access control. |
|
Compliance Concerns
Enzo assists corporations in
meeting specific requirements by providing the strongest
database access control on the market. Also key to
compliance is the ability to trace user activity at the
database level. Enzo enables this requirement by
forwarding the initial credentials and session requests
"as-is" to the database as long as the four dimensions
have been validated (who, what, when and where).
|
Features