jSonar announced the availability of SonarG, a Big Data Warehouse for the IBM Guardium Database Security Market. SonarG is the industry’s first implementation of modern Big Data technology targeted to dramatically streamline and simplify the data collection and analysis of large and growing “data lakes” of IBM Guardium database security activity monitoring data. SonarG is based upon jSonar’s SonarW, an ultra-high performance NoSQL Big Data Analytics Warehouse.
The IBM Guardium database activity monitoring platform is the industry’s leading database security technology. It has been deployed globally at very large enterprises protecting hundreds of thousands of databases. Key challenges at these deployments has been the steadily increasing costs, complexity and data access barriers to massive pools of database activity information. SonarG addresses these key challenges by simplifying data collection, enabling broader data access and delivering high performance data analytics for large, complex data sets.
Simplifying Data Collection
The traditional IBM Guardium database activity monitoring architecture consists of many collectors capturing activity data and feeding this data to an aggregation tier for data consolidation and reporting. SonarG greatly simplifies this collection model by eliminating the aggregation layer and allowing all collectors to communicate directly to a single ultra-high performance data warehouse. In addition to eliminating infrastructure and operational complexity, data collection is reduced from 24 hours to 1 hour along with the ability to easily access a unified repository of database activity spanning a year or more.
Enabling Broader, Flexible Access to Database Activity Data
Typically in IBM Guardium installations, data access and reports are rigidly controlled through Guardium administrators-as a reflection to the sensitivity and control related to audit/compliance usage. However, organizations now require a flexible “self-service” model that enables data to be directly accessible by various stakeholders that include operations, security, compliance, etc. SonarG provides easy and flexible access to any data within its warehouse via a variety of methods that include high value pre-built reports, a custom report builder, a dashboard builder and facilities for publishing the output to other applications. Other important data access capabilities include BI/Visualization tools, REST API, SonarSQL and SonarR. Finally, SonarG enables activity information to be easily accessed via the Splunk UI.
Delivering high performance analytics across large and complex data sets
The IBM Guardium platform presents organizations with huge and growing pools of database activity monitoring data. This valuable raw data provides a tremendous opportunity for organizations to apply rigorous analysis and mining of the data to better understand behavioral profiles and anomalies. SonarG enables data security analytics based upon its large-scale data store, embedded high performance query engine and its flexibility in supporting a wide range of data access methods. Building upon this foundation of scale and analytical performance, SonarG provides a number of critical out-of-the-box analytics engines to minimize the level of effort required to develop powerful and meaningful analysis of large, complex sets of collected data. These engines include,
- Noise Canceling Engine(NCE) – NCE evaluates very large volumes of raw data and reduces these into a much smaller set. Built-in reducers include: Connection Data, Query Data, Exceptions and Policy Violations.
- Profiling Engine(PE) – PE focuses on database connections and is used primarily for implementing Trusted Connection analysis. This engine automatically catalogs all connections and constructs the definition of a whitelist for overseeing secure database access and alerting to new connection attempts.
- Machine Learning Engine(MLE) – MLE learns user behavior and persistently evaluates this behavior to identify anomalies or outliers. This engine automatically defines, oversees and enforces the assessment of every database user’s action against a number of different reference profiles.
With SonarG, enterprises are able to reduce their IBM Guardium hardware footprint by more than 25% while simplifying the data collection process and dramatically increasing scalability to larger data sets.” Said Ron Bennatan, CEO and Co-founder of jSonar and previously CTO and co-founder of Guardium. “The net result is not only a substantial cost savings on infrastructure costs but the implementation of a state of the art Big Data Warehouse that enables a wide variety of users with easy access to all database activity information and high value analytics.”
Sign up for the free insideAI News newsletter.