Guardium, the database security company, develops the most widely-used network solution for database security and auditing. By securing sensitive corporate information such as financial, customer, and employee data in real-time and automating change controls and compliance reporting. Named "Hot Pick" by Information Security magazine, and "Editor's Choice" by SQL Server magazine, Guardium's SQL Guard family of network appliances continuously monitors and prevents unauthorized access to databases, performing deep packet inspection on all network traffic and detailed SQL linguistic analysis to detect or block specific commands based on policies (with specialized modules for SOX, PCI, Basel II, and data privacy laws).

1. Real-Time Solutions for Safeguarding Databases
Guardium, Inc.
230 Third Avenue
Waltham, MA 02451
USA
Company Confidential www.guardium.com

2. Agenda
• Guardium overview
• Database activity monitoring
– Importance
– It’s all about compliance…or is it?
– Problems Guardium solves
• SQL Guard overview
• Customer Case Study
• Conclusion
2
CONFIDENTIAL

3. Corporate Background
• Founded in 2002
• Rapid customer acceptance
– Top 5 U.S. bank
– Top 10 European financial institution
– Global consumer products manufacturer with 100,000+ employees
– Top 5 independent oil & gas company in N.A. with $10B revenues
– Top 5 individual life insurance direct provider
– Telecommunications, pharmaceuticals, media, retail, government…
• Member of IBM’s prestigious Data Governance Council
• Partnerships: Oracle, IBM, Microsoft, Sybase, EMC, HP
• Recently announced investment by Cisco Systems and other investors
3
CONFIDENTIAL

4. Real-Time, Network-Based Database
Security
Protects sensitive
information
Enforces system access & Automates compliance
change control policies monitoring & reporting
4
CONFIDENTIAL

5. SQL Guard
Networks Applications Databases
5
CONFIDENTIAL

6. SQL Guard
Automatically filters and focuses
Networks Applications Databases
ALL SQL commands
Actual SQL
Fields
Objects
Server IP Verbs
Server port DDL
Server name DML
Client IP DB user name
Client host name Session
SQL patterns DB version
Client OS DB type
MAC Network protocol
Server OS DB protocol
TTL Origin
Origin Timestamp
Source programs DB errors
Failed logins etc.
6
CONFIDENTIAL

7. Scalability for Distributed
Environments
7
CONFIDENTIAL

8. SQL Guard Security Suite
A modular suite of integrated security applications that
makes the impossible practical:
SQL HealthGuard™
SQL PolicyGuard™
SQL AuditGuard™
All without turning on database audit logging!
8
CONFIDENTIAL

9. 9
CONFIDENTIAL

10. 10
CONFIDENTIAL

11. 11
CONFIDENTIAL

12. Case Study: Improving DB
Security for SOX
• WHO: Leading North American energy producer with $10B revenue &
6,000 employees
• NEED: Quickly improve security of financial/ERP databases for SOX
compliance
• ENVIRONMENT: Large number of databases: Oracle, MS-SQL Server
– Running on Sun Solaris & MS Windows servers
• RESULTS: Immediate proactive response to security incidents
– Passing internal and external SOX audits
• “… interactions with the SOX auditors were greatly simplified by
using a purpose-built solution for database activity monitoring and
auditing.”
– Enhanced change controls: Real-time alerting whenever changes to
specific tables are made; identify all users accessing database via
application that only provides generic ID
– Optimized ERP performance by identifying unresolved database errors Commissioned case study
• ROI: “Solid financial return”
– ROI = 55% and payback period = 11 months
12
CONFIDENTIAL

13. Contact Us: Guardium, Inc.
sales@guardium.com 230 Third Avenue
Waltham, MA 02451
USA
T: +1.781.487.9400
F: +1.781.487.7900
www.guardium.com