Database Security and Compliance for the Enterprise
IRI Chakra Max is a long-proven firewall and DCAP solution for data at risk in 20 popular databases. Chakra Max uses patented, high-performance database activity monitoring / database audit and protection (DAM/DAP) technology to harden your database infrastructure and enhance your broader Data Security Governance capabilities.
Use Chakra Max to:
- control database access for defined users and groups
- approve SQL activity (statement and workflow) using black / white lists
- monitor DB systems with or without having to connect to the DB
- log, report, and dashboard PII access, activity and alert details
- perform selective dynamic data masking (DDM)
- comply with ISO 27001 and ECCI standards for reporting and security
- detect, and protect against, log alteration/forgery
- comply with US and international data privacy laws
How Chakra Max Works
Chakra Max controls DB access through discrete user privileges. For example, you can define and control access rights for application server or DB users who move data to and from the DB, and allow them to perform what you define to be "reasonable" transactions, and block "unreasonable" ones.
Chakra Max uses a 3-tier Web Application Server (WAS) agent to collect packets between the client and DB, and then monitors and controls those packets. Chakra Max identifies each end-user -- and controls their access per policy -- through an agent installed on the web application server. In lower traffic environments, you can also collect packets via DB agent. Either way, there is no need to install a physical tap device or port mirroring switch.
Chakra Max processes work approvals for SQL execution privileges according to the organization's data stewardship policies, and leaves a detailed audit history of what was executed. It can also limit a user's execution time and number of executions. And where a Java-based Web Application Server (WAS) is in place, application user IDs and IP addresses can also be tracked.
Chakra Max monitors DB traffic and user information in real time. Chakra Max picks up the end users' ID details, traffic data, and access control status. It also monitors DB and Chakra Max performance information, as well as capacity details for the audit repository. Chakra Max can issue immediate alerts, block the activity (or the kill the session), and of course record the activity (see below).
Chakra Max dynamically masks PII columns on a per-user basis to prevent unauthorized data exposure during queries. This built-in data redaction feature masks all or parts of the data in a specific table or column analyzed automatically through pattern recognition to be PII (like an SSN or account number). The original plain text is retained in the table, but the ciphertext result is forwarded to the user. Static data masking via IRI FieldShield is available at a discount to Chakra Max or IRI Voracity platform users.
Chakra Max logs all activity to an 'audit hub' or repository, according to the policies the security administrator defines. This includes end user identity and traffic information, access control status, and security policy management history.
You can search the audit data for: user session and SQL information, server protocol session and command execution, approval history, user and administrator work history, unused policy/account data, and SQL summary information. You can also create and print reports in 14 different document formats, including: .csv, .doc, .html, .pdf, .ppt, .txt, and .xls. And, you can tie the data directly into your SIEM/SOC platform in real-time or through files to add database activity information into the broader security control picture.
Chakra Max guarantees integrity of the audit data and your policy management settings by protecting them with encryption and log resource monitoring. Set access controls for the log file(s), schedule back ups, and set alarms for insufficient disk space. Deleted audit data can also be recovered and searched by a DBA after recovery.
Chakra Max achieved CC (Common Criteria) validation at Evaluation Assurance Level 4 (EAL4), and is widely accepted as a secure and stable solution devoid of known industry vulnerabilities.
Chakra Max Configuration Options
Chakra Max audits and controls DB access with no impact on the DB by logging 100% of the audit data in 'sniffing' mode. No agent need be installed at the user or DB level, and there is no impact on any existing business or network environment.
Gateway Mode (Inline + Forwarding)
Chakra Max controls the movement of data into and out of the DB using gateway mode. This mode is thus required for dynamic data masking. Gateway mode works either with or without an installed agent on a user PC/laptop. The mode controls work in SQL units, which allows you to increase security by deploying it across internal development or outsourced work environments. Minor application latency may be involved, but there is no impact on the database server in this mode, either.
HA (High Availability)
Maintain the availability of your DB and access controls by configuring the Chakra Max server in either Active-Active or Active-Standby mode.
Chakra Max has more than 1,000 users across Asia, and is now available directly from IRI and its global network of value-added resellers and expert partners in data-centric security. We are ready to help you set up and support -- or arrange managed hosting for -- your Chakra Max database firewall.
Chakra Max is available from IRI as a standalone solution, or as a bundled option with another IRI Data Protector suite product (like IRI FieldShield for static DB data masking or IRI RowGen for DB test data) or the IRI Voracity total data management platform (which includes them).