IRI Chakra Max™ is proven, high-performance data-centric audit and protection (DCAP) software for protecting personally identifiable information (PII) in both commercial and open source databases (DBs). Chakra Max can complement content-aware Data Loss Prevention (DLP) solutions like IRI FieldShield, and replace slower, costlier megavendor DAM/DAP tools.
- Control, monitor, and log all accesses and executions for 20 on-premise and cloud databases
- Improve operational efficiency and time-to-value by minimizing or precluding impact on DB performance
- Find and handle over-authorized or dormant users, and regularize your rights review cycle
- Define, block, mask, and log sensitive columns or objects by pattern (and discover/classify them free in IRI Workbench)
- Protect and audit DW-relational, ELT-appliance, and mainframe databases consistently and simultaneously
- Spot, stop, isolate -- and send detailed alerts about -- attacks and unauthorized activities in real time
- Speed incident responses with dashboard analytics and advanced audit log search capability
- Leverage high-availability gateway clustering to scale protection operations rapidly and reliably
- Custom-search rich activity logs and custom-define audit reports to revisit security policies and verify compliance
- Export any alert or log data to SIEM tools like Splunk ES, IBM QRadar, etc. to support SOC-team vigilance and response
Choose between multiple connection modes (sniffing, gateway, and high-availability) to speed deployment without impacting your database(s); installed agents are optional. With multiple deployment methods to choose from, enterprises using Chakra Max can affordably address several different needs at once.
Manage everything from a browser, thick client, or the IRI Workbench GUI for Voracity -- IRI's total data management platform (built on Eclipse™) for enterprise data discovery, integration, migration, governance, and analytics.
IRI also supports the provisioning of protection services through Chakra Max (and IRI FieldShield) API libraries, which you can seamlessly embed into, and distribute with, your software. You can also share and change-track your job configuration and policy definitions in Chakra Max, and your post-discovery data class libraries (in Voracity). The automatic, consistent deployment of these settings and policies across multiple database instances means much faster time-to-implementation and more consistent data governance.
Chakra Max supports customers whose databases are in the cloud, on-premise, or deployed in a hybrid model. Chakra Max runs in both Amazon Web Services (AWS) and Microsoft Azure, and can be hosted to provide managed DCAP services where qualified staff are responsible for, and thus dedicated to, your data's security. This removes the burden of security from constrained internal resources, and concerns about inexperienced teams.
All Chakra Max users have complete access to the IRI Workbench GUI for Voracity, which includes profiling facilities that actively or passively scan and classify sensitive data in all your databases (and flat-file sources) with pattern- or fuzzy-matching logic, plus string and lookup value searches. This is the first step in helping you detect vulnerabilities and assess compliance with industry data handling standards and privacy laws.
Use the profiling reports and class libraries to organize your access, SQL approval and dynamic data masking policies in Chakra Max, and to apply static data masking rules for IRI FieldShield. You can use these same facilities to scope additional security and compliance projects, and to prioritize risk reduction efforts in the larger data governance context.
Chakra Max outperforms the top two competitors in the database DCAP(DAM/DAP) market in high-transaction-volume environments. Patented sniffing and in-memory database technology in Chakra Max monitors up to 3x -- and audits up to 9X -- the number of SQL transactions each second that they can. Even in heavy traffic, you can control hundreds of DB instances for security policy violations, but block and audit only what is necessary for protection and compliance. This sophisticated "multi-channel approach" allows you to monitor more sources than any other solution, without having to evaluate audit logs for policy violations, monitor less traffic, use appliances, etc.
Beyond monitoring and analyzing all DB activity in real time -- to take a proactive security and enforcement stance -- see the "who, what, when, where, and how" of every transaction in the audit trial. Chakra Max logs the configurations and activities of privileged users with direct access to the DB server, and those with browser, mobile, or desktop application access.
Address the compliance requirement for role based access controls (RBAC), manage login rights, and dynamically mask sensitive data automatically across multiple DB instances and large data sets at once. Chakra Max allows you to configure the login, execution, and the rights to see certain values, by user, or defined duty (role), location, etc. -- and to aggregate those rights across disparate data stores.
Chakra Max configuration views make it easy to create an automatic review cycle to cull excess user rights and dormant accounts, and demonstrate compliance with HIPAA, SOX and PCI DSS. Centralizing and automating these essential tasks reduces labor costs, reporting gaps, and data breach risks.
Rather than tax your DBAs' time, or rely on costly compliance assessment experts, Chakra Max and Voracity allow you to centrally manage thousands of databases, big data nodes, and files, to find and protect the sensitive information they contain. Centralized policy setting and enforcement, plus detailed after-action reports, preclude the need for custom programs, SQL procedures, and compliance consultants.
By eliminating ongoing DBA involvement in compliance, you also satisfy the requirement for separation of duties. Chakra Max workflows, reporting and analytic tools, management console, and process APIs, allow your current staff to configure and maintain everything required for compliance.
Define administrative policies to fine-tune the monitoring and control of queries and dynamic views (e.g., via full or partial masking of values) of column data. White list the data regularly accessed by individual accounts through activity profiles you can build for each account based on including DML, DDL, DCL, read-only activity (SELECTs), and stored procedure reviews. Stop profiled accounts from accessing data objects that are not in their white list.
Send alerts, establish quarantines, and block unauthorized activity to protect data without disabling the account. This "qualified control" allows permitted business processes to continue. Automated security alerts can go to email, SMS, or other targets to facilitate incident response.
Protect enterprise data from misuse by masking it dynamically in Chakra Max (or statically with IRI FieldShield ahead of time). Chakra Max can automatically redact (string-mask) full or partial column values in motion for all but authorized users, while retaining plain text in the source. Or, use FieldShield to create target tables, views, and files masked with multiple functions, including pseudonymization and format-preserving encryption.
Blocking attacks as they happen is another way to prevent hackers from accessing critical data. Chakra Max monitors all traffic for security policy violations and stops attacks on the protocol and OS level, as well as unauthorized SQL activity. The highly efficient monitoring can quarantine activity pending user rights verification, or block the activity without disrupting business by disabling the entire account.
Chakra Max users can block activity either at the DB agent or network level, and thus find the right balance between DB security and performance. Send immediate alerts to the right people based on specific event conditions you define.
Chakra Max supports the monitoring, logging, and analysis of all connection and SQL activity -- in traffic as heavy as 10K statements/second -- including statements over 1500 bytes AND even the return row data! It logs the commands and results sets from connection sessions over telnet, FTP, Rlogin, Rcmd, SSH, and SFTP. This uniquely granular monitoring and logging of database AND server activity allows you to save (or exclude) anything you can monitor in real time at the IP, application, SQL object, and connection level, so you can learn everything that is going on and close the gaps.
Query the logs, save your searches, and print reports in 40 pre-configured styles, in 14 different output formats, for any defined data within specified date and time ranges. Report on SQL statistics based on command text, and analyze activity trends in each database. Even search for changes you made to your control policies, and see the activity history before and after these changes were made.
Chakra Max audit logs of connection and SQL execution (and result) history are saved in daily log files, which get encrypted, compressed, and backed up automatically. Backup activity and resources on the (optionally separate) audit server are monitored to assure scheduled backups perform normally. Restoration to their query-ready state is even possible after deletion.
- Oracle (including ASO and SSL)
- Oracle Exadata
- Microsoft SQL Server
- IBM DB2(on LUW, z/OS, and DB2/400)
- IBM Informix
- IBM Netezza
- SAP Sybase IQ / ASE
- SAP HANA
- MySQL / MariaDB
- PostgreSQL/ Greenplum
- Fujitsu Symfoware
- Sun DB
- Amazon Aurora, Redshift
- Unix (Telnet, Rlogin, Rcommand, (s)ftp, SSH)
- Mainframe (TN3270, TN5250)
- Windows Terminal
- Amazon Web Services
- Microsoft Azure
- IBM Softlayer
- Network: Non-inline sniffer, transparent bridge
- Host: Lightweight agents (local or global mode)
- Agentless collection of 3rd party database audit logs
- Network monitoring - Zero impact on monitored servers
- Agent-based monitoring - 1-4% CPU resources
- Client-Server SSL
- Comand Line Interface (SSH/Console)
Database Audit Details
- SQL operation (raw or parsed)
- SQL response (raw or parsed)
- Database, Schema, and Object
- Source IP, OS, application
- Parameters used
- Stored procedures
- All privileged activity, DDL and DCL
- Schema Changes (CREATE, DROP, ALTER)
- Creation and modification of accounts, roles, and privileges (GRANT, REVOKE)
Access to Sensitive Data
- Successful and failed SELECTs
- All data changes
- Failed logins, connection errors, SQL errors
- INSERTs, UPDATEs, DELETEs(DML activity)
- Creation, Modification, Execution
Tamper-Proof Audit Trail
- Audit trail stored in tamper-proof repository
- Operation encryption or digitally signing of audit data
- Role-Based Access Controls to view audit data (read-only)
- Real-time visibility of audit data
- Unauthorized activity on sensitive data
- Abnormal activity hours and source
- Unexpected user activity
Data Leak Identification
- Requests for classified data
- Unauthorized/abnormal data extraction
- Dynamic Profile (White List security)
- Protocol Validation (SQL & protocol validation)
- Real-time alerts
- Dynamic data masking
- Custom followed action
- Integrated graphical reporting
- Real-time dashboard
- Automated discovery of database servers
Data Discovery and Classification
- Database servers
- Financial information
- Credit card numbers
- Personally identifiable information
- Custom data types
User Rights Management (add-on option)
- Audit user rights over database objects
- Validate excessive rights over sensitive data
- Identify dormant accounts
- Track changes to user rights
- Operating system vulnerabilities
- Database vulnerabilities
- Configuration flaws
- Risk scoring & mitigation