RE: Anyone Have Experience With McAfee DB Products?

• From: Scott Canaan <srcdco@xxxxxxx>
• To: Niall Litchfield <niall.litchfield@xxxxxxxxx>
• Date: Tue, 18 Feb 2014 15:19:24 +0000

Actually, it is the same product as McAfee purchased Sentrigo.

Scott Canaan '88 (srcdco@xxxxxxx<mailto:srcdco@xxxxxxx>)
(585) 475-7886 - work                (585) 339-8659 - cell
"Life is like a sewer, what you get out of it depends on what you put into it." 
- Tom Lehrer

From: Niall Litchfield [mailto:niall.litchfield@xxxxxxxxx]
Sent: Tuesday, February 18, 2014 3:05 AM
To: Scott Canaan
Cc: ORACLE-L
Subject: Re: Anyone Have Experience With McAfee DB Products?


Actually now I look at the description "Database Vulnerability Scanner" that 
looks like Sentrigo functionality that we do use and I described below.
On Feb 18, 2014 7:19 AM, "Niall Litchfield" 
<niall.litchfield@xxxxxxxxx<mailto:niall.litchfield@xxxxxxxxx>> wrote:

We use DAM here and I'm pretty happy with it. You will likely find, much as 
anyone who has ever turned on auditing finds, a large number of alerts to start 
with until you get your rules sorted - each *use* of a privilege or potentially 
insecure feature gets flagged - so you probably want to limit access to the 
console to start with.  If you search for Sentrigo Hedgehog you'll no doubt 
find more user reviews and opinion. We don't yet use it against SQL and we 
don't use the other product you mention so I'll not comment on them
On Feb 17, 2014 8:01 PM, "Scott Canaan" <srcdco@xxxxxxx<mailto:srcdco@xxxxxxx>> 
wrote:
Our security office is looking at having the McAfee Database Activity Monitor 
and McAfee Database Vulnerability Scanner installed on all of our Oracle and 
SQL Server databases and servers.  This is not the standalone configuration, 
but the configuration with the ePo server that would collect all of the 
information from each server and database and consolidate the information into 
a standard console that many people would have access to.

Has anyone had any experience with either or both of these products?  If so, do 
you have any concerns about the level of access the user has on the server and 
in the database?

Thank you,

Scott Canaan '88 (srcdco@xxxxxxx<mailto:srcdco@xxxxxxx>)
(585) 475-7886<tel:%28585%29%20475-7886> - work
"Life is like a sewer, what you get out of it depends on what you put into it." 
- Tom Lehrer

• References:
  • Anyone Have Experience With McAfee DB Products?
    • From: Scott Canaan
  • Re: Anyone Have Experience With McAfee DB Products?
    • From: Niall Litchfield
  • Re: Anyone Have Experience With McAfee DB Products?
    • From: Niall Litchfield

Other related posts:

• » Anyone Have Experience With McAfee DB Products?- Scott Canaan
• » Re: Anyone Have Experience With McAfee DB Products?- Niall Litchfield
• » Re: Anyone Have Experience With McAfee DB Products?- Niall Litchfield
• » RE: Anyone Have Experience With McAfee DB Products? - Scott Canaan

1. Home
2. oracle-l
3. Archive
4. 02-2014

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---