 | Data Transport Security– InTrust® for Databases has a highly encrypted communication channel between the data collecting agent and the server. The channel is also fault-tolerant with a buffering scheme that prevents loss of audit data due to network and server outages. | | Separation of duties– InTrust® for Databases integrates separation of duties within its design. Two consoles separate day-to-day tasks from administrative operations. The consoles as well as the internal authentication scheme ensure separation of duties. All communication to the consoles is highly encrypted and each console allows for the proper user workflow of its target audience. |
| Real-Time Policy Enforcement Engine – InTrust® for Databases has a high-performance rule engine designed for processing the huge volumes of activity running through the system. Its profile and policy scheme were uniquely crafted to allow easy definition of cross-database and cross- platform policies, while maintaining the different characteristics of each database. Users can then set real-time alerts for each policy. | | Streamlined Reporting – InTrust® for Databases contains built-in and customizable reports designed to address your compliance needs. For customers who desire flexibility of customized reports beyond what comes with the report builder, InTrust® for Databases also integrates with Microsoft Reporting Services. |
| Integrated Ticketing System –InTrust® for Databases has its own internal ticketing system to preserve an artifact of each incident investigation, and a link back to the offending sessions and SQL statements. The system allows you to see the incidents that occurred, as well as the resulting investigation and conclusion. It is possible to use other ticketing systems and only use the incident storage of the system, but a ticketing workflow engine is available within the product. | | Asset Profiling – InTrust® for Databases encourages customers to catalog their assets, which is an important compliance activity. It then uses this information to drive the policies and rule engines to flag suspicious activity. |
| Versioning – All of the policy and profile information in InTrust® for Databases is never deleted and tamper-proof. The result is a reliable, full-history view of all configurations and changes done in the product. | | Encryption – InTrust® for Databases helps secure your data by offering nine levels of encryption, up to AES 256-bit |
| Forensics – InTrust® for Databases contains a unique feature that allows investigation into database activity and related incidences—as a result you can slice and dice the data to understand and quickly find the needle in the haystack. | | Policies – InTrust® for Databases has a powerful rule engine that automates audit controls by processing all the databases activity and give real time alerts on suspicious activity. It can also go into the past and reprocess historical activity |