Trustwave DbProtect Review

An agent-based solution that provides comprehensive security and is easy to configure


What is our primary use case?

We are a reseller of this solution and provide it to our customers. Some of our customers are the banks.

How has it helped my organization?

This solution helps our clients to monitor their database use, and detect violations of the policy. There are three layers in the software and they are all useful. They are:

  • Vulnerability management
  • User management
  • Privileged access management

There are many filters that you can put in place to avoid any data leakage or abuse of your database. All of the features in this solution are really good.

What is most valuable?

The competitive edge is that this is an agent-based solution. We usually provide network-level solutions, but if the server is misplaced or removed then the control is gone. Since this is installed on the server itself, it is safer to use and there is more control over the database.

What needs improvement?

I think that they can do a lot more in terms of being able to control, or enforce policy, on a database. Right now they are really amazing when it comes to monitoring, but for control it is limited. I can see exactly what is going on, but I can't take action. This is true for the competition, as well.

I would like to see more coordination for incident response. We have not been able to integrate this product with a lot of standard incident response solutions, so an open API would help in this regard. Today we have to be able to take action within seconds, and this has to be done through talking to other solutions.

I think that it would also be good if they had a network-based solution because what they have right now is an endpoint-based solution. Adding this would allow them to compete better.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

The stability is good.

What do I think about the scalability of the solution?

We have only worked on smaller projects, and we have never been asked to scale up.

This solution normally has three or four users. We typically give access to the information security department, and they manage it internally. They assign credentials to OPSEC or the application security team, themselves, so we do not deal with more than one department. The customers normally ask for three or four licenses.

How are customer service and technical support?

We rarely have problems with this solution, but when we do then the technical support is great.

If you previously used a different solution, which one did you use and why did you switch?

We have had only one customer that switched to this solution after using IBM Guardium. They made the change because of the complexity. I did not have direct experience with their environment, but the customer claimed that after purchase it took months just to complete the configuration. In the end, it was simply too complicated so they abandoned it.

My experience with IBM products is that they provide a lot of flexibility to the customer, which makes them more complex. This might be good for some people in very large organizations, but for smaller banks, they find that complexity unnecessary.

How was the initial setup?

The initial setup for this solution is amazingly straightforward and simple.

We implement database protection as an isolated requirement for the customer, as opposed to providing it as part of a larger offering. In this context, the average implementation takes a week to two weeks. 

From our side, we only need one certified engineer to attend the site. This person takes cares of the whole project. On the customer's side, we usually need the cooperation of the database team, as well as the information security department. The security officer gives us the credentials required, and the database admin supports the project. Without the support of these roles, the project will fail.

What about the implementation team?

We normally do the installation with the help of a distributor in Dubai. We coordinate with them whenever we need additional engineers. We do have certified people for the product, but just to be on the safe side, we engage the distributor as well as Trustwave. Trustwave has an office in Jordan, which is the closest one.

Generally, we handle the entire installation ourselves, but we do seek help if there are issues at any point. When we have requested help from the distributor or from Trustwave, we have been very happy with them. They are quite dedicated, and we are doing a good job together.

What was our ROI?

I have not discussed ROI with my customers, but they normally renew their licenses so it seems like they are happy with the pricing.

What's my experience with pricing, setup cost, and licensing?

The licensing fees, including support, are approximately $5,000 USD per database, per year. Without support, the licensing fees are half of that, at $2,500 USD per year.

Which other solutions did I evaluate?

We evaluated IBM Guardium, and we chose this solution because it is agent-based, and you don't have to install it at the network level. You can just look at one machine, which provides for better control. Our customers have not been very responsive to it yet.

There are two or three competing products that are active in this region, and Fortinet FortiDB is another one of them that is doing quite well.

What other advice do I have?

The market here is very limited for database protection. For the past five years, we have been pushing it as a "good to have" or "nice to have" solution. However, it is now becoming an essential requirement for protecting our customers' databases.

Our customers have identified the need for database protection, but in our part of the world, it is not yet getting the attention, or budgets, that it requires. In the middle of threats and attacks on the network, people rarely look at the backend solution. They do not see the database as a "threatened" component.

We are happy with the product overall, including its features and support. Unfortunately, our market here is not quite ready for it, but we are looking for it to pick up in the near future.

Trustwave is not as visible in this region as IBM or other competing products, which is one of the issues that we have in selling the solution. At the same time, it is a good product and it is still a market leader. Overall, we don't see many problems.

My advice for anybody interested in implementing this solution is to do a POC. It is easy and not risky. Since it is something that is installed on the database server itself, it may be necessary to use a test server. In our experience, however, it is generally safe and we haven't seen any issues with it.

Overall, I'm happy with the product but it is not yet perfect.

I would rate this solution an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Add a Comment
Guest
Sign Up with Email