FortiDB is the most comprehensive solution to secure databases and applications such as ERP, CRM, SCM and custom applications. It addresses the following requirements:

• Vulnerability management - discovers databases, scans them for vulnerabilities and provides remediation advise
• Database Activity Monitoring (DAM) - identifies suspicions database activities by privileged users or application users, alerts on data theft attempts
• Data Loss Prevention - Continuously monitors all access to Personally Identifiable Data (PID) residing in databases
• Automation of Auditing and Compliance - automates reporting for SOX, PCI, and other regulations
• Change control - keeps track of all changes related to database structures(Data Definition Language -DDL) and users (Data Control Language -DCL)
• Virtualization - supports both virtualized and non-virtualized environments

• Quick deployment and intuitive initial vulnerability reports deliver immediate value and protection.
• Accelerated security and compliance provides best practices for PCI, SOX, GLBA, and HIPAA.
• Automated Policy Updates by FortiGuard Services ensure that customers are up to date with the latest regulatory/industry policies. The product already ships with hundreds of pre-installed rules which cover known exploits, configuration weaknesses, OS issues, operational risks etc.
• Easy deployment of Database Activity Monitoring across hundreds of databases with the help of Centralized Policy management
• Establishes controls for Data Loss Prevention buy monitoring all access to PID in databases. These controls can be further enhanced by the DLP capabilities of FortiGate appliances which can detect/block PID data transfer on the network
• Completeness and accuracy of audit data is ensured by audit which captures all types of database activity from administration events to user activity, regardless of originating command type (plain SQL or stored procedures) or connection type (ex - standard, pooled, or console).
• Flexible audit data collection methods enable users to either utilize the native audit capabilities of databases, or to use agents which does not require the native audit to be turned on
• Independent audit storage provides an additional security layer for audit integrity - including self-auditing of FortiDB itself
• Standardized, exportable audit reports customizable with company branding are designed out-of-the-box to support compliance standards, with graphic trend analysis to spot and isolate patterns
• Integration with Change management s systems is based on the captured DDLs and DCLs, which can be sent via SNMP
• Enterprise Scalability is supported by Web-based centralized management of multiple databases which enables DBAs to quickly identify and react to database security threats; heterogeneous support includes Oracle, DB2, SQL Server, MySQL and Sybase
• Supports flexible deployments including Virtualized and Non-Virtulaized environments. Ensures consistent enterprise-wide policy enforcement, processing tens of millions of audit records from databases per day. No changes are needed in existing network configurations.

The three FortiDB appliances provides scalable database vulnerability assessment, security and compliance solutions for enterprises in a quickly-installed, easily managed package. Vulnerability assessments can be viewed within minutes, following auto-discovery of every database on the network regardless of subnet boundaries. Its centralized web-based management application ensures consistent database security policies across the organization without imposing a high management burden on database and IT staff. In addition, an agentless operation option places no load on database operation and avoids putting any applications at risk.

• FortiDB-2000B - for large enterprises, supporting up to 60 database instances
• FortiDB-1000B - for mid-sized enterprises, supporting up to 30 database instances
• FortiDB-400B - for small-to-medium enterprises, supporting up to 10 database instances

FortiDB Software extends the database security solution to very large enterprises, offering centralized policy management for both Vulnerability Assessment and Database Activity Monitoring for hundreds of databases, licensed per database instance. Platforms the software can be installed on includes AIX, Red Hat Enterprise Linux, Solaris 10, Windows XP/Vista, Windows Server 2003, and Virtualized environments.