Database Audit System

Product Service

Special Topics in Security

Security Research

About Us

About Topsec

China's leading cyber security, big data and cloud service provider

Learn about Topsec

Company Profile

Contact Us

Zero Trust

Build a dual system security framework of zero trust inference and trusted inference.

Database Audit System Overview

Topsec Database Audit System, or TA-DB for short, is a cyber security product built on a multi-core high-performance hardware platform and a next-generation operating system. This product provides accurate data analysis for more than 30 types of databases, such as relational database, China-made database, NoSQL database, and object-oriented database. Featuring bypass deployment, leading technology, and comprehensive qualifications, the system has been applied to various sectors such as government, energy, telecommunications, and military industry. It provides an optimal solution and best suited technical measures to regulate database operations in compliance with requirements of auditing authorities.

Activity & Announcement

Hot products Next Generation Firewall
Typical cases CNCC security construction project

Advantages

Comprehensive auditing

TA-DB uses protocol analysis technology to accurately identify and audit more than 30 types of databases, including mainstream databases, relational database, China-made database, NoSQL database, and object-oriented database, leading the industry in terms of database protocols supported.

Visible data

TA-DB has a data trajectory model with data assets as the core and data transfer paths as trajectories. This model shows data trajectories clearly to facilitate instance detection, asset control, and risk assessment. Based on audited SQL data, TA-DB detects active instances in real time, and identifies unknown instances with potential threats. It obtains real-time health status of data assets and assesses security risks in these assets based on the security model.

Quick retrieval

TA-DB optimizes the underlying data structure based on a high-efficiency retrieval algorithm developed by Topsec, and uses front-end asynchronous page loading technology to support user-defined queries in multiple dimensions. It retrieves data instantly upon a query request and displays the query result quickly on the web page. Retrieval among tens of millions of data records can be completed in several seconds.

Detailed records

The system restores database access behaviors in real time and traces back the whole process of each database security incident based on collected traffic data, helping the customer monitor various database operations. In addition, it provides comprehensive risk monitoring for databases through deep mining and intelligent analysis of traffic data.

Application

Scenario

Bypass deployment is the most commonly used deployment mode. The audit system can be used after it is connected to the mirroring port of a switch.

Issues Resolved

Core data assets can be supervised and audited effectively.
Trajectories of core data are displayed clearly.
The cybersecurity supervision capability of the network operator is improved greatly.

Scenario

In cascading deployment, each TA-DB device runs independently to audit network data of its own. The upstream device can deliver policies to the downstream device and check analysis results on the downstream device.

Issues Resolved

This deployment is suitable for the customer's network structure and addresses the customer's need for hierarchical database control and auditing.

Scenario

Distributed deployment allows multiple TA-DB devices to share the audit load from all databases on the network, and employs a high-performance centralized management center to facilitate centralized monitoring. This deployment mitigates the pressure on each TA-DB device. The management center delivers policies to the TA-DB devices and processes data queries for users.

Issues Resolved

The proxy nodes can send audit events to the management center or store the incidents locally, depending on the configuration made by the customer. Regardless of where audit events are stored, administrators can query audit events of each proxy node and view analysis results on web pages of the management center.

Value to Customers

Flexible deployment for security compliance

Single-node deployment, cascading deployment, or cloud deployment can be implemented in bypass mode without changing the current network structure, enabling the customer to meet requirements of level-based security regulations easily.

Improved supervision capability

All database access behaviors and operation results are displayed clearly, so that administrators can obtain comprehensive information about database operations. Therefore, the system improves the capability of an enterprise to supervise database security.

Accurate location for efficient investigation

The system provides data evidence for investigation of security incidents, helping to identify the specific persons accountable.

Success Case

2020-2021 Cloud Database Audit System Procurement Project of China Mobile

Databases of China Mobile store a large amount of information about enterprise customers, financial information, and even classified information of the country. These databases are accessible to Internet users, business partners, and employees of China Mobile. However, due to the lack of technical protection for the databases, the security of sensitive information could not be guaranteed during the use of databases previously. To solve this problem, China Mobile initiated a database audit system centralized procurement project for operation in 2020-2021.

Value to Customers：: Flexible deployment for security compliance Improved supervision capability Fine-granularity auditing for efficient investigation

View details

Relevant Recommendations

Product Recommendation

Special Recommendation

News Recommendation

2020-2021 Cloud Database Audit System Procurement Project of China Mobile