Premium Support 5 Year:

Premium Support Upgrade, 24x7 availability, upfront replacement, 1st time

Web Support
Included free-of-charge with every Astaro Security Gateway base license. Web support offers a 72 hour “bring in” hardware replacement (during the
warranty period) as well as access to support platforms such as the Astaro Knowlegdebase and MyAstaro.

Standard Support
Included with every Network, Web or Mail Security subscription purchased. Standard support offers a 24 hour “bring in” hardware replacement,
automatic software updates as well as technical 10*5 support via Astaro partners.

Premium Support
An optional support upgrade which can be purchased for 1, 3 or 5 years. Premium support offers a 24 hour upfront hardware replacement, software
updates as well as technical 24*7 support via Astaro engineers – beginning with activation-key entry within the MyAstaro-Portal.

The Astaro Security Gateway 625 is designed to provide protection for larger enterprises. Based on high quality Intel-compatible server systems, including Dual IntelTM Xeon Multi-Core processors and redundant highspeed hard disks, it provides optimal performance and reliability even for the most demanding environments. This section details the security applications available, technical information and deployment scenarios.

Spec:

Equipped with 10 gigabit-speed copper ports and 8 SFP GBIC ports, the Astaro Security Gateway 625 provides maximum deployment flexibility, making it the ideal choice even for data center environments. Redundant RAID controlled hard disks and hot-swappable power supplies offer maximum reliability and availability.

Two Intel Quad-Core Xeon CPUs, 18 PCI-Express gigabit-speed network ports, and two 15K rpm SAS hard disks offer firewall throughput rates of more than 9 Gbps. By using Astaro’s “One-Click Clustering” technology, even full gigabit UTM-throughput can be achieved without requiring external load balancers.

Support Options:

Web Support

Included free-of-charge with every Astaro Security Gateway base license. Web support offers a 72 hour “bring in” hardware replacement (during the

Standard Support

Included with every Network, Web or Mail Security subscription purchased. Standard support offers a 24 hour “bring in” hardware replacement, automatic software updates as well as technical 10*5 support via Astaro partners.

Premium Support

An optional support upgrade which can be purchased for 1, 3 or 5 years. Premium support offers a 24 hour upfront hardware replacement, software updates as well as technical 24*7 support via Astaro engineers – beginning with activation-key entry within the MyAstaro-Portal.

Spec:

Equipped with 4 separately manageable Network Ports, a fast 1.5 GHz Intel-compatible CPU and an integrated hard drive the ASG 110 offers a complete and easy-to use solution to protect small networks against the endless number of viruses, spam and hackers that threaten to compromise networks of all sizes today. By offering a Firewall throughput of up to 200 Mbit/s it can easily exceed the performance of standard branch office internet connections. The gateway can be deployed for up to 10 users.

Web Support
Included free-of-charge with every Astaro Security Gateway base license. Web support offers a 72 hour “bring in” hardware replacement (during the

Standard Support
Included with every Network, Web or Mail Security subscription purchased. Standard support offers a 24 hour “bring in” hardware replacement,
automatic software updates as well as technical 10*5 support via Astaro partners.

Premium Support
An optional support upgrade which can be purchased for 1, 3 or 5 years. Premium support offers a 24 hour upfront hardware replacement, software updates as well as technical 24*7 support via Astaro engineers – beginning with activation-key entry within the MyAstaro-Portal.

Astaro Software ASL 10 Users 1 Year Gold Maintenance Subscription

Astaro Software ASL 10 Users 1 Year Web Subscription

Computer systems are the core tool of today’s business and are vital to every business from the smallest to giant organizations. Money transactions, customer service are just simple examples. Despite high hopes, disasters in one form or another eventually strike every organization. Whether it’s natural disaster like a hurricane or earthquake, or man-made disaster like a street riot or explosion - every organization will encounter events that threaten their very existence.

We all work on our computer systems without thinking about "What if" scenarios. However, computers are not like other electronic devices such as TV, DVD and etc. Dependent on a combination of hardware and software, they may suddenly stop working for some reason. Even power failures can cause malfunctioning. To avoid such problems we need to draw up a Plan, or a number of alternate plans for possible scenarios, to help mitigate the effects a disaster has on the company's continuing operations and to achieve a speedy return to normal operations. Advanced preparation saves time, money, and prevents loss of clients, and business reputation.

Objectives

• Business Continuity Planning (BCP)
• Disaster Recovery Plan (DRP)

Process Flow

• Risk Management
• Business Continuity Planning
• Disaster Recovery Plan

Summary

Business Continuity Planning (BCP) and Disaster Recovery Plan (DRP) are very important plans for business from small to big sizes. Before planning, the business should identify its assets and risks. The process is called Risk Management, and is divided in to 4 sections:

• Risk Analysis
• Asset Valuation
• Calculating Safeguards
• Handling Risk

These elements help to see the full picture before preparing the plans. Business Continuity Planning (BCP) helps a business to recover one of its systems which has ceased to function. It is divided in to 4 sections:

• Project Scope and Planning
• Business Impact Assessment
• Continuity Planning Goals
• Approval and Implementation

Disaster Recovery Plan (DRP) deals with worst case scenarios when ALL systems or one major system have ceased to function. This Plan is executed as in autopilot mode.

Hedgehog Enterprise

Database Activity Monitoring and Intrusion Prevention

Hedgehog Enterprise™ is optimal for organizations that require breach prevention, end-user identification, virtual patching, integration with your existing security infrastructure, IT governance and operate with enterprise-wide database deployment.

Sentrigo’s Hedgehog Enterprise is a scalable database activity monitoring and intrusion prevention solution. Database breaches and the theft of sensitive data leave enterprises exposed to risk and can do irreparable harm at great cost.

Hedgehog Enterprise provides full visibility into all database activity including local privileged access, protects the database in real-time with actionable alerts and prevention capabilities, and allows enterprises to enforce security policy and comply with regulatory requirements, such as PCI DSS, Sarbanes-Oxley, SAS 70 and HIPAA.

Product Highlights

• Real-time alerting and prevention of attacks and data theft
• In depth protection of sensitive data at the object level
• Virtual Patching - predefined rules that addresses known and newly discovered DBMS vulnerabilities that serve as a stop-gap until vendor-issued security patches are deployed.  Virtual patches are available as an option to Hedgehog Enterprise, on a subscription basis.
• Central management able to handle deployments from a single database to thousands of databases
• No degradation in database performance

Real-Time Activity Monitoring

Hedgehog gives the IT security professional full visibility of user activity on all monitored databases. Hedgehog either issues alerts about abnormal user activity or stops it in its tracks. Policies are enforced based on a variety of parameters, including:

• Specific database objects
• SQL statements
• Application user ID (Requires Hedgehog IDentifier™)
• Source IP address
• Applications used
• Etc.

Easing the Burden of Regulatory Compliance

Hedgehog simplifies and accelerates the process of complying with standards and regulations such as Sarbanes-Oxley (SOX), PCI DSS, SAS 70, HIPAA, GLBA and privacy breach notification laws. Wizard-driven processes and reports help meet key requirements, including access to sensitive data, privileged user behavior and segregation of duties.

Uninterrupted Operations

Hedgehog’s patent-pending host-based technology is uniquely capable of monitoring privileged user access without impacting performance, without relying on native DBMS auditing or logs and with no need for DBMS downtime.

More details

• License/subscription and pricing
• Product comparison
• System requirements

CALL FOR PRICING!!!

Hedgehog IDentifier

End-User Accountability in Databases Sentrigo’s Hedgehog IDentifier is a unique solution to application end-user identification in pooled-connection environments that obscure individual user accountability. Hedgehog IDentifier ties database actions with the end-users who initiate them, enabling the enforcement of security policy on individuals and satisfying regulatory compliance requirements.

Product highlights

• Accurate identification of individual end-user activity in the database
• Satisfies regulatory compliance requirements for individual accountability (including Sarbanes-Oxley, PCI DSS and HIPAA)
• Real-time alerting and prevention capabilities based on individual user actions
• No change required to applications or DBMS

Application End-User Identification

Auditors want to know "who did what" on the database, while corporate security policy often requires limiting access to data based on user identity. More often than not, however, users connect to the database via applications that use pooled connections, making it impossible to figure out which user performed which action on the database, let alone enforce security policy based on user identity.

The Solution: Hedgehog IDentifier

Hedgehog IDentifier passes the application user ID along to the database and associates every action with the application end-user who performed it. Unlike other methods that use correlation and are not 100% reliable, Hedgehog IDentifier is a software component installed on the application server, which extracts the actual user ID information and passes it through the connection to the database.

Hedgehog IDentifier allows users to identify application user IDs, user IP address and URL, and by using the Hedgehog Enterprise rules engine, it can issue alerts and limit access to database objects based on those parameters.

When deploying Hedgehog IDentifier, no changes to either the applications themselves or to the DBMSs are required.

Sentrigo customers use Hedgehog IDentifier to:

• Monitor, track and audit “who is doing what” in the database
• Comply with regulations that mandate controlling individual access to sensitive data
• Enforce security policy on end-users rather than on applications and maintain accountability

Hedgehog IDentifier is an add-on to Hedgehog Enterprise. It supports JavaEE application servers such as IBM WebSphere, BEA WebLogic, JBoss and Apache Tomcat, as well as .NET application servers.

Hedgehog IDentifier is available for download when you download Hedgehog Enterprise

CALL FOR PRICING!!!

1 Year Renewal

1 Month Renewal

Hedgehog vPatch

Imagine patching the database with no downtime, no backups.
 

To date, there are hundreds of known vulnerabilities in DBMSs across different vendors and versions.

Databases are complex applications. This complexity makes them particularly susceptible to many security vulnerabilities that provide an entry point for intruders and unauthorized users.

Exploits published on the Web enable even rookie hackers to get into the database and own it by using privilege escalation, and attack vectors such as SQL injection and buffer overflow.
Severe vulnerabilities even allow remote access by unauthenticated users, for example, those who are on remote IP addresses and have no database login credentials at all.

With so many known risks for DBMSs across so many vendors and versions, it seems unthinkable that databases would be left unpatched. Critical databases are left unpatched for months or even years, vulnerable to attacks that result in data theft, breaches of privacy and non-compliance with regulatory requirements.

Why aren't vendor-issued security patches being deployed?

While Sentrigo recommends timely, regular deployment of vendor-issued security patches as the best way to protect corporate databases, due to the following reasons, many organizations do not patch their databases in a timely manner: 

• Patching is an update to the DBMS kernel and requires database downtime. This is often not an option in 24x7 environments, or is extremely difficult to coordinate.
• Patching requires regression testing of all applications running on top of the database.
• Many application vendors only certify their applications to run on top of specific releases of DBMSs - updates not included.
• Older, yet still used database versions are not supported by new security patches.

 

What Is Virtual Patching?

Virtual patching is a way to protect the database against exploits without actually patching the DBMS kernel. This creates a security layer around the database that, unlike vendor patching, does not require downtime or application testing.

Hedgehog vPatch protects databases in real-time against known vulnerabilities using unique virtual patching capabilities

 

By monitoring all actions in the database and matching them against rules that detect known exploits and vulnerabilities, virtual patching detects attempted exploits. When a match occurs, an alert is issued and the suspicious session can be terminated and the originating user quarantined for specified period, until the nature of the suspected attack is investigated.

Downloadable, Easy to Deploy Across Multiple Databases

Hedgehog vPatch is a subscription-based offering that includes two components:

• Host-based software that uses sensors to protect the DBMS with a set of protections (virtual patches) to detect and prevent attempted exploits of DBMS vulnerabilities.
• Ongoing updates for newly discovered and existing vulnerabilities, courtesy of Sentrigo's "Red Team" — a team of security researchers who are constantly finding DBMS vulnerabilities and exploits, and devising ways of stopping them.

 

Hedgehog vPatch is non-intrusive, does not use native DBMS auditing or API functions and is not part of the DBMS - it directly monitors the database memory cache and has full visibility into all database activity.

Hedgehog vPatch™ Advantages

• No database downtime is required both during the initial installation as well as during the ongoing deployment of security updates.
• No impact on the application layer
• Support for older DBMS versions (e.g., Oracle 8i, 9i)

 

More details

• License/subscription and pricing
• Product comparison
• System requirements

1 Year Renewal