Trustwave DbProtect Reviews

In my company, there is a need to protect some reports, especially some little reports about some test databases, which is why we use Trustwave DbProtect.

The most valuable feature of the solution is that you can have a good view which is provided with a proper division of all your databases, which you can see in Trustwave DbProtect. A division of the databases is very good since you can do audits in your databases while also carrying on with the continuous monitoring phase. It provides a view of all your databases, including the ones you have used before.

I have seen that the tool's installation phase has some problems regarding the versions, specifically the version of SQL. Trustwave DbProtect doesn't accept some versions of SQL. Some credentials when you are installing give some problems, but all of them did pass through the installation phase but gave a certain amount of hard work to be done during the installation phase. The aforementioned area needs to be considered for improvement.

The pain points with Trustwave DbProtect were about the installation and problems with the different versions not being accepted. A more compatible version of the product with other databases and operating systems should be possible.

I have been using Trustwave DbProtect for two months. I use Trustwave DbProtect 6.5. My company has a partnership with Trustwave.

It is a stable solution. The problems with the tool are related to its installation phase.

It is very scalable since it is an agentless solution. One just needs to have credentials to connect to the database and go on.

The solution's technical support is provided to us from Chicago by an analyst who also provides support to many in other regions and countries. We receive direct support, and not some email support, from the person from whom we purchased the tool. I rate the support a ten out of ten.

Positive

I rate the initial setup an eight on a scale of one to ten, where one is difficult and ten is easy.

The solution is deployed on a private cloud from Azure.

Along with the environment test, it took a week to deploy the product.

The deployment process was carried out by five people, including a DBA, a support analyst, and a network administrator.

Price-wise, Trustwave DbProtect falls in the mid-range category in Portugal. Many solutions similar to Trustwave DbProtect are expensive in the market.

I rate the pricing a five on a scale from one to ten, where one is the lowest and ten is the highest.

Though we haven't decided how many people are required for maintenance, probably two people would be required.

A suggestion to those planning to use the solution is that if you approach Trustwave DbProtect, then you can get much more time to install it. If you use AppDetectivePRO with Trustwave DbProtect, you can have much rich information about the problems that need to be corrected, so after you go to Trustwave DbProtect and opt for its continuous protection services. A new user should start with AppDetectivePRO.

Overall, I rate the solution a nine out of ten.

I use this solution with several models, including activity monitoring, looking at what communication is going to or from our database, vulnerability scanning when we scan for any vulnerabilities, missing patches, or any misconfiguration, and user video when we look at objects created in the database, in users' privileges.

I have found that transfer and vulnerability scanning are the most valuable features of this product.

As the product is quite old, it needs to be migrated to more up-to-date solutions. However, this tends to take a long time and it would be very convenient if it could be done more quickly. The other main disadvantage is that the product does not have encryption or data masking, unlike other companies' versions.

In the next release, I would like to see the return of support for target databases that the product has discontinued support for.

I have been using Trustwave DbProtect for approximately three years.

The stability of this solution is above average.

The product's scalability is above average.

My experience with customer support has been good, although sometimes the time difference with the support team makes it difficult to communicate.

The initial setup was quite simple.

Flexible licensing is available with several models to choose from. As the product is Windows-based, additional costs include a Windows server license and Microsoft SQL for the internal database.

The product requires at least one person for maintenance.

I would rate it an eight out of ten.

We are a reseller of this solution and provide it to our customers. Some of our customers are the banks.

This solution helps our clients to monitor their database use, and detect violations of the policy. There are three layers in the software and they are all useful. They are:

• Vulnerability management
• User management
• Privileged access management

There are many filters that you can put in place to avoid any data leakage or abuse of your database. All of the features in this solution are really good.

The competitive edge is that this is an agent-based solution. We usually provide network-level solutions, but if the server is misplaced or removed then the control is gone. Since this is installed on the server itself, it is safer to use and there is more control over the database.

I think that they can do a lot more in terms of being able to control, or enforce policy, on a database. Right now they are really amazing when it comes to monitoring, but for control it is limited. I can see exactly what is going on, but I can't take action. This is true for the competition, as well.

I would like to see more coordination for incident response. We have not been able to integrate this product with a lot of standard incident response solutions, so an open API would help in this regard. Today we have to be able to take action within seconds, and this has to be done through talking to other solutions.

I think that it would also be good if they had a network-based solution because what they have right now is an endpoint-based solution. Adding this would allow them to compete better.

The stability is good.

We have only worked on smaller projects, and we have never been asked to scale up.

This solution normally has three or four users. We typically give access to the information security department, and they manage it internally. They assign credentials to OPSEC or the application security team, themselves, so we do not deal with more than one department. The customers normally ask for three or four licenses.

We rarely have problems with this solution, but when we do then the technical support is great.

We have had only one customer that switched to this solution after using IBM Guardium. They made the change because of the complexity. I did not have direct experience with their environment, but the customer claimed that after purchase it took months just to complete the configuration. In the end, it was simply too complicated so they abandoned it.

My experience with IBM products is that they provide a lot of flexibility to the customer, which makes them more complex. This might be good for some people in very large organizations, but for smaller banks, they find that complexity unnecessary.

The initial setup for this solution is amazingly straightforward and simple.

We implement database protection as an isolated requirement for the customer, as opposed to providing it as part of a larger offering. In this context, the average implementation takes a week to two weeks. 

From our side, we only need one certified engineer to attend the site. This person takes cares of the whole project. On the customer's side, we usually need the cooperation of the database team, as well as the information security department. The security officer gives us the credentials required, and the database admin supports the project. Without the support of these roles, the project will fail.

We normally do the installation with the help of a distributor in Dubai. We coordinate with them whenever we need additional engineers. We do have certified people for the product, but just to be on the safe side, we engage the distributor as well as Trustwave. Trustwave has an office in Jordan, which is the closest one.

Generally, we handle the entire installation ourselves, but we do seek help if there are issues at any point. When we have requested help from the distributor or from Trustwave, we have been very happy with them. They are quite dedicated, and we are doing a good job together.

I have not discussed ROI with my customers, but they normally renew their licenses so it seems like they are happy with the pricing.

The licensing fees, including support, are approximately $5,000 USD per database, per year. Without support, the licensing fees are half of that, at $2,500 USD per year.

We evaluated IBM Guardium, and we chose this solution because it is agent-based, and you don't have to install it at the network level. You can just look at one machine, which provides for better control. Our customers have not been very responsive to it yet.

There are two or three competing products that are active in this region, and Fortinet FortiDB is another one of them that is doing quite well.

The market here is very limited for database protection. For the past five years, we have been pushing it as a "good to have" or "nice to have" solution. However, it is now becoming an essential requirement for protecting our customers' databases.

Our customers have identified the need for database protection, but in our part of the world, it is not yet getting the attention, or budgets, that it requires. In the middle of threats and attacks on the network, people rarely look at the backend solution. They do not see the database as a "threatened" component.

We are happy with the product overall, including its features and support. Unfortunately, our market here is not quite ready for it, but we are looking for it to pick up in the near future.

Trustwave is not as visible in this region as IBM or other competing products, which is one of the issues that we have in selling the solution. At the same time, it is a good product and it is still a market leader. Overall, we don't see many problems.

My advice for anybody interested in implementing this solution is to do a POC. It is easy and not risky. Since it is something that is installed on the database server itself, it may be necessary to use a test server. In our experience, however, it is generally safe and we haven't seen any issues with it.

Overall, I'm happy with the product but it is not yet perfect.

I would rate this solution an eight out of ten.

Database activity monitoring. The reason why this is valuable is because it helps monitor and identify any fraudulent or suspicious activities that are executed on the database.

With improved vulnerability analysis, critical assets are now patched in time.

Asset Management, Analytics, and Reporting. The reason why these need room for improvement is that some assets in the report sometimes report the wrong operating system names. Therefore, they give slightly inaccurate results.

We have been using the solution for three years.

We encountered issues with stability, especially during database upgrades and migration.

We didn't encounter any issues with scalability.

The technical support isn't entirely the best. I would give them a rating of 6/10.

We didn't use any previous solution.

The initial setup was straightforward.

For the level of product availability, it is rather costly.

We didn't evaluate any other products.

I would first advise them to perform a thorough evaluation before purchasing the product.

Its automation functionality and ease of use.

An everyday staff member in the IT unit can use this service without having to be an expert in DB management.

Its improvement levels are not technically related, but rather marketing related.

They need a better study of the needs of other markets with respect to DbProtect. They can't just hope that a DbProtect suite made for US markets will also fit into an African market. The market indices are not always the same.

I used it for two years, before termination of service with the same firm.

Regarding stability, I would give it a rating of 3.5/5.

We almost never had scalability issues.

I would give technical support a rating of 3/5.

We did not have a previous solution.

The setup was straightforward. In some stages, it was difficult to continue, but generally it was straightforward.

Our evaluation was based on the service attached to the package and customer reviews.

Make sure the service will meet your tailored needs and your organizational expectations.

Scanning for databases is the most valuable feature of this solution. This is because most of the security breaches that you hear about, require some sort of insecure database within the enterprise in order to enable the data to be sent somewhere else.

It provided us with better control over the small databases that might spring up and introduce security issues.

A better interface to understand what network is going to be scanned.

Also, when we had two instances where we thought that the scheduled scanning was turned off and it went active, causing some network issues.

I have used this solution for around two years.

The system that is running scans can become slow to respond. Thus, you should be able to say, don't consume more than a particular amount of resources when scanning.

The interface to manage multiple systems was okay but we did not have a chance to scale the system truly to the enterprise levels, i.e., not beyond instance numbers with value greater than 10.

We did not interact much with the technical support but they were helpful when needed.

We were not using any other solution.

The initial setup was straightforward.

Someone else did the bake-off; I handled the technical implementation part.

You should go for it. Knowing what is in your enterprise and its vulnerabilities can save you from being the next headline.