Who's Watching the Hen House?
Both classes of products will trigger alerts if, in the example of the telco customer cited above, there is a sudden spike in phone recharges from cards with a spe-cific sequence of numbers. That could indicate that a street vendor selling the cards had just been robbed, but just who gets the alert can be a sensitive sub-ject.
The appliance solutions, since they are network devices, naturally tend to alert network security folks, while the software-only solutions are more often under the jurisdiction of the DBA, who will likely get the alert. "It's the DBAs job to keep the database open and accessible," says Ben-Natan, "and this does not foster the right state of mind for security."
The appliance/nonappliance choice often involves a decision about role separa-tion. This may be fine, but it does get to a fundamental issue concerning data-base security. A good database is supposed to facilitate fast and easy accessibil-ity of massive volumes of data, and so there may be some natural contradictions built into a dual role of data security leader and DBA. (See related case study, " Nuclear Fuel Supplier Tightens Database Security.