Imperva: Protecting the Data that Drives Business Login|Japanese
Imperva's Universal User Tracking (UUT)

Universal User Tracking

The Accountability Requirement for Database Auditing

One of the primary requirements of any application or database audit process is validating appropriate user accountability. Today’s complex multi-tiered environments have made it practically impossible to track user data interaction. SecureSphere's Universal User Tracking technology makes individual users accountable - even when they access data via commercial applications such as Oracle E-Business Suite, SAP, and PeopleSoft or custom Web applications.

Typical Data Audit Solutions Do Not Provide Full Accountability

Often, when users access databases via an application, connections are pooled by the application server into a single connection to the database. Typical database auditing systems do not consistently link database activity with specific users when connection pooling is in use because only the application's login name is recorded. SecureSphere tracks individual user connections, not just application logins, to provide full database audit accountability.

Universal User Tracking Records Actual User Names - Screenshot Click to enlarge

Typical audit appliances (and native database audit capabilities) record application names, not actual user names.

Universal User Tracking Meets the Requirement

Universal User Tracking incorporates multiple tracking mechanisms to identify the accountable end user for every database transaction, even when connection pooling is in place. Universal User Tracking methods include:

  • Web Application User Tracking
  • Web to Database User Tracking
  • SQL Connection User Tracking
  • Direct User Tracking

These four tracking methods enable SecureSphere to audit end users regardless of how they connect to the database, enabling complete accountability. By tracking end users, SecureSphere can display user IDs in database security alerts, audit logs, and reports. In addition, database security policies can be created to restrict access by user ID. Universal User Tracking provides greater visibility into database activity, more granular security controls, and adherence to today's stringent regulatory requirements.

More thorough database auditing enables organizations to achieve regulatory data compliance, such as Sarbanes Oxley and PCI, with greater ease.

Universal User Tracking Even with Pooled Database Transactions - Screenshot Click to enlarge

Web to Database User Tracking, a Universal User Tracking method, provides individual accountability even when an application server pools transactions into a single database connection.