Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Review: AppDetective Helps You Be a Nosy DBA

By Brian Knight,

I recently had the opportunity to look at the Application Security Inc. core product called AppDetective 3.1. Since I’ve evaluated it a month ago, it’s become a vital part of my day to day security auditing and I’m not really sure how I survived without it now. This review will focus mostly on how the application works with SQL Server but it also can handle other data sources and applications like IIS.

The Problem

If you’re a DBA, you may remember the calls you received when the SQL Slammer virus first came out. I received a page at 7:30AM that Saturday morning from a corporate security employee asking me if I had deployed service pack 2 for SQL Server in our environment. We had just deployed it 3 weeks prior but there how could we be sure we caught all the servers? Luckily, we didn’t get harmed by the virus because of strong firewall rules and patch deploy. How could we be sure we got all the servers though? We first downloaded AppDetective then to make sure we patched all the servers. We had though we had 75 or so servers in our environment and what we found was terrifying.

How AppDetective Solved It

As you know, the problem and advantage with SQL Server is that it’s so easy to install. It asks you a few simple questions and whalla, you’ve got an unpatched copy of SQL Server installed that’s vulnerable to all sorts of viruses. Rarely do people remember to install the latest service pack. As AppDetective scanned our network, it found an additional 200 SQL Servers or MSDE instances that we didn’t know about and where developers had installed their MSDN copy of SQL Server or were using MSDE to develop against. We scurried to finish the patch work, as most of them didn’t have the proper service pack installed on them yet.

The nice thing we found about AppDetective was that it outputted all the instances it found to an Access or SQL Server table for easy trend analysis. We imported their host table into an Excel spreadsheet to monitor our server list as we kicked of a server consolidation project. You can also schedule these types of network scans on a periodic basis so if a developer stands up a SQL Server in our environment, they receive a call shortly thereafter.

The true power in the application is the ability to audit an individual server’s security policies. We pointed AppDetective at our development server and it found lots of vulnerabilities that I wasn’t aware of. It also shows you how to fix the problem with easy to read instructions. As you can imagine, the type of vulnerabilities out there are constantly changing and you can update your security profile with ASAP Update, which downloads the latest vulnerability lists from the Application Security’s website. I’ve been doing this once every few weeks since I installed the program.

The product can also perform brute force attacks or denial of service (DoS) attacks on your server to test your security measures. It will try to crack your passwords that are installed and will find easy to guess passwords. It then creates an easy to read report that even a manager can read. Each scan is kept historically so you can see if things are improving or getting worse.

Overall, the program was very simple to install, configure and use. There is only a client to install on your workstation and no component on the servers to install. There was no learning curve at all and I was using the program in a panic within minutes. I can’t recommend AppDetective enough as an enterprise tool to scan your network for SQL Server and then find vulnerabilities. It can be costly to deploy AppDetective to too many servers in an enterprise environment however. You need one license to scan the network and then one per server to scan for vulnerabilities or security policies. So if you wanted to scan 2 servers in your environment but only wanted to test your policies against one, you would only need one license. As with most vendors, enterprise licensing is available.

The Big Picture

AppDetective helped us in a struggle to find newly installed SQL Servers and helped us be a nosy DBA. Users can no longer install SQL Server on their computers without getting a call from us shortly thereafter. AppDetective has saved us countless days of work in locating the servers and then really tests our security policies before their tested in the real world.

Rating

Return on Investment

 

 

 

 

 

 

 

 

 

 

 

 

4.0 - Expensive product at $1295 an instance but well worth it.

Ease-of-Use

 

 

 

 

 

 

 

 

 

 

 

 

5.0 – All the features were very easy to use.

Features

 

 

 

 

 

 

 

 

 

 

 

 

5.0 - Everything you need to secure your SQL Server in a nice package.

Learning Curve

 

 

 

 

 

 

 

 

 

 

 

 

5.0 – Wizards made it easy to configure your environment in 5 minutes.

Time savings

 

 

 

 

 

 

 

 

 

 

 

 

5.0 - Saves tons of time in auditing your system and finding SQL Servers you didn't know existed.

Lack of Bugs

 

 

 

 

 

 

 

 

 

 

 

 

5.0 - None found during this review.

Support

 

 

 

 

 

 

 

 

 

 

 

 

5.0 - Support provided phone number to call back in less than 10 mins when anonymously e-mailed

Overall

 

 

 

 

 

 

 

 

 

 

 

 

5.0 – Easy product to use and find SQL Servers that you didn't know existed. Auditing a snap.

Specifics

Vendor Information

Application Security, Inc.
117 East 24th Street
Suite 2A
New York, NY 10010
USA

Tel: +1 212-420-9270
Fax: +1 212-420-9680

http://www.appsecinc.com
info@appsecinc.com

Pricing

Price : Lists at $1,295 per instance but enterprise-wide pricing to cover an entire organization available

30 day full demos are available of all ASI products

Total article views: 4652 | Views in the last 30 days: 1
 
Related Articles
FORUM

Sql server 2005 Security (Installation)

Sql server 2005 Security (Installation)

FORUM

HELP URgENT: Can you install sql on application server

Can you install sql on application server

FORUM

Sql instance installation on Application Server

HELP=Sql instance installation on Application Server

FORUM

Database Security with Distribuatable Application

How can we secure a Database which is distributed with an Application - (using MS Sql Server 2005 / ...

FORUM

Create security for an application.

How create security for an application ?

Tags
product reviews    
reviews    
security    
sql server 7    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones