TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
Greetings:
The Database Scanner development team is proud to announce the release of
Database Scanner 4.1. This latest version continues to reinforce Database
Scanner's status as the first and only database security solution of its
kind:
"A killer security-scanning application that is never-out-of date."
- Windows 2000, January 2001
(http://www.sqlmag.com/Articles/Index.cfm?ArticleID=16059&pg=1)
Database Scanner 4.1 delivers the following new features and enhancements:
- Enhanced X-Press Update Support. Increasing Database Scanner's ability to
be a more dynamic and up-to-date database security solution.
- Enhanced Integration with Internet Scanner. Database Scanner penetration
testing feature now supports dynamic ("on-the-fly") connections for any
database servers discovered by Internet scanner. This enhancement allows
users to automatically run a penetration test on any database server
detected by Internet Scanner.
- New Policy Levels. Database Scanner now includes a new set of pre-defined
security policy levels, ranked Level 2 through 7, as well as a default New
Security Policy that simplifies the creation of new policies.
- Expanded Database Version Support. Database Scanner 4.1 adds support for
the latest versions of each supported database platform:
- Microsoft SQL Server 2000 (SQL Server 8)
- Oracle 8.1.6 (Oracle 8i, Release 2)
- Sybase Adaptive Server 12
- New Vulnerability Checks. This release adds thirteen new checks (7 MS
SQL, 1 Oracle, 5 Sybase) to Database Scanner's check catalog. For more
details, see the "What's New" section located at the following:
http://www.iss.net/customer_care/whats_new/dbs_new.php. A complete listing
of Database Scanner checks can be found within the following location:
http://documents.iss.net/literature/DatabaseScanner/DBS41Checks.pdf.
- New Reports. Two new reports are included in Database Scanner 4.1. A
complete sample set of reports are available online within the following
location:
http://www.iss.net/customer_care/resource_center/product_lit/security_assess
ment/reports/
- Audit Configuration (MS SQL Server 2000): This report displays
information on configured traces and the events configured for each trace,
as implemented in Microsoft SQL Sever 2000.
- Roles / Users (Sybase Adaptive Server): The Roles/Users Report
lists information about system and user defined roles, and shows the users
that are members of each role.
The following are links to some recent positive reviews of previous versions
of Database Scanner:
Database Scanner 4.0.1 - Set and enforce security policies (Windows 2000
Magazine, January 2001)
- http://www.sqlmag.com/Articles/Index.cfm?ArticleID=16059&pg=1.
Database Security - Securing Oracle (Information Security Magazine,
September 2001)
- http://www.infosecuritymag.com/articles/september00/features1.shtml
In Conclusion:
Internet-enabled organizations need a database security solution that is
flexible, easy-to-use, and saves valuable resources. Database Scanner meets
this need, empowering organizations to protect their valuable data and the
continued operation of their critical systems.
For additional questions concerning Database Scanner version 4.1, please
feel free to contact the following anytime:
- Eric Gonzales, Product Manager ([EMAIL PROTECTED])
- Patrick Wheeler, Technical Product Manager ([EMAIL PROTECTED])
