In the traditional IT architecture, as well as the private cloud architecture, customers can choose their own database auditing products to protect the database security.

However, under the public cloud architecture, users lose their autonomy, and only when the cloud service provider offers this service, customers can choose it.

Due to the special requirements for database auditing technology under public cloud architecture and the need for operational level, although there are many cloud service providers in China, they are not yet capable of providing this service.

Caché database is a product of Intersystems, a US company, and a leader in post-relational databases. Caché database is relatively unfamiliar to most domestic IT personnel, but in foreign countries, especially in the medical field, such as in the HIS system (Health Care Information System) in the United States and Europe, Caché database accounts for the largest proportion and is recognized as the preferred database in the medical field.

1. Based on the database audit equipment hardware parameters and SQL statement processing capacity per second

2. The number of hardware interfaces of the required database audit product (related to database distribution)

1. When we talk about security prevention, there are several key concepts. Pre-event refers to prevention, in-event refers to the control during the process, and post-event refers to the tracing and evidence collection after the event;

2. Therefore, auditing is not just post-event, but a kind of monitoring during the event; people often have a misunderstanding that if it cannot be prevented, it is not in the event, let alone pre-event;

3. Database auditing can actually achieve the trinity of pre-event prevention, in-event monitoring, and post-event tracing. For example, by monitoring abnormal IP, process, and repeated logins to the system, we can help us prevent illegal access, brute force cracking and other problems; during the event, we monitor all kinds of access behaviors to the database, and through preset rules, we can intelligently and real-timely discover problems, and intervene in time through the alarm platform, SMS, email, etc. The control before and during the event is not blocked, just because it is not suitable to adopt this mode; after the event, we can analyze and locate the problem through the alarm slip, time platform, and log platform.

Built-in industry-specific rules: such as healthcare, finance, etc.;

Built-in grading standard rules;

Built-in classification rules for special industries: such as healthcare data classification: medical application data, medical payment data, personal attribute data, etc., and financial data classification: transactions, supervision, information disclosure, other data, etc.

Built-in sensitive type rules: such as ID card, email, IP address, name, support for customizing sensitive data types.

Ankki data anonymization equipment does not record user data. It uses non-persistent anonymization, and there is no data storage locally. The data read is temporarily stored in memory and is not written to the device's hard drive. The data in memory will be cleared afterward.