If you have ever balked at the idea of installing database monitoring tools such as profilers or agents on your database server, then we need to talk. The ExtraHop platform provides transaction-level details by analyzing database communications on the wire—no agents and no overhead! Imagine viewing performance per method and table so that you know which indexes need fixing, or setting an alert when database responses exceed 10MB so you can stop a thief from making off with sensitive information. ExtraHop delivers this and much more, going far beyond the capabilities of traditional database monitoring tools.
A sample of the database visibility that you get with ExtraHop:
- Identify tables with missing indices
- Isolate repeated or poorly written queries
- Understand database access patterns
- See which users are accessing which tables
- Compare response times before and after a schema update
- Record IP address of suspicious queries
The ExtraHop platform offers protocol modules for IBM DB2, IBM Informix, Microsoft SQL Server, MongoDB, MySQL, Oracle, PostgreSQL, Sybase ASE, and Sybase IQ.
Using ExtraHop, the team quickly identified the compromised hosts, which data was exposed, and malicious servers involved. They discovered a compromised internal server being used to stage a brute force login attack on the database, and examined subsequent database queries to understand what the attackers were up to. Then they isolated how the breach occurred and strengthened their security accordingly.
Outages for an online retailer were costly and troubleshooting was slow. By using ExtraHop to map service-chain deliveries and monitor each user's transaction across all tiers, they prevented an estimated seven outages in the first six months of using the platform, protecting at least $525,000 in revenue and hundreds of personnel hours.
A company generating 10 terabytes of SQL queries each day had very little visibility into how the databases affected overall application performance. With ExtraHop, the DBAs were able to analyze performance across tiers, pinpoint the bottleneck, and monitor all tiers going forward to ensure they're meeting their SLAs.
A large government agency needed a way to identify the source of a data leak and detect any future data exfiltration. The security team used the ExtraHop platform to identify a specific machine with abnormal DNS activity as the source of the leak, and they now use ExtraHop as an integral part of their security monitoring and analytics.
An insurance company used ExtraHop to pinpoint a misplaced query method that was introducing latency. They gained total visibility across their pre-existing Microsoft SQL, Oracle, DB2 and Informix databases and are now saving a minimum of $350,000 per year in personnel time.