3 Replies Latest reply on Jun 11, 2014 4:42 PM by neelima

    Customer wants to control changes to just a SQL DB... is McAfee Application Control the right product?


      I administrate a number of accounts with ePO environments. One has approached me who already has MAC in part of their environment and is asking if they can use it to control modifications to a SQL DB on a Production Server. Ultimately they only want a few individuals/services to make changes to this DB and they want to track/log any attempts to do so. I am thinking MAC is overkill in that I would be solidifying the whole system just to track/control changes on one dir and/or file. I would imagine I would then create Updaters for SQL, then collect the logs "File Modified" for just this DB. To do this I believe I would have to export all the "File Modified" events from ePO or local system and filter them down to those that apply to just this file/dir. Sounds administratively heavy to me... Am I right in thinking they need to look at TripWire or some other 3rd party product if all they want is to control this specific area?


      Server: Win 2008

      MAC 6.x

      ePO 4.6 (upgrading to 5 in a few weeks)