For: Flexible configuration options, good integration with other DbProtect tools
Against: May preclude some customers with specific web application needs
Verdict: A top enterprise-class database security management solution, we rate DbProtect 2007 Recommended

We tested the database vulnerability scanner and central management console. The monitoring component of this product was not part of this group review.
Installation is fairly straightforward. The web-based management console installs on Windows server platforms 2000 and above, and requires MS SQL 2000 or 20005 as the backend. Vulnerability scanning engines can be installed on Windows 2000 Professional, XP or any Windows server platform 2000 or above. Overall, the interfaces are slick and easy to navigate.
This particular product does not target source code, application pages or web services, but is specifically aimed at database servers. It is compatible with all the popular databases that most organisations will use in production.
In our testing, the product performed flawless discovery and auditing of our databases. The list of vulnerabilities and possible configuration weaknesses found within the supported target databases is impressive.
The centralised management and role based access control over user privileges provides true enterprise-management capabilities. Reporting and compliance templates are top-quality, along with very flexible tuning and customisation. Non-intrusive penetration testing is a nice value-added feature.
Documentation is in PDF format and is useful, containing a good mix of text and screenshots. However, screenshots within the help files are often difficult to read and sometimes even illegible, which somewhat reduces their usefulness.
Pricing for DbProtect starts at US$3,000 for each database instance. The overall cost will be exponentially higher for larger environments that often contain numerous unique development, test and production database instances.
Pricing is on the high side because of the inclusion of database monitoring within DbProtect, which we did not test for this review.