U.S. Government Publishes EDB Postgres Advanced Server Security Technical Implementation Guide
EDB Postgres Advanced Server STIG becomes first open source-based database STIG to be published by the Department of Defense; Government-validated security guide increases speed and security for U.S. agencies’ deployment of EDB Postgres
EnterpriseDB® (EDB™), the leading enterprise Postgres database company, today announced that the EDB Postgres™ Advanced Server STIG was published by the U.S. Department of Defense (DoD) – becoming the first open source-based database with a Security Technical Implementation Guide (STIG).
Working with EDB, DISA evaluated EDB Postgres against the DoD’s stringent security requirements and developed the guide to define how EDB Postgres can be deployed and configured to meet security requirements for government systems. DISA is charged with evaluating technologies on behalf of the DoD and setting standards for security and implementation. The publication of the implementation guide for EDB Postgres will help government data center professionals deploy EDB Postgres more quickly and cost effectively, while meeting the stringent DoD requirements for security and documentation of compliance. The extensive validation process underscores how EDB Postgres handles encryption, enables fine-grained auditing, and prevents attacks with such tools as EDB Postgres™ SQL/Protect, a SQL injection attack protection solution. There were over 100 security criteria rules in all. The STIG may be downloaded here.
“Government agencies see EDB Postgres as an opportunity to quickly reduce costs and shift away from expensive proprietary vendors, particularly as public policy initiatives around the world mandate adoption of more open source,” said Marc Linster, Ph.D., Senior Vice President, Products and Services at EnterpriseDB. “EDB continues its focus on security and dedication to a growing base of U.S. government customers. EDB collaborated with DISA to create and produce the first available Postgres STIG to assist government programs with the secure deployment of Postgres. With EDB Postgres, database administrators know they are getting open source plus the additional enhancements EDB has developed to provide much greater security. With the EDB Postgres Advanced Server STIG, they can move much faster into deployment in full compliance with Department of Defense policies and standards.”
The publication of this STIG will help EDB better support the DoD and other U.S. Government agencies, both future and existing, as they struggle to manage rising database costs. These agencies seek open source alternatives to traditional proprietary software and find significant value in EDB Postgres. EDB works with more than 150 Civilian and Defense customers, including branches of the U.S. military such as the Army, Navy, Marine Corps, and Air Force.
The DoD’s security guide also can provide a model for other governments worldwide as open source public policy initiatives give rise significantly to the adoption of EDB Postgres. Globally, EDB government business has shown a CAGR of 65% over the past three years.
STIGs and NSA Guides are the configuration standards for DoD Information Assurance (IA) and IA-enabled devices/systems. Since 1998, DISA has played a critical role enhancing the security posture of DoD's security systems by providing the STIGs. The STIGs contain technical guidance to "lock down" information systems/software that might otherwise be vulnerable to a malicious computer attack.
About the EDB Postgres Platform
The EDB Postgres platform includes all data management solution components, Postgres support, software upgrades, and access to much of EDB’s partner network. EDB Postgres software can be deployed on bare metal; virtual environments, including container environments; or in public, private and/or hybrid cloud environments. EDB Postgres is open source-based, standards-based, and runs on all major operating systems, including various distributions of Linux and Windows.
The EDB Postgres platform provides organizations flexibility in pricing and is available in three subscription models:
- EDB Postgres™ Enterprise – Advanced security, higher performance, database compatibility for Oracle® and EDB Postgres™ Tool Suites. The EDB Postgres Enterprise subscription includes the EDB Postgres Advanced Server database and database compatibility with Oracle.
- EDB Postgres™ Standard – Open source PostgreSQL for the enterprise—the world's most advanced open source DBMS—with the EDB Postgres Tool Suites; EDB Postgres Standard includes the PostgreSQL database.
- EDB Postgres™ Developer – Access to EDB Postgres DBMSs, EDB Postgres Tool Suites, and the benefits of working in a licensed, updated and supported environment; EDB Postgres Developer offers your choice of DBMS and targets developer use.
All three EDB Postgres subscriptions include comprehensive management, integration, migration tool suites, global support and upgrades, and are deployable across a wide range of on-premise and cloud configurations.
About EnterpriseDB (EDB) Corporation
EDB is the leading worldwide provider of PostgreSQL software and services that enable enterprises to reduce their reliance on costly traditional solutions and slash their database spend by up to 80% or more. With powerful performance and security enhancements for PostgreSQL, sophisticated management tools for global deployments and database compatibility with Oracle, EDB software supports mission-critical enterprise applications. More than 3,600 enterprises, governments and other organizations worldwide use EDB software, support, training and professional services to integrate PostgreSQL into their existing data infrastructures. EDB is based in Bedford, Massachusetts.
# # #
EnterpriseDB is a registered trademark of EnterpriseDB Corporation. EDB and EDB Postgres are trademarks of EnterpriseDB Corporation. All other names are trademarks of their respective owners.