U.S. Government Publishes EDB Postgres Advanced Server Security Technical Implementation Guide

EDB Postgres Advanced Server STIG becomes first open source-based database STIG to be published by the Department of Defense; Government-validated security guide increases speed and security for U.S. agencies’ deployment of EDB Postgres

Date -2016-07-14 Location - BEDFORD, Mass. Working with EDB, DISA evaluated EDB Postgres against the DoD’s stringent security requirements and developed the guide to define how EDB Postgres can be deployed and configured to meet security requirements for government systems. DISA is charged with evaluating technologies on behalf of the DoD and setting standards for security and implementation. The publication of the implementation guide for EDB Postgres will help government data center professionals deploy EDB Postgres more quickly and cost effectively, while meeting the stringent DoD requirements for security and documentation of compliance. The extensive validation process underscores how EDB Postgres handles encryption, enables fine-grained auditing, and prevents attacks with such tools as EDB Postgres™ SQL/Protect, a SQL injection attack protection solution. There were over 100 security criteria rules in all. The STIG may be downloaded here.

“Government agencies see EDB Postgres as an opportunity to quickly reduce costs and shift away from expensive proprietary vendors, particularly as public policy initiatives around the world mandate adoption of more open source,” said Marc Linster, Ph.D., Senior Vice President, Products and Services at EnterpriseDB. “EDB continues its focus on security and dedication to a growing base of U.S. government customers. EDB collaborated with DISA to create and produce the first available Postgres STIG to assist government programs with the secure deployment of Postgres. With EDB Postgres, database administrators know they are getting open source plus the additional enhancements EDB has developed to provide much greater security. With the EDB Postgres Advanced Server STIG, they can move much faster into deployment in full compliance with Department of Defense policies and standards.”

The publication of this STIG will help EDB better support the DoD and other U.S. Government agencies, both future and existing, as they struggle to manage rising database costs. These agencies seek open source alternatives to traditional proprietary software and find significant value in EDB Postgres. EDB works with more than 150 Civilian and Defense customers, including branches of the U.S. military such as the Army, Navy, Marine Corps, and Air Force.

The DoD’s security guide also can provide a model for other governments worldwide as open source public policy initiatives give rise significantly to the adoption of EDB Postgres. Globally, EDB government business has shown a CAGR of 65% over the past three years.

STIGs and NSA Guides are the configuration standards for DoD Information Assurance (IA) and IA-enabled devices/systems. Since 1998, DISA has played a critical role enhancing the security posture of DoD's security systems by providing the STIGs. The STIGs contain technical guidance to "lock down" information systems/software that might otherwise be vulnerable to a malicious computer attack.

About the EDB Postgres Platform

The EDB Postgres platform includes all data management solution components, Postgres support, software upgrades, and access to much of EDB’s partner network. EDB Postgres software can be deployed on bare metal; virtual environments, including container environments; or in public, private and/or hybrid cloud environments. EDB Postgres is open source-based, standards-based, and runs on all major operating systems, including various distributions of Linux and Windows.

The EDB Postgres platform provides organizations flexibility in pricing and is available in three subscription models:

  1. EDB Postgres Enterprise – Advanced security, higher performance, database compatibility for Oracle® and EDB Postgres™ Tool Suites. The EDB Postgres Enterprise subscription includes the EDB Postgres Advanced Server database and database compatibility with Oracle.
  2. EDB Postgres Standard – Open source PostgreSQL for the enterprise—the world's most advanced open source DBMS—with the EDB Postgres Tool Suites; EDB Postgres Standard includes the PostgreSQL database.
  3. EDB Postgres Developer – Access to EDB Postgres DBMSs, EDB Postgres Tool Suites, and the benefits of working in a licensed, updated and supported environment; EDB Postgres Developer offers your choice of DBMS and targets developer use.

All three EDB Postgres subscriptions include comprehensive management, integration, migration tool suites, global support and upgrades, and are deployable across a wide range of on-premise and cloud configurations.

To get started with the EDB Postgres platform, download EDB Postgres Advanced Server here. For more information, contact sales@enterprisedb.com.

# # #

EnterpriseDB is a registered trademark of EnterpriseDB Corporation. EDB and EDB Postgres are trademarks of EnterpriseDB Corporation.  All other names are trademarks of their respective owners.