Security appliance firm Fortinet is pushing into the database security market via the acquisition of technology from IPLocks. Fortinet has licensed IPLocks’ database monitoring and auditing tools as well as acquiring its vulnerability assessment tool, source code and related assets.

The deal was announced on Tuesday, but its terms were undisclosed. Fortinet is best known for its range of unified threat management appliances. These so-called God boxes include anti-virus, firewall and intrusion protection technology on one device. Such network security devices are marketed as easier to manage and cheaper than separate technologies, a line that's particularly appealing to small and medium-sized businesses.

Customers of privately-held IPLocks' technology include large banks, insurance firms and e-commerce outfits. Its technology guards against database attacks while helping to achieve compliance with regulations such as Payment Card Industry Data Security Standard (PCI DSS) and Sarbanes-Oxley (SOX). PCI DSS was developed by credit card firms as a type of security MOT for organisations that process card payments. A revision of the PCI DSS standard (version 1.1) covering web application security is due to kick in at the end of June.

IPLocks' kit also provides alerts on suspicious database events.

Fortinet said acquiring IPLocks' technology will allow it to offer tools that protect database applications alongside its core network security business.

"We believe the IPLocks acquisition will bring an even greater benefit to our customers by hardening the protection of their databases for a security approach that penetrates more deeply into the network – to the application level," said Ken Xie, founder, president and chief exec of Fortinet. ®