Database Firewall – First Line of Defense for Databases – Now Available

Network-Based Security Software Monitors Traffic and Helps Prevent Attacks from Reaching Oracle and Non-Oracle Databases

Oracle Database Firewall is available today for use with:

  • Oracle Database 11g  and previous releases;
  • IBM DB2 for Linux, UNIX and Windows (versions 9.x);
  • Microsoft SQL Server 2000, 2005 and 2008;
  • Sybase Adaptive Server Enterprise (ASE) (versions 12.5.4 to 15); and,
  • Sybase SQL Anywhere V10.
Oracle Database Firewall Downloads

Download Link: http://www.oracle.com/technetwork/database/database-firewall/downloads/index.html

Database Firewall for Security and Compliance

Traditional network firewalls are an established technology and play an important role in protecting data centers from unauthorized access from the outside. Data center attacks, however, have grown increasingly sophisticated, leveraging porous perimeters on the inside to launch attacks on the database itself.

Examining SQL traffic and enforcing security policies on the network has emerged as an important addition to the defense-in-depth security architecture. This is specially true in heterogeneous database environments where security controls can not be enforced in the database itself. Oracle Database Firewall creates a defensive perimeter around databases, monitoring and enforcing normal application behavior, helping to prevent SQL injection attacks and attempts to access sensitive application data using unauthorized SQL commands. Oracle Database Firewall:

  • Monitors and blocks SQL traffic on the network with white list, black list and exception list policies
  • Protects against application bypass, SQL injection and similar threats
  • Reports on database activity for SOX, PCI and other regulations, choosing from dozens of out-of-the-box reports
  • Protects Oracle, Microsoft SQL Server, IBM DB2 for Linux, Unix, and Windows, and Sybase databases

News Facts

To help organizations prevent sophisticated internal and external attacks from reaching their enterprise databases, Oracle today announced the availability of Oracle® Database Firewall.

Oracle Database Firewall establishes a defensive perimeter around databases, monitoring and enforcing normal application behavior in real-time, helping to prevent SQL injection attacks and unauthorized attempts to access sensitive information.

Using innovative SQL grammar analysis technology, Oracle Database Firewall examines SQL statements sent to the database and determines with high accuracy whether to pass, log, alert, block or substitute SQL statements based on pre-defined policies including:

White list policies that refer to the approved SQL statements the firewall will pass through as normal while the rest can be blocked;

Black list policies refer to the list of unauthorized SQL statements that are blocked specifically;

Exception policies offer the flexibility to override applicable security policies to support patching, custom batch jobs, and/or break-glass administrative controls; and,

Policies utilizing attributes such as time of day, IP address, application, user, and SQL category.

Simple to deploy, Oracle Database Firewall does not require any changes to existing applications, the database infrastructure or the existing operating system of the target database.

Oracle Database Firewall can be deployed in-line on the network for both blocking and monitoring or out-of-band for monitoring-only mode.

The Oracle Database Firewall is a complete software solution that runs on Intel-based hardware, and can easily scale to support large numbers of database servers.

With dozens of prebuilt and customizable reports, the Oracle Database Firewall helps organizations comply with privacy and regulatory mandates such as Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), and Health Insurance Portability and Accountability Act (HIPAA).

As part of Oracle’s comprehensive portfolio of database security solutions, Oracle Database Firewall complements Oracle Advanced Security, Oracle Audit Vault and Oracle Database Vault. Together, the products support Oracle’s commitment to provide customers with the most comprehensive and advanced security offerings that help reduce the costs and complexity of securing their business information across the enterprise.

Supporting Quote

“Evolving threats to databases require enterprises to look at new security solutions,” said Vipin Samar, vice president of Database Security, Oracle. “Oracle Database Firewall offers organizations a first line of defense that can stop internal and external attacks from reaching databases. Easy to deploy and manage, Oracle Database Firewall helps reduce the costs and complexity of securing data across the enterprise without requiring any changes to existing applications and databases.”

Supporting Resources

About Oracle Database Firewall

Read the Oracle Database Firewall Data Sheet

Read the Oracle Database Firewall White Paper

Access the Oracle Database Firewall Resource Kit

About Oracle Database Security

About Oracle Database 11g

Database Firewall Documentation Release 5.0

http://download.oracle.com/docs/cd/E20465_01/welcome.html

Price – 17/09/2011

Database Firewall :

Processor License = $5,000.00

Software Update License & Support = $1,100.00

http://www.oracle.com/us/corporate/pricing/technology-price-list-070617.pdf

Enjoy

Advertisements


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s