Database Firewall – First Line of Defense for Databases – Now AvailablePosted: 17/09/2011
Network-Based Security Software Monitors Traffic and Helps Prevent Attacks from Reaching Oracle and Non-Oracle Databases
Oracle Database Firewall is available today for use with:
- Oracle Database 11g and previous releases;
- IBM DB2 for Linux, UNIX and Windows (versions 9.x);
- Microsoft SQL Server 2000, 2005 and 2008;
- Sybase Adaptive Server Enterprise (ASE) (versions 12.5.4 to 15); and,
- Sybase SQL Anywhere V10.
Oracle Database Firewall Downloads
Database Firewall for Security and Compliance
Traditional network firewalls are an established technology and play an important role in protecting data centers from unauthorized access from the outside. Data center attacks, however, have grown increasingly sophisticated, leveraging porous perimeters on the inside to launch attacks on the database itself.
Examining SQL traffic and enforcing security policies on the network has emerged as an important addition to the defense-in-depth security architecture. This is specially true in heterogeneous database environments where security controls can not be enforced in the database itself. Oracle Database Firewall creates a defensive perimeter around databases, monitoring and enforcing normal application behavior, helping to prevent SQL injection attacks and attempts to access sensitive application data using unauthorized SQL commands. Oracle Database Firewall:
- Monitors and blocks SQL traffic on the network with white list, black list and exception list policies
- Protects against application bypass, SQL injection and similar threats
- Reports on database activity for SOX, PCI and other regulations, choosing from dozens of out-of-the-box reports
- Protects Oracle, Microsoft SQL Server, IBM DB2 for Linux, Unix, and Windows, and Sybase databases
To help organizations prevent sophisticated internal and external attacks from reaching their enterprise databases, Oracle today announced the availability of Oracle® Database Firewall.
Oracle Database Firewall establishes a defensive perimeter around databases, monitoring and enforcing normal application behavior in real-time, helping to prevent SQL injection attacks and unauthorized attempts to access sensitive information.
Using innovative SQL grammar analysis technology, Oracle Database Firewall examines SQL statements sent to the database and determines with high accuracy whether to pass, log, alert, block or substitute SQL statements based on pre-defined policies including:
White list policies that refer to the approved SQL statements the firewall will pass through as normal while the rest can be blocked;
Black list policies refer to the list of unauthorized SQL statements that are blocked specifically;
Exception policies offer the flexibility to override applicable security policies to support patching, custom batch jobs, and/or break-glass administrative controls; and,
Policies utilizing attributes such as time of day, IP address, application, user, and SQL category.
Simple to deploy, Oracle Database Firewall does not require any changes to existing applications, the database infrastructure or the existing operating system of the target database.
Oracle Database Firewall can be deployed in-line on the network for both blocking and monitoring or out-of-band for monitoring-only mode.
The Oracle Database Firewall is a complete software solution that runs on Intel-based hardware, and can easily scale to support large numbers of database servers.
With dozens of prebuilt and customizable reports, the Oracle Database Firewall helps organizations comply with privacy and regulatory mandates such as Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), and Health Insurance Portability and Accountability Act (HIPAA).
As part of Oracle’s comprehensive portfolio of database security solutions, Oracle Database Firewall complements Oracle Advanced Security, Oracle Audit Vault and Oracle Database Vault. Together, the products support Oracle’s commitment to provide customers with the most comprehensive and advanced security offerings that help reduce the costs and complexity of securing their business information across the enterprise.
“Evolving threats to databases require enterprises to look at new security solutions,” said Vipin Samar, vice president of Database Security, Oracle. “Oracle Database Firewall offers organizations a first line of defense that can stop internal and external attacks from reaching databases. Easy to deploy and manage, Oracle Database Firewall helps reduce the costs and complexity of securing data across the enterprise without requiring any changes to existing applications and databases.”
Database Firewall Documentation Release 5.0
Price – 17/09/2011
Database Firewall :
Processor License = $5,000.00
Software Update License & Support = $1,100.00