Oracle® Database Firewall Now Available
February 2011 by Emmanuelle Lamandé
To help organizations prevent sophisticated internal and external attacks from reaching their enterprise databases, Oracle announced the availability of Oracle® Database Firewall.
Oracle Database Firewall establishes a defensive perimeter around databases, monitoring and enforcing normal application behavior in real-time, helping to prevent SQL injection attacks and unauthorized attempts to access sensitive information.
Using innovative SQL grammar analysis technology, Oracle Database Firewall examines SQL statements sent to the database and determines with high accuracy whether to pass, log, alert, block or substitute SQL statements based on pre-defined policies including:
White list policies that refer to the approved SQL statements the firewall will pass through as normal while the rest can be blocked;
Black list policies refer to the list of unauthorized SQL statements that are blocked specifically;
Exception policies offer the flexibility to override applicable security policies to support patching, custom batch jobs, and/or break-glass administrative controls; and,
Policies utilizing attributes such as time of day, IP address, application, user, and SQL category.
Oracle Database Firewall does not require any changes to existing applications, the database infrastructure or the existing operating system of the target database. Oracle Database Firewall can be deployed in-line on the network for both blocking and monitoring or out-of-band for monitoring-only mode. The Oracle Database Firewall is a complete software solution that runs on Intel-based hardware, and can easily scale to support large numbers of database servers.
Oracle Database Firewall is available today for use with:
Oracle Database 11g and previous releases;
IBM DB2 for Linux, UNIX and Windows (versions 9.x);
Microsoft SQL Server 2000, 2005 and 2008;
Sybase Adaptive Server Enterprise (ASE) (versions 12.5.4 to 15); and,
Sybase SQL Anywhere V10.