Oracle has introduced new Database Firewall offering that prevents sophisticated internal and external attacks from reaching an enterprise database.
The new Database Firewall offering forms a defensive perimeter around databases, monitoring and enforcing normal application behavior in real-time, helping to prevent SQL injection attacks and unauthorised attempts to access sensitive information.
The offering uses SQL grammar analysis technology to examine SQL statements sent to the database and determines with accuracy whether to pass, log, alert, block or substitute SQL statements based on pre-defined policies.
The new offering’s pre-defined policies include white list policies that refer to the approved SQL statements the firewall will pass through as normal while the rest can be blocked; and black list policies refer to the list of unauthorised SQL statements that are blocked specifically.
In addition, exception policies offer the flexibility to override applicable security policies to support patching, custom batch jobs, and/or break-glass administrative controls; and policies utilising attributes such as time of day, IP address, application, user, and SQL category, said the company.
The new Database Firewall can be deployed in-line on the network for both blocking and monitoring or out-of-band for monitoring-only mode; and runs on Intel-based hardware, and can scale to support large numbers of database servers.
Oracle said that the new offering is available with its Database 11g and previous releases; DB2 for Linux, UNIX and Windows (versions 9.x); Microsoft SQL Server 2000, 2005 and 2008; Sybase Adaptive Server Enterprise (ASE) (versions 12.5.4 to 15); and Sybase SQL Anywhere V10.
Further, the Database Firewall complements the company’s Advanced Security, Audit Vault and Database Vault.
Oracle database security vice-president Vipin Samar said Database Firewall offers organisations a first line of defense that can stop internal and external attacks from reaching databases.
"Easy to deploy and manage, Oracle Database Firewall helps reduce the costs and complexity of securing data across the enterprise without requiring any changes to existing applications and databases," Samar said.
