Home » RDBMS Server » Security » Oracle® Database Firewall Now Available (First Line of Defense for Databases)
Oracle® Database Firewall Now Available [message #494447] Mon, 14 February 2011 12:35
Frank Naude
Messages: 4571
Registered: April 1998
Senior Member
Oracle today announced the availability of Oracle® Database Firewall to help organizations prevent sophisticated internal and external attacks from reaching their enterprise databases.

Oracle Database Firewall establishes a defensive perimeter around databases, monitoring and enforcing normal application behavior in real-time, helping to prevent SQL injection attacks and unauthorized attempts to access sensitive information.

Using innovative SQL grammar analysis technology, Oracle Database Firewall examines SQL statements sent to the database and determines with high accuracy whether to pass, log, alert, block or substitute SQL statements based on pre-defined policies including:

  • White list policies that refer to the approved SQL statements the firewall will pass through as normal while the rest can be blocked;
  • Black list policies refer to the list of unauthorized SQL statements that are blocked specifically;
  • Exception policies offer the flexibility to override applicable security policies to support patching, custom batch jobs, and/or break-glass administrative controls; and,
  • Policies utilizing attributes such as time of day, IP address, application, user, and SQL category.

Oracle Database Firewall is available for use with:

  • Oracle Database 11g and previous releases;
  • IBM DB2 for Linux, UNIX and Windows (versions 9.x);
  • Microsoft SQL Server 2000, 2005 and 2008;
  • Sybase Adaptive Server Enterprise (ASE) (versions 12.5.4 to 15); and,
  • Sybase SQL Anywhere V10.

For details, see http://www.oracle.com/us/corporate/press/313230
Previous Topic: Audit vault vs Database Vault
Next Topic: To Find All The 'Failed Log Ins' Through Audit Report
Goto Forum:

Current Time: Thu Aug 18 00:28:15 CDT 2022