A Firewall for your Database —First Line of Defense

Α Firewall specifically for your databases offers a New Line of Defense – Monitor Database Activity in Real-Time and Help Prevent Unauthorized External and Internal Attacks.
Now available, Oracle Database Firewall establishes a defensive perimeter around databases, monitoring and enforcing normal application behavior in real time, helping to prevent SQL injection attacks and unauthorized attempts to access sensitive information.

“Evolving threats to databases require enterprises to look at new security solutions,” says Vipin Samar, vice president of database security, Oracle. “Oracle Database Firewall offers organizations a first line of defense that can stop internal and external attacks from reaching databases. Easy to deploy and manage, Oracle Database Firewall helps reduce the costs and complexity of securing data across the enterprise without requiring any changes to existing applications and databases.”

Using innovative SQL grammar analysis technology, Oracle Database Firewall examines SQL statements sent to the database and determines with high accuracy whether to pass, log, alert, block, or substitute SQL statements based on predefined policies.

  • White list policies refer to the approved SQL statements the firewall will pass through as normal while the rest can be blocked.
  • Black list policies refer to the list of unauthorized SQL statements that are blocked specifically.
  • Exception policies offer the flexibility to override applicable security policies to support patching, custom batch jobs, and/or break-glass administrative controls.
  • Policies utilize attributes such as time of day, IP address, application, user, and SQL category.

Simple to deploy, Oracle Database Firewall does not require any changes to existing applications, the database infrastructure, or the existing operating system of the target database. Oracle Database Firewall can be deployed in-line on the network for both blocking and monitoring or out-of-band for monitoring-only mode.

The Oracle Database Firewall is a complete software solution that runs on Intel-based hardware and can easily scale to support large numbers of database servers. With dozens of prebuilt and customizable reports, the Oracle Database Firewall helps organizations comply with privacy and regulatory mandates such as Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), and Health Insurance Portability and Accountability Act (HIPAA).
Oracle Database Firewall is available today for use with Oracle Database 11g and previous releases, but also for use with

    IBM DB2 for Linux, UNIX and Windows (versions 9.x);
    Microsoft SQL Server 2000, 2005 and 2008;
    Sybase Adaptive Server Enterprise (ASE) (versions 12.5.4 to 15);
    and,Sybase SQL Anywhere V10.

As part of Oracle’s comprehensive portfolio of database security solutions, Oracle Database Firewall complements Oracle Advanced Security, Oracle Audit Vault and Oracle Database Vault.

Relevant Resources

About Oracle Database Firewall
Read the Oracle Database Firewall Data Sheet
Read the Oracle Database Firewall White Paper
Access the Oracle Database Firewall Resource Kit
About Oracle Database Security