The Oracle Database Firewall enables organizations to protect their databases from internal and external attacks. Oracle Database Firewall allows unauthorised SQL traffic on the network to be monitored and blocked before reaching the database.
Database Firewall for Security and Compliance
Oracle Database Firewall monitors and enforces normal application behavior in order to avoid the increasingly sophisticated Data Centre attacks that can lead to unauthorised external access. The security control of Oracle Database Firewall helps to prevent malicious activity such as SQL injection and application bypass from reaching the database.
Next-Generation Network-based Database Security
The grammar of the SQL statements being sent to the database is analyzed by the Oracle Database Firewall which is able to determine the appropriate security policy to apply. The Oracle Database Firewall is able to identify changes in normal behavior, and block it before the attacks reach the database. This approach is highly accurate, and provides a significant degree of protection.
Flexible Security Policies
The flexible security policies of the Oracle Database Firewall include a white list, a black list, and an exception list:
• The white list includes a set of approved SQL statements which can be learned through a test environment, or over time.
• A black list includes schemas, users, tables and SQL statements which have not been approved to be sent to the database.
• The exception list gives further flexibility by allowing the organization utilizing the Oracle Database Firewall to override the white list and black list policies.
Customisable Reporting and Alerting
Oracle Database Firewall enables customization of many out of the box reports, such as the Sarbanes-Oxley (SOX) Act, Payment Card Industry Data Security Standard (PCI DSS), and Health Insurance Portability and Accountability Act (HIPAA).
Oracle Database Firewall enables real-time alerts to be set up, giving a fast response to policy exceptions.
Multiple Deployment Models
Residing on the network, Oracle Database Firewall is transparent to database servers and applications. There are several deployment models organizations can choose from in order to meet their business requirements:
• In-line blocking and monitoring mode
• In-line monitoring only mode
• Proxy blocking and monitoring mode
• Out-of-band monitoring only mode
Multiple database firewalls can be managed by the Oracle Database Firewall Management Server which also consolidates data and generates reports.