Oracle Database Firewall

Oracle Database Firewall - the specialized firewall, the first in the history of Oracle, for databases. The new technology helps to control traffic in a DB and prevents attacks on database servers of Oracle and other brands. It is remarkable that the new product of Oracle is development of the technologies purchased together with Secerno company in 2010.

The circle of problems of a packet of Oracle Database Firewall includes monitoring of invasions in real time, tracking of the SQL attacks and any attempts use of access rights to a DB not to destination. The packet of Oracle Database Firewall creates the first echelon of defense which will stop the internal and external attacks far from perimeter of databases for the organizations.

The Oracle company assures that the new firewall is convenient for databases in deployment and management. According to the producer, the new product helps to reduce the costs and difficulties connected with data protection on all enterprise in general without requiring any changes in existing applications and DB. A core of a packet of Oracle Database Firewall is the technology which in Oracle company is called the grammatical analysis of the SQL code – this technology reveals attacks on a DB by tracking and classification of millions of SQL expressions and also due to identification of aberrant behavior. Also the system of "black" and "white" lists is used to minimize threat.

Some experts note that the market of tools for protection of databases at the application layer is crowded, and the Oracle company has absolutely brief experience in this case. Besides, the usefulness of the solution Oracle Database Firewall in environments with a set of the DB different servers from different suppliers is not up to the end clear. When in network only Oracle DBMS are used, then the benefit of purchase of all solutions from one supplier is obvious. Anyway, the new product of Oracle supports work with Oracle Database 11g and older versions, with DBMS IBM DB2 for the Linux, Unix and Windows platforms and also with Microsoft SQL Server DBMS 2000, 2005 and 2008 and DBMS of production Sybase.

At the beginning of 2012 the Oracle corporation submitted the new version of a product for network security of Oracle Database Firewall designed to help the companies to prevent more effectively internal and external attacks on corporate databases. The new version includes support MySQL of the Enterprise Edition database in addition to Oracle Database 11g and the previous versions DBMS and also IBM DB2 Linux Unix Windows Microsoft SQL Server, Sybase Adaptive Server Enterprise (ASE) and Sybase SQL Anywhere. The new version of Oracle Database Firewall also offers the advanced means of report generation, including the new reports created for fulfillment of requirements of regulating authorities.

"With Oracle Database Firewall of the company will be able to strengthen protection of corporate databases even more — Vipin Samar, the vice president of Oracle for security technologies of databases noted. — Introduction of support of MySQL expands a range of corporate databases for which protection it is possible to use Oracle Database Firewall, and the improved means for work with reports automate labor-intensive processes of their creation according to normative to requirements".

To prevent the attacks like SQL injection (SQL injection) and attempts of unauthorized access to confidential information, Oracle Database Firewall creates protective perimeter around databases, performing monitoring of network traffic in real time and supporting normal functioning of applications. Thus, now Oracle Database Firewall also protects the MySQL databases from date leak and at the same time does not require entering of any changes into existing applications, infrastructure of the database or the used operating system of a destination database, emphasized in Oracle.

"Oracle Database Firewall creates special perimeter around the database for check of traffic of SQL — Martin Kuppinger, the founder and the top analyst of KuppingerCole company explained. — Thanks to the grammatical analysis and also carefully thought over and effectively managed approach with use the politician of the company can implement rather quickly Oracle Database Firewall and at the same time minimize risk of violation of operation of applications of databases".

At the same time, to expand possibilities of creation of reports, Oracle Database Firewall provides the new infrastructure intended for work with the available reports and their modification. Users of Oracle Business Intelligence Publisher will be able to implement all advantages of functions of creation, processing and sending documents now with strictly set format with which it is possible to work, using usual applications for the desktop systems, noted in Oracle.

The new version of Oracle Database Firewall contains tens of previously configured report templates. Besides, in it it is provided 10 new templates, ready to use, which will help the companies to provide observance of requirements of legal acts and other regulatory requirements for security and confidentiality of information (such as law "About a Peremeshchayemost and Accountability of Health Care Insurance" (HIPAA), information protection standard to the industries of payment cards (PCI DSS) or "Sarbanes-Oxley's act" (SOX)).

Besides, the updated Oracle Database Firewall offers the new mode of the proxy server which will provide to customers still big flexibility when using in network. Besides, the new management tools optimized for multicore systems give to administrators additional opportunities for detailed control over the resources selected for protection of specific databases that provides higher scalability claim in Oracle.

To guarantee to customers a possibility of implementation of strategy of echelon protection (defense-in-depth), Oracle Database Firewall is integrated also now with the solution Oracle Advanced Security (ASO) which allows to use protection of traffic for Oracle databases for the purpose of identification of potential threats.

"As most of customers is exposed to risk of the attacks like SQL injection, Oracle Database Firewall strengthens means of protecting — said Andy Flower, the president of the international user group of Oracle (IOUG). — Oracle Database Firewall is an example of an effective first defense line for customers from large and small business. The solution is capable to conduct monitoring of transactions with the database and to block threats still before they begin to influence it".

Let's note that Oracle Database Firewall is a part of a complex solution package of Oracle for security of databases and supplements Oracle Advanced Security, with Oracle Audit Vault and Oracle Database Vault.

The Oracle corporation announced in February, 2012 the new version of a product for ensuring network security of Oracle Database Firewall. It is reported that in addition to such DBMS as Oracle Database 11g (and other versions of this DBMS), IBM DB2 of Linux Unix Windows, Microsoft SQL Server, Sybase Adaptive Server Enterprise (ASE) and Sybase SQL Anywhere, the new version includes support of MySQL Enterprise Edition DBMS.

To expand possibilities of creation of reports, Oracle Database Firewall implements the new infrastructure intended for work with the available reports. Users of Oracle Business Intelligence Publisher will be able to implement advantages of functions of creation, processing and sending documents with the set format with which it is possible to work, using usual applications for the desktop systems.

The new version of Oracle Database Firewall contains tens of previously configured report templates. In it 10 new templates which will help to provide observance of requirements of legal acts and other regulatory requirements for security and confidentiality of information, such as HIPAA, PCI DSS and SOX are also provided.

The new version of Oracle Database Firewall implements more convenient mode of the proxy server. The new management tools optimized for multicore systems give to administrators additional opportunities for control of the resources selected for protection of specific databases.

To provide sales opportunity of strategy of echelon protection (defense-in-depth), Oracle Database Firewall is integrated now with the solution Oracle Advanced Security which allows to use protection of traffic for the purpose of identification of potential threats.