Product Report: Oracle Database Firewall - 70339

Oracle Database Firewall is part of Oracle’s defense in depth approach to security, providing a first line of defense for databases by analyzing database traffic before it reaches the database. Oracle Database Firewall expands Oracle’s solutions for heterogeneous databases, supporting Oracle Database, SQL Server, IBM DB2 LUW, and Sybase ASE. MySQL support was introduced in the most recent release. Unlike most other products in that area, Oracle Database Firewall accurately analyzes database activity traffic over the network with very little latency and thus is able to intercept and prevent unauthorized database activities based on pre-defined policies. Oracle Database Firewall defends against SQL Injection attacks and is complementary to Oracle Database Vault and Oracle Audit Vault.

Oracle Database Firewall is a software appliance that includes a hardened version of Oracle Enterprise Linux. The product focuses on SQL traffic over the network and supports a wide variety of databases from different vendors such as Microsoft, IBM, and Sybase. The product supports inline monitoring where requests are filtered in real-time and out-of-band monitoring where intercepting SQL traffic is not feasible or required for the business. Monitored SQL statements can be logged, intercepted or substituted with “good” SQL statements according to defined policies.