Database Security: Oracle Database firewall technology

Oracle Database firewall technology is an advanced database in-depth defense system developed by Oracle. It provides a series of database security products that implement access control based on data encryption and shielding, and monitors activities in the entire data environment in real time to achieve Three-dimensional data protection.

The network-based security software monitoring information flow of Oracle Database firewall protects Oracle and non-Oracle databases from attacks. It establishes a perimeter protection circle around the database, monitors various application activities in real time, allows normal application activities, and helps prevent SQL injection attacks and unauthorized access to sensitive information.

Figure 1 What is a database firewall?

Oracle Database Firewall uses innovative SQL syntax analysis technology to check the SQL statements sent to the database, the pre-developed policies determine whether to allow an SQL statement to pass and whether to record, prohibit, or replace an SQL statement. This decision has a very high accuracy rate. Pre-developed policies include:

Whitelist policy: When an SQL statement recognized by the list is met, the firewall regards it as a normal statement to allow it to pass, and other statements are not allowed to pass;

Blacklist policy, specifically prohibiting unauthorized SQL statements from passing through the list;

The exception policy allows you to flexibly invalidate applicable database security policies to support software patching, customized batch operations, and/or broken glass management control;

Policies that use various attributes, such as the time, IP address, application, user, and SQL attributes of a day.

Figure 2 Why database firewall is required?

The Oracle Database firewall is simple and easy to deploy. It can be deployed online on the network without any adjustments to the existing applications, database infrastructure, or the current operating system of the target database, both the prohibited and monitoring modes can be adopted, or the only monitoring system external mode can be used.

Figure 3 quick and flexible deployment of Oracle Database Firewall

Oracle Database firewall can run on Intel processor-based hardware and can be easily expanded to support a large number of database servers. It is equipped with many preset And customizable reports to help enterprises meet various privacy and control laws and regulations requirements, such as the payment card industry (PCI) database security standard (DSS), USA Sarbanes-Oxley Act (SOX) and us HIPAA act.

Oracle Database firewall can be used with the following databases:

Oracle Database 11 GB and earlier versions;

IBM DB2 for Linux, UNIX, and Windows (9.x;

Microsoft SQL Server 2000, 2005, and 2008;

Sybase Adaptive Server Enterprise (ASE) (versions 12.5.4 to 15 );

Sybase SQL Anywhere V10.

Figure 4 rich report functions of Oracle Database Firewall

The description of the Oracle database firewall technology in database security is over. I hope the readers can understand it.