Skip Links

Oracle Database Firewall defuses SQL injection attacks

RSA Conference news: Firewall management platform creates aggregate compliance reports

By , Network World
February 14, 2011 04:13 PM ET

Network World - Oracle is using the RSA Conference this week to launch a database firewall designed to block suspicious traffic.

Oracle Database Firewall understands SQL-statement formats, and can be configured to blacklist and whitelist traffic based on source.

PRODUCT ROUNDUP: Hot products from RSA 2011 

LEARN MORE: Amazon to offer Oracle's database in the cloud

When it detects suspicious statements within SQL traffic -- ones that might indicate SQL injection attacks, for example -- it can replace them with neutral statements that will keep the session running without allowing potentially harmful traffic through, the company says.

The platform can also create compliance and security reports in a common format for security auditors checking on database defenses.

Firewall policies can be set by a number of factors including time of day, IP address and user name.

Separately, Oracle sells a management server that reads all database firewall logs and can create aggregate reports.

Oracle Database Firewall costs $5,000 per processor of the target database servers it protects. The management server costs $57,500 per processor of the firewall servers it oversees.

Read more about security in Network World's Security section.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News