Using Oracle Database Firewall

We’re all familiar with network firewalls, which prevent unauthorized access to your network from external sources. However, network firewalls don’t protect your databases from malicious attacks, which sometimes come disguised as privileged internal users. Web applications are a major source of data attacks, through stratagems such as SQL Injection, for example.

Oracle’s Database Firewall (a product Oracle gained through its acquisition of Secerno, a British firm, in 2010) offers a solid defensive perimeter to monitor and enforce accepted behavior on part of the applications. Web applications are notoriously hard to sanitize and harden against data attacks – the database firewall, on the other hand, can easily help protect you against SQL Injection, which, by the way, is a common web application based data attack that’s experienced by over 45% of companies that let users access their web applications on the internet.

Oracle Database Firewall is software that monitors SQL statements headed towards the database and applies security policies to those statements. These security policies could be based on white lists, black lists or exception lists. A white list specifies approved SQL statements, a black list contains all unapproved SQL statements and an exception list contains exceptions that override a white list or a black list policy. Using advanced “SQL grammar analysis”, the security policies, based on SQL type, time of day, user, IP address and other variables, scan all prospective SQL statements, allowing only safe code to run in the database.

Best of all, from the point of view of organizations dealing with mandates such as Sarbanes-Oxley, PCI-DSS and HIPAA,  it is very easy to generate custom reports with the Database Firewall product, to help in your compliance efforts. You can deploy multiple database firewalls for availability and use the Oracle Database Firewall Management Server to manage security policies, consolidate data and generate reports for the multiple firewalls you install. All in all, the Oracle Database Firewall is a very solid product that all security administrators, CISO’s and CIOs must take a close look at, if they are in the business of trying to provided fool proof data security. By the way, Oracle Database Firewall can protect data not just in an Oracle database, but in all other databases such as DB2, SQL Server, etc.

Leave a Comment

Your email address will not be published. Required fields are marked *


Contact Us

If you have an urgent question regarding your software licensing or a software audit, please contact Miro right away.

(732)738–8511 x1208
Use the chat box on the right

About Us

Miro is a leading global provider of software asset management services, specializing in license management, audit advisory, negotiation tactics, support management, and cloud services. We help our clients maximize ROI on their software license investments, stay in compliance, and minimize the impact of audits. Miro's performance guarantee promises that our long-tenured, diverse, and passionate team of expert analysts provides insightful and actionable advice to help our clients achieve the best possible outcomes.