Oracle Database Firewall defuses SQL injection attacks

Oracle is using the RSA Conference this week to launch a database firewall designed to block suspicious traffic.

Oracle Database Firewall understands SQL-statement formats, and can be configured to blacklist and whitelist traffic based on source.

PRODUCT ROUNDUP: Hot products from RSA 2011

LEARN MORE: Amazon to offer Oracle's database in the cloud

When it detects suspicious statements within SQL traffic -- ones that might indicate SQL injection attacks, for example -- it can replace them with neutral statements that will keep the session running without allowing potentially harmful traffic through, the company says.

The platform can also create compliance and security reports in a common format for security auditors checking on database defenses.

Firewall policies can be set by a number of factors including time of day, IP address and user name.

Separately, Oracle sells a management server that reads all database firewall logs and can create aggregate reports.

Oracle Database Firewall costs $5,000 per processor of the target database servers it protects. The management server costs $57,500 per processor of the firewall servers it oversees.

Read more about wide area network in Network World's Wide Area Network section.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securityOracleRSA Conference

More about Amazon Web ServicesARNLANOracleRSA

Show Comments