Oracle has just announced a brand new database security product, named Oracle Database Firewall. Oracle Database Firewall is the name for the database activity monitoring capability previously offered by Secerno, the British firm, which was recently acquired by Oracle. Oracle seems to be on solid ground when it claims that the new product provides zero day protection from security threats, because the tool works in real time by working not within the database itself, but by monitoring database activity at the network level. With Secerno’s acquisition and the consequent unveiling of the Database Firewall product, Oracle has put itself on equal or even better footing with IBM, which gained significant database activity monitoring (DAM) capabilities from its acquisition of Guardium in 2009.
The announcement of the Oracle Database Firewall feature enhances Oracle’s already substantial investments in strengthening security through its Fusion Middleware (Identity and Access Management) products. An interesting point to note is that the Oracle Database Firewall isn’t limited to securing data in just Oracle databases – it offers heterogeneous database support. So, if you have critical data in a Microsoft SQL Server database, the data firewall protects that data as well, all without any changes to your database or application configuration.
Oracle Database Firewall is an exciting new addition to Oracle’s already formidable suite of security related products and is one more example of how you could enhance data security by adopting Oracle’s “defense in depth” strategy. In this case, the data firewall surrounds your databases with a protective parameter. Oracle Database Firewall works by using signatures or patterns in the hundreds of thousands of SQL statements that constantly traverse the network on their way to the database. It uses sets of both positive (acceptable) and negative (unacceptable) security models to identify suspicious looking SQL statements. The data firewall accurately detects anomalies and prevents the database from executing any unauthorized SQL statements. The feature promises to successfully deny well known database attack strategies such as SQL Injection and privilege escalation. You can sleep better at night, knowing that the bad guys are going to stopped before they can even get to the database!