Data base Firewall

Home
Data base Firewall

April 18, 2021

Data base Firewall

OVERVIEW

Unrivaled Database Protection

You can’t keep your organization secure if you don’t have control over what’s happening in your database. SecureSphere Database Firewall keeps your organization out of the news with data center security that can see all traffic, reduce exposure of unpatched database servers, and stop advanced targeted attacks. Database Firewall helps you avoid expensive breaches by effectively protecting databases from attacks, data loss, and theft.

Database Firewall Specifications

SPECIFICATION	DESCRIPTION
Supported Database Platforms	Oracle Oracle Exadata Microsoft SQL Server IBM DB2 (on LUW, z/OS and DB2/400) IBM IMS on z/OS IBM Informix IBM Netezza SAP Sybase Teradata Oracle MySQL PostgreSQL Progress OpenEdge
Deployment Modes	Network: Non-inline sniffer, transparent bridge Host: Light-weight agents (local or global mode) Agentless collection of 3rd party database audit logs
Performance Overhead	Network monitoring – Zero impact on monitored servers Agent based monitoring – 1-3% CPU resources
Centralized Management	Web User Interface (HTTP/HTTPS) Command Line Interface (SSH/Console)
Centralized Administration	MX Server for centralized management Integrated management option Hierarchical management
Database Audit Details	SQL operation (raw or parsed) SQL response (raw or parsed) Database, Schema and Object User name Timestamp Source IP, OS, application Parameters used Stored Procedures
Privileged Activities	All privileged activity, DDL and DCL Schema Changes (CREATE, DROP, ALTER) Creation, modification of accounts, roles and privileges (GRANT, REVOKE)
Access to Sensitive Data	Successful and Failed SELECTs All data changes
Security Exceptions	Failed Logins, Connection Errors, SQL errors
Data Modification	INSERTs, UPDATEs, DELETEs (DML activity)
Stored Procedures	Creation, Modification, Execution
Triggers	Creation and Modification
Tamper-Proof Audit Trail	Audit trail stored in a tamper-proof repository Optional encryption or digitally signing of audit data Role based access controls to view audit data (read-only) Real-time visibility of audit data
Fraud Identification	Unauthorized activity on sensitive data Abnormal activity hours and source Unexpected user activity
Data Leak Identification	Requests for classified data Unauthorized/abnormal data extraction
Database Security	Dynamic Profile (White List security) Protocol Validation (SQL and protocol validation) Real-time alerts
Platform Security	Operating system intrusion signatures Known and zero-day worm security
Network Security	Stateful firewall DoS prevention
Policy Updates	Regular Application Defense Center security and compliance updates
Real-Time Event Management and Report distribution	SNMP Syslog Email Incident management ticketing integration Custom followed action SecureSphere task workflow Integrated graphical reporting Real-time dashboard
Server Discovery	Automated discovery of database servers
Data Discovery and Classification	Database servers Financial Information Credit Card Numbers System and Application Credentials Personal Identification Information Custom data types
User Rights Management (add-on option)	Audit user rights over database objects Validate excessive rights over sensitive data Identify dormant accounts Track changes to user rights
Vulnerability Assessment	Operating System vulnerabilities Database vulnerabilities Configuration flaws Risk scoring and mitigation steps

Key Capabilities

REDUCE SECURITY RISK BY SEEING ALL TRAFFIC

You can confidently identify suspicious behavior and perform forensic investigations with SecureSphere, knowing that you have the all the facts. Even with a high volume of database traffic, SecureSphere Database Security solutions operate like a video camera, seeing all relevant activity in real-time. Products that take periodic samples create something more like a snapshot than a video, resulting in security and evidence gaps.

STOP ADVANCED TARGETED ATTACKS

SecureSphere provides a powerful defense against advanced targeted attacks. Conventional defenses like intrusion prevention systems (IPS) and anti-virus (AV) are ineffective against these advanced attacks. Imperva integrates with leading anti-malware solutions to isolate malware-infected devices and prevent them from accessing sensitive data and applications.

PROTECT IN REAL-TIME

Stopping attacks in real-time is the only effective way to prevent hackers from getting to your data. SecureSphere monitors database activity in real-time and analyzes database traffic, looking for attacks at the protocol and OS level, as well as unauthorized SQL activity. For added protection against sophisticated application attacks, SecureSphere offers an integrated Web Application Firewall.

REDUCE YOUR WINDOW OF EXPOSURE TO ATTACKS

Typically, months elapse between when a database vulnerability is discovered and when it can be patched. SecureSphere Database Firewall virtual patching provides immediate protection, preventing vulnerabilities from being exploited. SecureSphere Database Assessment and Database Firewall work together to identify vulnerabilities and automatically build policies that thwart them. Virtual patching buys you time so you can apply actual patches on their own schedule.

REDUCE SECURITY OPERATIONS COSTS

SecureSphere Database Security Dynamic Profiling saves you time by automating user behavior profiling. SecureSphere establishes a baseline of all user activity including: DML, DDL, DCL, read-only activity (SELECTs), and usage of stored procedures. SecureSphere identifies when users perform unexpected queries or violate access policies, and it alerts or blocks the access.