To address threats like SQL injections, Oracle Database Firewall establishes a defensive perimeter around databases, while monitoring and enforcing normal application behaviour in real-time to help prevent SQL injection attacks as well as unauthorized attempts to access sensitive information.
According to the most recent IOUG Data Security Survey, only 36 percent of respondents have taken steps to ensure their applications are not subject to SQL injection attacks.
Oracle Database Firewall now protects MySQL databases against data breaches without requiring any changes to existing applications, the database infrastructure or the existing operating system of the target database.
To enhance reporting capabilities, Oracle Database Firewall introduces a new reporting infrastructure for running and modifying the layout of existing reports. Oracle Business Intelligence Publisher customers can take advantage of all capabilities offered for authoring, managing, and delivering highly formatted documents that can be designed using familiar desktop products.
Featuring dozens of prebuilt and customizable reports, this new release of Oracle Database Firewall introduces 10 new out-of-the-box reports to further help organisations comply with privacy and regulatory mandates such as Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry (PCI) Data Security Standard (DSS) and Sarbanes-Oxley (SOX).
This new release of the Oracle Database Firewall also offers a new proxy operating mode that allows customers even greater flexibility in deploying it on the network. In addition, new 'multi-core' management capabilities offer administrators fine-grained control over the resources allocated to protect specific databases for even greater scalability.
To ensure that customers can adopt a defense-in-depth strategy, Oracle Database Firewall is now also integrated with Oracle Advanced Security allowing encrypted traffic to Oracle Databases to be monitored for potential threats.
Part of Oracle's comprehensive portfolio of database security solutions, Oracle Database Firewall complements Oracle Advanced Security, Oracle Audit Vault and Oracle Database Vault. Together, the products support Oracle's commitment to provide customers with the most comprehensive and advanced security offerings that help reduce the costs and complexity of securing their business information across the enterprise.
"Organisations can further enhance enterprise database security with Oracle Database Firewall", stated Vipin Samar, vice president of Database Security, Oracle. "With new MySQL support, Oracle Database Firewall extends the combination of databases that organizations can secure across their enterprise. The improved reporting capabilities automate time-consuming regulatory compliance reporting functions."
"Oracle Database Firewall examines SQL traffic, creating a specific perimeter around databases", stated Martin Kuppinger, Founder and Principal Analyst, KuppingerCole. "Based on its grammar-based analytical approach and a well thought out and efficiently manageable policy approach, organizations can relatively quickly implement Oracle Database Firewall while minimizing the risk of disruption to database applications."
"Since most customers are at risk of SQL injection attacks, the Oracle Database Firewall provides much needed security", stated Andy Flower, President of the Independent Oracle User Group (IOUG). "Oracle Database Firewall is an example of the necessary first line of defense for large and small customers that can monitor database activity and block threats before they even reach the database. This new release shows Oracle listens to the customer community with inputs like the IOUG Security Survey. I'm sure our members are pleased with Oracle's commitment to investing in securing Oracle and non-Oracle databases."