New Release of Oracle® Database Firewall Extends Support to MySQL and Enhances Reporting Capabilities
Redwood Shores, Calif. – January 9, 2012
In an effort to assist organizations further prevent internal and external attacks from reaching their enterprise databases, Oracle today announced a new release of Oracle® Database Firewall which introduces support for MySQL Enterprise Edition, complementing previously announced support for Oracle Database 11g and earlier releases, IBM DB2 Linux Unix Windows, Microsoft SQL Server, Sybase Adaptive Server Enterprise (ASE) and Sybase SQL Anywhere.
This latest release of Oracle Database Firewall also features new reporting capabilities including new reports that help to further address regulatory compliance.
Network-Based Security Software Helps Prevent Attacks from Reaching Databases
To address threats like SQL injections, Oracle Database Firewall establishes a defensive perimeter around databases, while monitoring and enforcing normal application behavior in real-time to help prevent SQL injection attacks as well as unauthorized attempts to access sensitive information.
According to the most recent IOUG Data Security Survey, only 36 percent of respondents have taken steps to ensure their applications are not subject to SQL injection attacks. (1)
Oracle Database Firewall now protects MySQL databases against data breaches without requiring any changes to existing applications, the database infrastructure or the existing operating system of the target database.
To enhance reporting capabilities, Oracle Database Firewall introduces a new reporting infrastructure for running and modifying the layout of existing reports. Oracle Business Intelligence Publisher customers can take advantage of all capabilities offered for authoring, managing, and delivering highly formatted documents that can be designed using familiar desktop products.
Featuring dozens of prebuilt and customizable reports, this new release of Oracle Database Firewall introduces 10 new out-of-the-box reports to further help organizations comply with privacy and regulatory mandates such as Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry (PCI) Data Security Standard (DSS) and Sarbanes-Oxley (SOX).
This new release of the Oracle Database Firewall also offers a new proxy operating mode that allows customers even greater flexibility in deploying it on the network. In addition, new 'multi-core' management capabilities offer administrators fine-grained control over the resources allocated to protect specific databases for even greater scalability.
To ensure that customers can adopt a defense-in-depth strategy, Oracle Database Firewall is now also integrated with Oracle Advanced Security allowing encrypted traffic to Oracle Databases to be monitored for potential threats.
“Organizations can further enhance enterprise database security with Oracle Database Firewall,” said Vipin Samar, vice president of Database Security, Oracle. “With new MySQL support, Oracle Database Firewall extends the combination of databases that organizations can secure across their enterprise. The improved reporting capabilities automate time-consuming regulatory compliance reporting functions.”
“Oracle Database Firewall examines SQL traffic, creating a specific perimeter around databases,” said Martin Kuppinger, Founder and Principal Analyst, KuppingerCole. “Based on its grammar-based analytical approach and a well thought out and efficiently manageable policy approach, organizations can relatively quickly implement Oracle Database Firewall while minimizing the risk of disruption to database applications.”
“Since most customers are at risk of SQL injection attacks, the Oracle Database Firewall provides much needed security," said Andy Flower, President of the Independent Oracle User Group (IOUG). "Oracle Database Firewall is an example of the necessary first line of defense for large and small customers that can monitor database activity and block threats before they even reach the database. This new release shows Oracle listens to the customer community with inputs like the IOUG Security Survey. I'm sure our members are pleased with Oracle's commitment to investing in securing Oracle and non-Oracle databases.”