Database Insider Edition
Oracle Corp
June 2012 Stay Connected: TwitterFacebookYoutubeBlog
Back to the main page
New Independent Report Endorses Oracle Database Firewall

In a new KuppingerCole Product Research Note, Martin Kuppinger concludes that Oracle Database Firewall "should definitely be evaluated and is among the recommended products in the database security market segment."

First Line of Defense
Oracle Database Firewall—part of Oracle’s defense in-depth approach to data security— helps defend against SQL injection attacks and provides "a first line of defense for databases by analyzing database traffic before it reaches the database," writes Kuppinger. Its ability to recognize the intention of the SQL along with the accuracy for analyzing SQL statements "reduces false alarms of a SQL injection to near zero," Kuppinger finds.

In particular, the report calls out key Oracle Database Firewall highlights.
  • A policy-driven approach to filtering SQL traffic
  • Support for heterogeneous database environments
  • Key element of integrated, layered database security/governance
  • Support for inline and out-of-band monitoring
  • A white-list-centric approach to ensure no false positives
Superior Accuracy
Kuppinger adds, "Unlike most other products in that area, Oracle Database Firewall accurately analyzes database activity traffic over the network with very little latency, and thus is able to intercept and prevent unauthorized database activities."

The report goes on to highlight a key difference in Oracle Database Firewall functionality. "The specific strength of the product is the strong implementation of the technology used for analyzing the SQL statements, which combines accuracy and performance."

Quick to Implement, Easy to Manage
According to Kuppinger, Oracle Database Firewall is also quick to implement and easy to manage.

"Based on its grammar-based analytical approach and a well-thought and efficiently manageable policy approach, organizations can relatively quickly implement the product while minimizing the risk of disruptiveness to database applications," Kuppinger writes.

Read the full KuppingerCole report now.

Back to Top
Oracle Information InDepth newsletters bring targeted news, articles, customer stories, and special offers to business people who want to find out how to streamline enterprise information management, measure results, improve business processes, and communicate a single truth to their constituents.

Please send questions or comments to

For answers to questions about subscribing, unsubscribing, and managing your Oracle e-mail communications preferences, please see the Oracle E-Mail Communications page.

Copyright © 2012, Oracle Corporation and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

This document is provided for information purposes only, and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor is it subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission.