Amazon Aurora Firewall for Database Security

Amazon Aurora firewall by DataSunrise. SQL injections protection, user privilegies control. DataSunrise Database Firewall provides protection from hacker attacks to the corporate data. Protects from unauthorized access to the database resources. Firewall protects data from the inner threats (data leaks by company employees).

Tech Info

Amazon Aurora firewall by DataSunrise is an enterprise database monitoring and protection tool. It is a perfect way to ensure 24/7 database security and maintain complete control over sensitive data on premises and in the cloud. It helps organizations to ensure ultimate level of data security and stay compliant with regulatory requirements.

The firewall continuously monitors user activity and detects unusual and prohibited activity. Detailed logging ensures that DataSunrise accurately captures database activity and user behavior. Log information is used for continuous monitoring of activities and prevention of attacks, data leaks, attempts of access rights abuse, etc.

Special algorithms detect and block vulnerabilities that can be exploited by negligent or malicious insiders. This helps to control data exposure to malicious users and avoid the fundamental risk of privileged user abuse as database administrators pose a potential threat to database security as well.

The firewall is deployed as a proxy. It acts as an intermediary between client and database and dramatically reduces a database's attack surface.

proxy-01 

The firewall recognizes and blocks SQL injections in real time. It blocks the following SQL Injection techniques:

  • Union Exploitation Technique
  • Boolean Exploitation Technique
  • Out of band Exploitation technique
  • Time delay Exploitation technique
  • Automated Exploitation
  •  

    Rule conditions include the following parameters:

  • type, instance and name of the target database;
  • whether queries came from a certain client application;
  • whether intercepted queries contain certain SQL statements;
  • whether queries contain signs of SQL injection (OR and UNION statements, comments, double queries, constant expression, keyword in comments);
  • whether queries are directed to certain database elements (schemas, tables, columns, stored procedures).
  •  

    Amazon Aurora firewall by DataSunrise integrates seamlessly with third-party Security Information and Event Management solutions (SIEM). This helps to analyze database transactions and user behavior on a more advanced level. Integrated with a SIEM system DataSunrise becomes an essential part of enterprise-wide risk-management security strategy and helps organizations meet regulatory and compliance requirements.

     

    Among supported features there are:

  • All authentication mechanisms
  • Processing of SSL and TLS-encrypted traffic
  • Processing of prepared statements and multi-statements
  • Processing of Multiresultsets
  • Processing of data import operations (LOAD XML and LOAD DATA)
  • Converting binary data to text
  • Tracking of system and user-defined variables
  • Related Articles