DataSunrise Database Firewall for Elasticsearch
Elasticsearch Database Firewall by DataSunrise acts as an intermediary between users and a database. This tool screens and filters the incoming and outgoing database traffic. It can block suspicious or forbidden transactions and queries in real time. Elasticsearch databases are securely protected against intrusion attempts, malicious attacks, SQL injections and insider risks.
Database Firewall from DataSunrise ensures advanced protection of Elasticsearch databases against hacker attacks and malicious insider risks. It provides the maximum level of data safety by performing deep traffic analysis and filtering. All incoming and outgoing database traffic is analyzed for compliance with the security rules. If a query matches a security rule, it is immediately blocked, the client application making this query is disconnected from the database or the session is terminated.
If you deploy DataSunrise in the proxy mode a database user is not able to access the database directly. The firewall sits between the client and the server, it monitors, filters and records queries and prevents the execution of queries infringing security policies. Each query is analyzed to match the criteria of security rules and whenever the rule is triggered, DataSunrise blocks the query. Security rules allow to filtrate database traffic according to the host, application, or database user that initiated the query, according to the target database, schema or table. It also can be changed to block specified types of DDL and DML transactions and queries that have signs of an SQL injection. DataSunrise Elasticsearch Firewall is the best protection option for your Elasticsearch databases!
The DataSunrise SQL analysis algorithms are specifically designed for continuous auditing of database activity. When the traffic is processed, the firewall analyzes queries, database traffic, etc. All information is logged and the firewall applies predefined security rules and blocks the forbidden actions.
Elasticsearch Database Firewall from DataSunrise continuously scans databases for potential threats, such as SQL injections, for example. The detection and blocking mechanisms detect malicious and harmful activity in real time and stop it.
DataSunrise Database Firewall supports all Elasticsearch database versions and runs both on Windows and Linux.