DataSunrise Database Firewall for Apache Hive
Apache Hive is an open-source data warehouse infrastructure for summarization, query, and analysis of large datasets stored in Hadoop. Hive security solution by DataSunrise provides real-time protection against hacker attacks and insider threats for Hive databases.
Hive firewall by DataSunrise allows administrators to define security policies that monitor and control how users access database objects. Rules provide a range of parameters according to which queries can be blocked or modified:
- name, instance and type of the target database;
- signs of containing SQL injection (OR, UNION statements, constant expression, double queries, comments, keywords in comments);
- certain database elements (tables, schemas, stored procedures, columns);
- certain client application or IP address.
Proxy mode doesn’t cripple database performance and has a minimal impact on the application layer. As an intermediary between server and users Hive firewall by DataSunrise captures all SQL commands, compares them with security rule attributes and blocks or modifies them in case of a policy violation. There is an optional feature to alert about a certain rule that has been triggered by email. Notifications allow administrators timely respond to upcoming threats and prevent malicious actions of privileged users. Detailed logs containing information about queries and results of their execution helps to detect malicious users and database and application vulnerabilities.
Learning mode helps at firewall deployment stage. It analyzes user operations and generates a whitelist of typical SQL statements that are assumed to be safe. It simplifies further customization of a firewall and prevents false triggering.
Hive security solution by DataSunrise effectively protects Apache Hive database from data loss, theft, and attacks.