DataSunrise Database Firewall for IBM DB2

IBM DB2, you’re using, is one of the best relational databases on the market. However, whether it’s commercial-grade version or free DB2 Express-C, it is still vulnerable to hacker attacks and insider threats. DB2 firewall by DataSunrise is the ideal solution to most data security problems. It blocks unauthorized access attempts in real time. Due to advanced threat detection algorithms, it prevents SQL injection attacks as well.

Tech Info

DB2 firewall by DataSunrise is the most complete database security solution. It offers data-centric approach to securing sensitive information on premises and in the cloud. It protects databases against any type of threat, vulnerability or security risk in real time. It stops outside and inside attacks, prevents data leakage and helps to meet regulatory compliance standards.

DataSunrise feature data auding capability. It collects and loggs information about operations performed, who and when performed the operation and all the attributes of the operation. Paired with special threat detection analysis log information it allows to capture suspicious traits signaling about potential data breach preparation.

IBM DB2 firewall by DataSunrise is deployed as proxy. It is placed between the database and clients and scans, logs and filters incoming and outgoing traffic. Every incoming and outgoing packet is analyzed for compliance with the administrator-defined security rules set. In case of a query meeting a forbidden security rule the blocking scenario includes disconnection of a client from DB or closing of the session.

proxy-01 

Special SQL analysis algorithms capture SQL injections in real time. The firewall blocks the following SQL Injection techniques:

  • Union Exploitation Technique
  • Boolean Exploitation Technique
  • Out of band Exploitation technique
  • Time delay Exploitation technique
  • Automated Exploitation
  •  

    Security rule conditions include the following parameters:

  • type, instance and name of the target database;
  • whether queries came from a certain client application;
  • whether intercepted queries contain certain SQL statements;
  • whether queries contain signs of SQL injection (OR and UNION statements, comments, double queries, constant expression, keyword in comments);
  • whether queries are directed to certain database elements (schemas, tables, columns, stored procedures).
  •  

    Among supported features there are:

  • User authentication methods (SERVER CLIENT)
  • All main data types
  • Simple single DDL and DML statements
  •  

    DataSunrise Database Firewall runs on Windows and Linux and supports IBM DB2 version 8+.

    Related Articles