DataSunrise Firewall for Percona Database Security

Percona Server security solution by DataSunrise is a security solution against different types of attacks unauthorized access to sensitive data. It helps to comply with regulatory standards and detect system vulnerabilities as well as malicious insider activities. Firewall intercepts SQL commands and blocks or modify them if the violate any security rule defined by administrators. Software is easy to deploy and doesn’t cripple database performance.

Tech Info

Percona Server security solution by DataSunrise is an open-source fully compatible replacement for MySQL that provides advanced scalability, performance and instrumentation. It protects your database on Percona Server against various security threats. Our firewall filters the network traffic according to policies defined by administrators.

At the early stages of deployment DataSunrise functions in a self-learning mode. It examines incoming traffic and creates a whitelist of approved SQL commands typical for certain environment. Further on, only queries that match the whitelist are allowed to pass through to database. Firewall blocks all the other commands and notifies the administrators about suspicious activity.

proxy-01

Detailed information about approved/blocked queries and results of their execution is logged for further analysis. Privileged users can pose a threat as well, that’s why configuration or rule changes are also protocoled. There is an opportunity to prevent account sharing and to block queries containing defined SQL statements or coming from certain applications, hosts. Access can be restricted to defined elements of the database (tables, columns, stored procedures, schemas).

Percona firewall by DataSunrise provides assistance in complying with privacy and security mandates (SOX, PCI-DSS, HIPAA, etc.) established by government and regulatory agencies.

Firewall detects and blocks attempts of malicious code execution exploiting different vulnerabilities including SQL injections (Boolean and Union exploitation, time delay exploitation, out-of-band exploitation, automated exploitation).

Percona Server security solution by DataSunrise runs transparently, no changes are required to database applications. All features of our product are operated via user-friendly graphical interface, customizable setting of which allow to automate security processes intended to protect Percona Server databases against external attacks and inside vulnerabilities.

Related Articles