DataSunrise Database Firewall for Percona Server
DataSunrise database firewall is a security solution compatible with Percona Server that prevents unauthorized access and SQL injection attempts. It helps to comply with regulatory standards and detect system vulnerabilities as well as malicious insider activities. Firewall intercepts SQL commands and blocks or modifies them if the violate any security rule defined by administrators. The software is easy to deploy and doesn’t cripple database performance.
DataSunrise database firewall protects your database on Percona Server against various security threats. Our firewall filters the network traffic according to policies defined by administrators.
At the early stages of deployment DataSunrise functions in a self-learning mode. It examines incoming traffic and creates a whitelist of approved SQL commands typical for certain environment. Further on, only queries that match the whitelist are allowed to pass through to the database. Firewall blocks all the other commands and notifies the administrators about suspicious activity.
Detailed information about approved/blocked queries and results of their execution is logged for further analysis. Privileged users can pose a threat as well, that’s why configuration or rule changes are also protocoled. There is an opportunity to prevent account sharing and to block queries containing defined SQL statements or coming from certain applications, hosts. Access can be restricted to defined elements of the database (tables, columns, stored procedures, schemas).
DataSunrise firewall provides assistance in complying with privacy and security mandates (SOX, PCI-DSS, HIPAA, etc.) established by government and regulatory agencies.
The firewall detects and blocks attempts of malicious code execution exploiting different vulnerabilities including SQL injections (Boolean and Union exploitation, time delay exploitation, out-of-band exploitation, automated exploitation).
DataSunrise database firewall compatible with Percona Server runs transparently, no changes are required to database applications. All features of our product are operated via user-friendly graphical interface, customizable settings of which allow you to automate security processes intended to protect Percona Server databases against external attacks and inside vulnerabilities.