DataSunrise Firewall for Vertica Database Security

Vertica security solution by DataSunrise guards the corporate system against database specific attacks and insider vulnerabilities. All database queries are obliged to go through firewall where they are analyzed according to parameters of rules defined by administrators. Only the queries that don’t violate security policies are allowed to be executed, the others are blocked. Firewall notifies of suspicious activity and helps to detect SQL injections and other types of cyberattacks.

Tech Info

Vertica security tool by DataSunrise is a next-generation database security platform with diverse range of security features for Vertica database.

After deployment firewall is set at self-learning mode. Using sophisticated algorithms it monitors database traffic and generates a list of common SQL commands. This list is used to simplify further firewall customization. Vertica firewall by DataSunrise is deployed as a proxy between server and its users, so it fetches all incoming commands and allows to pass through to database only the ones that exist in the whitelist and don’t violate any other parameters of pre-defined policies.

proxy-01

Security rules are defined by administrators and can be adjusted to various corporate needs. Customizable settings allow filtering according to various parameters:

  • source address (filtering queries coming from certain hosts, IP addresses or client applications);
  • query targets (certain database elements: tables, columns, stored, procedures);
  • certain SQL statements;
  • whether queries contain signs of SQL injection (UNION and OR statements, double queries, keyword in comments, constant expression).

There is an opportunity to set a schedule of policy operation and receive notifications of any security rule triggered. All features are operated within simple unified interface.

SQL injections have become a popular choice for hacker attacks. Malicious SQL statement is inserted into an entry field for execution, exploiting software vulnerability of incorrect filtration. DataSunrise effectively protects against such attacks and blocks queries with signs of SQL injection (Boolean, Union, time delay, out of band, automated exploitation techniques).

Continuously monitoring database traffic, firewall helps to detect security vulnerabilities and users attempting to escalate privileges. Codes of all queries and results of their execution are stored for further analysis. DataSunrise supports Syslog protocol, thus it is compatible with SIEM systems.

DataSunrise Database Firewall for Vertica is a high-quality solution for protecting against database specific attacks and concealed malicious activity of privileged users. Our firewall assists in complying with PCI-DSS, SOX, HIPAA and other regulatory standards, keeping your sensitive information safe.

Related Articles