DataSunrise Security for MS SQL Server

MS SQL Server security solution by DataSunrise filters the network traffic according to configured rules set. It blocks dangerous traffic and protects enterprise sensitive data from multiple threats: hacker attacks, SQL-injections, security breaches, intentional and unintentional data loss. It controls user privilegies to prevent data leaks by company insiders.

Tech Info

MS SQL Server security tool by DataSunrise provides high-level MS SQL Server security. It is designed to protect data on the premises and in the cloud. It protects databases from both outside attacks and inside threats. It performs deep traffic filtering on application level with every incoming and outgoing packet being analyzed for compliance with the customized rules set. In case of meeting a forbidden security rule the blocking scenario includes disconnection of a client from DB or closing of the session.

DataSunrise is depoyed as a proxy between database and clients. It acts as an intermediary and prevents direct communication between client and server. It audits and logs the traffic and blocks execution of queries violating the configured security policies.

proxy-01

Intelligent SQL-analysis algorithms enable to detect and block unauthorized access attempts and attacks on a database in real time. DataSunrise continuously monitors database activity. During initial traffic processing it disassembles user queries, database output, etc. Then the queries undergo careful analysis and the solution logs queries, blocks their execution or obfuscates database output according to predefined security policies.

 

Scanning of traffic along with detection and blocking mechanisms allows DataSunrise to capture SQL injections in real time. It blocks the following SQL Injection techniques:

  • Time delay Exploitation Technique
  • Automated Exploitation Technique
  • Union Exploitation Technique
  • Boolean Exploitation Technique
  • Out of band Exploitation Technique
  •  

    Security rule conditions include the following parameters:

  • whether queries came from a certain client application
  • whether intercepted queries contain certain SQL statements
  • whether queries contain signs of SQL injection (OR and UNION statements, comments, double queries, constant expression, keyword in comments)
  • whether queries are directed to certain database elements (schemas, tables, columns, stored procedures)
  • type, instance and name of the target database
  •  

    Among supported features there are:

  • TDS Proxy
  • SMP + TDS Proxy (MARS support)
  • SSL over TDS or SMP + TDS proxy
  • Sniffing for all protocol combinations (TDS, SMP+TDS, SSL+SMP+TDS)
  • SSL ciphers control
  • SQLBatch analysis, blocking and masking
  • RPCBatch analysis, blocking and masking
  • Asynchronous queries analysis (pipelining)
  •  

    DataSunrise MS SQL SERVER Security solution supports the latest MS SQL Server Database versions: 2005, 2012, 2014, 2016, V12 (Azure). It runs on both Windows and Linux.