DataSunrise Security for Netezza

You’re operating Netezza Appliance and need to secure integrated Netezza database against data breach and negligent insiders? Don’t rely solely on built-in security means because efficient database protection should be multi-layered. You need dedicated software solution which is able to detect and prevent SQL injection attacks and data leaks in real time. DataSunrise Database Security Suite would be the perfect choice.

Tech Info

DataSunrise Database Firewall for Netezza security is aimed at real-time database protection on premises and in the cloud. It accurately detects and blocks unauthorized database and user activity through continuous monitoring of traffic to and from database. Filtering is implemented according to administrator-defined rules set. Advanced threat detection algorithms allow to accurately recognize and block behavior that conflicts with security rules set.

Proxy mode deployment prevents direct communication between client and database. The firewall acts as an intermediary between client and server, it audits and logs queries or blocks execution of the ones violating firewall's security policies.

proxy-01

Smart SQL analysis algorithms provide continuous monitoring of database activity. During initial traffic processing DataSunrise disassembles user queries, database output etc. Then the queries undergo careful analysis and the firewall determines target database objects, schemas, tables names and other important information. Then the firewall logs queries, blocks their execution or obfuscates database output according to predefined security policies.

 

Scanning of traffic along with detection and blocking mechanisms allows to capture SQL injections in real time. The firewall blocks the following SQL Injection techniques:

  • Union Exploitation Technique
  • Boolean Exploitation Technique
  • Out of band Exploitation technique
  • Time delay Exploitation technique
  • Automated Exploitation
 

Rule conditions include the following parameters:

  • type, instance and name of the target database;
  • whether queries came from a certain client application;
  • whether intercepted queries contain certain SQL statements;
  • whether queries contain signs of SQL injection (OR and UNION statements, comments, double queries, constant expression, keyword in comments);
  • whether queries are directed to certain database elements (schemas, tables, columns, stored procedures).
 

Among supported features there are:

  • All available drivers (JDBC, ODBC, OLE DB)
  • SSL-encrypted traffic processing
  • Auditing and analysis of all query types, including multi-queries
  • Auditing of text-type data and all existing RowSet packets support
  • Pipelining processing
  • Data processing in the case of unexpected client server behavior occurs
  • Logging and analysis of COPY, LOAD and UNLOAD operations. All known transmission formats are supported (TEXT, RAW, ZLIB)
  • DML and DDL operations processing (considering transactions)
 

DataSunrise Database Firewall runs on Windows and Linux and supports Netezza versions 6.0-7.2.1+