DataSunrise Security for Teradata Security with DataSunrise

DataSunrise Database Firewall blocks potentially harmful requests and provides Teradata security. Helps to protect Teradata from hackers, who want to get an access to the corporate data. Helps to deal with the different types of SQL-injections (including SQLmap protection). Differentiates the user access to the database.

Tech Info

DataSunrise protects Teradata databases in real-time on-premises and in the cloud. It provides reliable protection from both external and internal threats. It allows to gain complete visibility of database and user activity, ensure ultimate level of data security and efficiently maintain regulatory compliance. It continuously monitors incoming and outgoing traffic and filters queries according to the administrator-defined set of rules. Maintain an overall security system for Teradata databases.

The firewall is deployed in proxy mode and prevents direct communication between two nodes. Residing between client and database it acts as an intermediary and performs continuous auditing and logging of user actions and changes made to the database and intercepts suspicious and forbidden requests.

teradata security

Intelligent threat detection algorithms recognize SQL injections in real time. In the process of initial traffic processing, the firewall inspects user queries, database output, etc. The queries undergo deep analysis and those violating security rules are blocked. When disassembling the packets the firewall determines target database objects, schemas, tables names and other important information.

 

Continuous scanning and analyzing of traffic ensures prevention of SQL injections in real time. DataSunrise blocking mechanisms allow to detect the following SQL injection techniques:

  • Union Exploitation Technique
  • Boolean Exploitation Technique
  • Out of band Exploitation technique
  • Time delay Exploitation technique
  • Automated Exploitation
  •  

    Rule settings of Teradata security solution include the following parameters:

  • type, instance and name of the target database;
  • whether queries came from a certain client application;
  • whether intercepted queries contain certain SQL statements;
  • whether queries contain signs of SQL injection (OR and UNION statements, comments, double queries, constant expression, keyword in comments);
  • whether queries are directed to certain database elements (schemas, tables, columns, stored procedures).
  •  

    Among supported features there are:

  • Processing of DML/DDL operation in compliance with transactions, search path and admin queries
  • Analyzing and storing data of all query types, including replication queries and multi queries
  • Processing of SSL-encrypted traffic
  • Detailed processing of prepared operations, cursors and portals
  • Asynchronous queries analysis (Pipelining)
  • Analysis of all fast input/output operations (Fastload/FastExport/MultiLoad/TPump/Teradata Parallel Transporter)
  • Authentication methods: TD2 (AES + DH + SHA). Ldap and Kerberos coming soon
  • Analysis of all data types including UDT (user-defined type)
  •  

    Teradata security solution by DataSunrise supports Teradata versions 13, 14, 15. Runs on Windows and Linux.