DataSunrise Security for Teradata

DataSunrise Database Firewall blocks potentially harmful requests and provides Teradata security. Helps to protect Teradata from hackers, who want to get an access to the corporate data. Helps to deal with the different types of SQL-injections (including SQLmap protection). Differentiates the user access to the database.

Tech Info

DataSunrise Database Firewall for Teradata protects databases in real time on premises and in the cloud. It provides reliable protection from both external and internal threats. It allows to gain complete visibility of database and user activity, ensure ultimate level of data security and efficiently maintain regulatory compliance. It continuously monitors incoming and outgoing traffic and filters queries according to administrator-defined set of rules.

The firewall is deployed in proxy mode and prevents direct communication between two nodes. Residing between client and database it acts as an intermediary and performs continuous auditing and logging of user actions and changes made to the database and intercepts suspicious and forbidden requests.

proxy-01

Intelligent threat detection algorithms recognize SQL injections in real time. In the process of initial traffic processing the firewall inspects user queries, database output, etc. The queries undergo deep analysis and those violating security rules are blocked. When disassembling the packets the firewall determines target database objects, schemas, tables names and other important information.

 

Continuous scanning and analyzing of traffic ensures prevention of SQL injections in real time. DataSunrise blocking mechanisms allow to detect the following SQL Injection techniques:

  • Union Exploitation Technique
  • Boolean Exploitation Technique
  • Out of band Exploitation technique
  • Time delay Exploitation technique
  • Automated Exploitation
  •  

    Rule conditions include the following parameters:

  • type, instance and name of the target database;
  • whether queries came from a certain client application;
  • whether intercepted queries contain certain SQL statements;
  • whether queries contain signs of SQL injection (OR and UNION statements, comments, double queries, constant expression, keyword in comments);
  • whether queries are directed to certain database elements (schemas, tables, columns, stored procedures).
  •  

    Among supported features there are:

  • Processing of DML/DDL operation in compliance with transactions, search path and admin queries
  • Analyzing and storing data of all query types, including replication queries and multi queries
  • Processing of SSL-encrypted traffic
  • Detailed processing of prepared operations, cursors and portals
  • Asynchronous queries analysis (Pipelining)
  • Analysis of all fast input/output operations (Fastload/FastExport/MultiLoad/TPump/Teradata Parallel Transporter)
  • Authentication methods: TD2 (AES + DH + SHA). Ldap and Kerberos coming soon
  • Analysis of all data types including UDT (user-defined type)
  •  

    Supported versions: Teradata versions 13, 14, 15. Runs on Windows and Linux.