SQL firewalls are newcomers to the world of content security and firewalls. Historically, most SQL firewalls have been internal solutions built on various firewall and proxy frameworks such as Windows Sockets (SOCKS). However, vendors have now shifted to appliance-based firewalls (firewalls packaged as standalone, hardware-based black boxes) because customers prefer plug-and-run security products that insert easily into the network. Here is a sampling of companies that offer SQL firewall products, including the company I work for:
Check Point VPN-1/FireWall-1 with OPSEC Certified Products |
Check Point Software Technologies 650-628-2022 http://www.checkpoint.com OPSEC content (and database) extensions http://www.opsec.com/solutions/sec_content_security.html Check Point VPN-1/FireWall-1 can intercept, inspect, and validate SQL database-access requests and content flowing to an SQL database. The product is part of the company's Open Platform for Security (OPSEC) program, which helps multivendor partners build integrated firewall extensions to monitor database activity that crosses the firewall and to perform other security-authorization tasks. |
SQL-Guard |
Guardium 781-684-6288 http://www.guardium.com SQL-Guard is an appliance that you can deploy as an SQL firewall as well as a nonblocking monitoring solution (an SQL Intrusion Detection System—IDS). |
Ethereal |
Ethereal http://www.ethereal.com This free, open-source beta software, downloadable from the Internet, is a network-protocol analyzer for UNIX and Windows that includes dissectors that can extract SQL for most SQL dialects from network packets. Developers can use these dissectors with a SOCKS filter framework to build a custom SQL firewall that has simple capabilities. |
0 comments
Hide comments