The all “new” Database Firewall

by Stephen O
It slices, it dices, it makes healthy meals in thirty minutes flat, unclogs drains with ease, and will fold your laundry! Okay maybe it does none of that, but what it does do is offer a small peace of mind when it comes to Database protection.  This year was known as the Year of the hacker, with hacking stealing the headlines away from shark attacks, missing children, and celebrity rehab news (Thankfully). People have known about hackers for ages, but this last summer hacker groups such as Anonymous and LOLZSEC made everyone feel a little less safe. Sony was a focus of several attacks, and millions of people were affected by one attack alone. The Spree of hacking brought the hacking problem into the public eye. What is even more freighting is how easy it is.

Oracle has released a database firewall and has recently partnered with F5 for Web App Security. “The database firewall creates a defensive perimeter around a database by looking at SQL statements sent to it to determine whether to pass, log, alert, block, or substitute SQL statements, based on a company’s policies. Users can set white list and blacklist policies to control the firewall.”  (Chickowski, 2011) Oracle’s firewall is a type of DAM (Digital Asset Management) Here is the interesting part,  yes it is a Sub Discipline of DAM, but some databases do not even have DAM setup.  “Database firewalls aren’t necessarily DAM replacements but rather alternatives, because most companies have yet to implement DAM, says Roxana Brodescu, Oracle‘s director of product marketing.” (Chickowski, 2011)


We are all aware of important security is, at least by now.  By taking this course, you should have an idea how easy it is to hack a database; one of our fellow classmates gave a detailed explanation how easy it is to use injection statements to a site is. Mainly because there is little to no security implemented. What if we could find a way to block SQL queries from outside sources?

Wait that’s what this article was about, using the ability to examine SQL Statements sent to the database it could block potential attacks. While it is a “Sub Discipline” of DAM, it still could be an effective layer of protection database administrators could implement. If this last summer taught us anything, no one is too big to be hacked, reputation will not protect you from people looking to harm you, and your customers, security measures will.

Chickowski, E. (2011). Database firewall brouhaha*. InformationWeek, (1294), 38-38. Retrieved from

1. “This blog post took me 47 minutes.”
2.”I read 5 blog posts by my classmates this week.”