Multifactor authentication
Based on IP address, MAC address, user, application program, time and other factors, the visitor identity authentication, the formation of multi-factor authentication, to make up for the lack of security of single password authentication。To access the database, the application must pass two layers of identity authentication: the database firewall and the database itself。
Block direct access to the database
The database firewall is deployed between the database server and the application server to shield the channels that directly access the database and prevent the hidden channels of the database from attacking the database。
Attack detection and protection
Real-time detection of SQL injection and buffer overflow attacks on the database, alarm or block the attack behavior, and record the attack time, source IP, user name, attack code and other information in detail。
Behavior Baseline - Automatically establish access models
The system will automatically learn the access statements of each application, carry out pattern extraction and classification, automatically generate the behavior feature model, and can edit the learning results。The system identifies risks by checking for deviations in access behavior from the baseline。
Connection monitoring
Monitor the connection information and risk status of the database in real time, and control risk access in time。
Virtual patch
Database system is a complex system, there are many loopholes in itself, easy to be used by attackers to lead to data leakage or system paralysis。For reasons such as service continuity, users do not install database patches in a timely manner。The database firewall uses a variety of built-in vulnerability signature databases to prevent known vulnerabilities from being scanned and exploited, and effectively reduces the risk of databases being attacked by 0day。
报表
Provides rich report templates, including audit reports and security trends。
Security audit
The system can record the access to the database server, including user name, program name, IP address, requested database, disconnection time, risk and other information, and provide flexible query analysis function。
Multifactor authentication
Based on IP address, MAC address, user, application program, time and other factors, the visitor identity authentication, the formation of multi-factor authentication, to make up for the lack of security of single password authentication。To access the database, the application must pass two layers of identity authentication: the database firewall and the database itself。
Block direct access to the database
The database firewall is deployed between the database server and the application server to shield the channels that directly access the database and prevent the hidden channels of the database from attacking the database。
Attack detection and protection
Real-time detection of SQL injection and buffer overflow attacks on the database, alarm or block the attack behavior, and record the attack time, source IP, user name, attack code and other information in detail。
Behavior Baseline - Automatically establish access models
The system will automatically learn the access statements of each application, carry out pattern extraction and classification, automatically generate the behavior feature model, and can edit the learning results。The system identifies risks by checking for deviations in access behavior from the baseline。
Connection monitoring
Monitor the connection information and risk status of the database in real time, and control risk access in time。
Virtual patch
Database system is a complex system, there are many loopholes in itself, easy to be used by attackers to lead to data leakage or system paralysis。For reasons such as service continuity, users do not install database patches in a timely manner。The database firewall uses a variety of built-in vulnerability signature databases to prevent known vulnerabilities from being scanned and exploited, and effectively reduces the risk of databases being attacked by 0day。
报表
Provides rich report templates, including audit reports and security trends。
Security audit
The system can record the access to the database server, including user name, program name, IP address, requested database, disconnection time, risk and other information, and provide flexible query analysis function。