DataSunrise Database Firewall for IBM DB2 Big SQL

DataSunrise’s Database Firewall for DB2 Big SQL feature enables you to protect your database from unsecure access attempts and SQL injection attacks. You can block user queries issued by a certain user or application, queries directed to certain database columns or queries coming from a certain IP address. You can block specific queries included into your “black list” of course.

DataSunrise Database Firewall for DB2 Big SQL enables the administrator to issue security policies or rules that protect certain database objects from unwanted queries. The security rules include fine-grain settings for protecting a target database from being accessed based on the following query parameters:

• Database instance and database type;
• Database elements (database, schema, table, procedures, columns etc.) to be accessed;
• Client application name, database user or app user name, IP address;
• SQL injection attack signs included into an incoming query (like UNION and OR statements, constant expression, double queries, comments in the SQL, keywords in comments etc.).

DataSunrise’s Database Firewall for DB2 Big SQL works as a transparent proxy which makes minimum impact on the database performance. Being deployed as an intermediary between the database server and its client applications, DataSunrise firewall intercepts all incoming queries and query results and blocks them if security policy violations detected.

Database Firewall’s settings also include email notifications on system events such as blocked query or intercepted SQL injection. Detailed logging increases protection by saving the information about incoming queries and execution results which helps to detect unwanted users and data vulnerabilities.