MySQL Enterprise Firewall
MySQL Enterprise Firewall guards against cyber security threats by providing real-time protection against database specific attacks. Any application that has user-supplied input, such as login and personal information fields is at risk. Database attacks don't just come from applications. Data breaches can come from many sources including SQL virus attacks or from employee misuse. Successful attacks can quickly steal millions of customer records containing personal information, credit card, financial, healthcare or other valuable data.
MySQL Enterprise Firewall protects your data by monitoring, alerting, and blocking unauthorized database activity without any changes to your applications. It provides multiple operating modes to help administrators block, detect and respond to malicious database attacks:
- Allow - SQL statements are executed and results are generated for statements that match an approved allowlist
- Block - SQL statements are blocked from executing that do not match an approved allowlist
- Detect - SQL statements that do not match a allowlist are executed and administrators are notified of policy violations
Creates a composite list of allowed queries for a group of users. Record allowed normalized queries to build the list. Enforces firewall protection across all in the group profile.
Block SQL Injection Attacks
MySQL Enterprise Firewall blocks SQL Injection attacks that can result in loss of valuable personal and financial data. Allowlist creation, real-time threat monitoring, SQL statement blocking and alerting enable DBAs protect data assets.
Database Intrusion Detection
Acting as a security alarm, MySQL Enterprise Firewall notifies administrators to SQL statement activity that does not match an approved allowlist.
Real-time Threat Monitoring
MySQL Enterprise Firewall monitors for database threats in real time. All incoming queries pass through a SQL analysis engine and are matched against an approved allowlist of expected SQL statements. SQL attacks are blocked if they don't represent expected statements.
Block Suspicious Traffic
Statements that do not match the approved allowlist are blocked, logged and can be analyzed to help block a potential SQL injection attack. This provides DBAs with valuable information in preventing malicious attacks, stolen credentials and loss of data.
Learn and Build allowlists
Automatically create user specific allowlists of pre-approved SQL statements using a self-learning system. MySQL Enterprise Firewall records all incoming SQL statement and builds an allowlist. Only incoming queries that match the allowlist are approved and allowed to pass through to MySQL.
MySQL Enterprise Firewall runs within each MySQL instance and provides scale-out performance. It doesn't require additional firewall services to run or maintain and runs transparently so no changes are required to your database applications.
MySQL Enterprise Firewall tracks and provides metrics on both allowed and blocked SQL statements. Blocked statements are logged for inspection and alerting.