DBSec DBFirewall-EnCloud-Manager
Linux/Unix
Linux/Unix
Product Overview
Currently, attacks on cloud databases are intensifying. The main methods of attack include:
- Exploit the vulnerability of the application system, invade the database through SQL injection, and complete data theft (library swiping). The iCloud photo leak is an example of this.
- External hackers use database vulnerabilities to perform malicious operations on databases or obtain database files (drag libraries). By exploiting the vulnerability of MongoDB itself, the hacker broke through multiple systems using MongoDB and issued extortion.
Businesses on the cloud are increasingly aware of the importance of security, and many companies deploy web firewalls (WAF) to prevent attacks from the network. WAF is deployed close to the application server. The protected content favors the WEB level. It is protected based on content in the Http protocol. It only protects the WEB server from being manipulated and hijacked by web programs and simple SQL injection, making it powerless against database framework vulnerabilities. It has been revealed that attackers have more than 150 ways to bypass WAF and directly attack databases.
Based on an active defense mechanism, Anhuajin and the cloud database firewall (DBFirewall-EnCloud) can control cloud database access behavior, block dangerous operations, and audit suspicious behavior to prevent attacks and prevent ransom.
Cloud database firewalls provide the core values of four major products, including preventing external hacker attacks, preventing internal high-risk operations, preventing sensitive data leakage, and auditing and tracking illegal acts.
- Prevent external hacker attacks
Threats: Hackers use web application vulnerabilities to inject SQL; or use the web application server as a springboard to attack and invade the database itself.
Protection: Exploit attacks are captured and blocked through virtual patching technology, and SQL injection behavior is captured and blocked through the SQL injection signature library. - Prevent internal high-risk operations
Threats: System maintainers, outsourcers, developers, etc. have direct access to the database. Intentional or unintentional high-risk operations damage the data.
Protection: Avoid large-scale losses by limiting updates and deletions of affected rows, limiting updates and deletions without where, and limiting high-risk operations such as drop and truncate. - Prevent sensitive data from being leaked
Threats: Hackers and developers can download sensitive data in batches through apps, and internal maintainers can export sensitive data remotely or locally in batches.
Protect: Limit the number of data queries and downloads, and limit who, where, and when sensitive data can be accessed. - Audits track illegal behavior
Threat: Under the temptation of the interests of third parties, business personnel complete access to sensitive information through functions provided by business systems to sell information and manipulate data.
Protection: Provide records of all data access behavior, email alerts on risky behavior, and provide post-event tracking and analysis tools.
Note: This product requires a serial agent and cluster deployment. This product requires the deployment of at least one management terminal (Manager) and two cluster nodes (Kernels). You need to buy these two products together to use them together.
When the product is deployed, outside of the system disk, at least a 500G data disk is required to start properly.
This product supports the BYOL method and comes with a seven-day free trial license. You can call the technical support hotline 400 923 1376 for help.
Version
3.2.4.3-20190124
By
安华金和 DBSECCategories
Operating System
Linux/Unix, CentOS release 6.10 (Final)
Delivery Methods