Oracle Database Firewall

Oracle has released a database firewall product. It analyzes SQL to determine whether to block or log the activity. This functionality comes from F5 Corporation, with which Oracle has struck a partnership.

Normally this is the territory of database activity monitoring products. Companies with these products are downplaying the security of the Oracle database firewall.

There are ways to get around the firewall. For example, our UNIX guys log into their UNIX accounts on the machine that hosts the database. Then they use a local connection to the database. Once they do that, all they SQL bypasses the firewall. Ooops.