栏目

Data protection products - Database firewall system

Product introduction
Changtai Data security database Firewall system (CT-DBFW for short) is a database access control product independently developed by Anhui Changtai Technology Co., LTD., with complete intellectual property rights。By means of unique access control and virtual patch, the system can detect and block SQL injection attacks and database access requests that violate enterprise specifications in time. At the same time, by analyzing users' access behavior to the database in real time, the system can automatically establish the characteristic model of legitimate access to the database。The main functions include multi-factor authentication, access control, attack detection, virtual patching, automatic modeling and audit。The product has the advantages of effectively blocking dangerous access, high performance, and rich reports, helping enterprises effectively protect core data, ensure business operation security, and quickly meet compliance requirements。
Product function

Multifactor authentication

Based on IP address, MAC address, user, application program, time and other factors, the visitor identity authentication, the formation of multi-factor authentication, to make up for the lack of security of single password authentication。To access the database, the application must pass two layers of identity authentication: the database firewall and the database itself。


Block direct access to the database

The database firewall is deployed between the database server and the application server to shield the channels that directly access the database and prevent the hidden channels of the database from attacking the database。


Attack detection and protection

Real-time detection of SQL injection and buffer overflow attacks on the database, alarm or block the attack behavior, and record the attack time, source IP, user name, attack code and other information in detail。


Behavior Baseline - Automatically establish access models

The system will automatically learn the access statements of each application, carry out pattern extraction and classification, automatically generate the behavior feature model, and can edit the learning results。The system identifies risks by checking for deviations in access behavior from the baseline。


Connection monitoring

Monitor the connection information and risk status of the database in real time, and control risk access in time。


Virtual patch

Database system is a complex system, there are many loopholes in itself, easy to be used by attackers to lead to data leakage or system paralysis。For reasons such as service continuity, users do not install database patches in a timely manner。The database firewall uses a variety of built-in vulnerability signature databases to prevent known vulnerabilities from being scanned and exploited, and effectively reduces the risk of databases being attacked by 0day。


报表

Provides rich report templates, including audit reports and security trends。


Security audit

The system can record the access to the database server, including user name, program name, IP address, requested database, disconnection time, risk and other information, and provide flexible query analysis function。