Taking Security One Step Further

Why HexaTier Database Security?

HexaTier’s unified approach to security involves implementing the following measures: Database Firewall, SQL Injection Prevention, Segregation of Duties, and Access Control. The Database Security feature reduces the attackable surface by hiding the database behind HexaTier proxy but also by the validation and verification of the protocol itself.

firewall-iconDatabase Firewall – “Protected Database”

Administrators can define granular permissions based on any combination of database user or Active Directory Users/Groups, IP address, client application and time of day. The firewall prevents information theft and enables compliance with regulations such as PCI, SOX and HIPAA and others. The policy can be enforced on an instance, table, or even by a specific query or stored procedure. Direct access to the database system is prevented by HexaTier, stopping any attack which attempts to exploit vulnerabilities in the operating system and third party applications. Problematic or suspicious requests are prevented from reaching the data.

sqli-iconsSQL Injection Prevention

Acting as a reverse proxy, the system filters all traffic in and out of the database. This enables the identification and prevention of malicious attacks. Suspicious or dangerous queries can therefore never reach the data. Moreover, the SQL Injection Prevention hubristic mechanism searches for suspicious combinations of abnormal characters that appear within the query. This mechanism ranks in the risk level of the query, and if the risk is higher than the predefined threshold, it will automatically be blocked and quarantined for the specific query and not the entire connection.

tasks-iconSeparation of Duties

Properly define and enforce separation of duties by query level, table level, as well as column and row level. Provide safeguards against security breaches and potential data leaks in the organization. Ensure that only people with specific and appropriate privileges access certain areas of the database, without being able to retrieve other data which is not appropriate to their role or the task at hand.

access-iconDatabase Access Control

This involves the restriction of user- and role-based rights to view, modify and manage the sensitive and/or regulated data in enterprise databases to reduce risk and achieve regulatory compliance.

Key Benefits

  • Define granular user access rights (per DB user or Active Directory users/groups, IP address, client application and time of day)
  • Automated learning mode for creating security policies
  • Quickly identify and prevent SQL injection attacks
  • Automatically discover sensitive data in the database
  • Dynamically mask sensitive data in real time  
  • Advanced database activity monitoring and auditing capabilities
  • Easily demonstrate compliance with regulations: PCI, SOX and HIPAA
  • Identify and alert on  user access (DB, table, and column level)