Behavioral modeling provides protection from advanced database threats
  • Simplified, transparent, drop-in installation
  • Rapid behavioral model construction
  • Immediate SQL injection protection for legacy applications and 3rd party applications
  • Protection against Zero-Day SQL injection attacks
  • Immediate SQL injection protection against application framework vulnerabilities
  • Adapts to application modifications
  • Implemented as physical or virtual appliance

DB Networks' Technology


While Web applications can produce dynamic, and often extremely complex SQL, it turns out this behavior that can be modeled. DB Networks technology automatically analyzes all SQL statements dispatched from your Web applications destined to your databases in order to construct a unique multi-dimensional behavioral model. Using this behavioral model, each SQL statement is then subjected to a thorough lexical analysis and SQL semantic comparison analysis. Any rogue SQL statements are immediately identified and your defined alarm procedure is invoked.

Adaptive Behavioral Model

Our technology is a novel patent-pending approach that learns and models an applications unique behavior for generating SQL statements. After a short learning period to construct the behavioral model, a suite of detection algorithms then evaluate each SQL statement against the application's unique behavioral model. New SQL statements, not seen during the learning process, go through structural analysis. Any SQL statement not consistent with the established behavioral model is identified as a likely SQL injection attack. This entire process is automatic. DB Networks technology is completely plug-and-play -- there are no blacklists, signatures, or whitelists to configure and maintain. Behavioral analysis has proven to be highly accurate at identifying even then stealthiest of SQL injection attacks.

 

Technical Requirements
  • Oracle server release 8i (8.1.7) or later
    OR
    Microsoft SQL Server version 2000 or later
  • Bi-directional mirrored port or passive
    tap capture to feed 10/100/1000 Mbit/sec capture ports
  • IDS-6300v virtual appliance supported
    under VMware ESXi 5.0 and 5.1
System Specifications
Platform
  • 2U x 19 inch rack mount form factor
  • Dual redundant power supplies -300W
Capacity
  • 2 TB of RAID10 storage for captured workloads
Connectivity
  • 480 GB High performance SSD
  • 2 TB Achival storage
Security
  • Encrypted data
  • Operator authentication
  • Role based permissions to limit access to sensitive data
  • Support for encrypted database interfaces