Who Makes the Firewall Software Proposed to be Used by Third Party Support Providers?

Executive Summary

  • A firewall is an alternate approach to database security patching.
  • Third-party support providers recommend this for Oracle, but where does this firewall software originate?

Introduction

The Oracle database requires a constant application of security patches or patching. These are a significant overhead for customers, and in reality, most customers do not apply Oracle patches when the vulnerability is first announced.

How to Protect a Database

There are two ways to protect a database — one way is through patching. The second way is by using a database firewall.

Third-party support companies for Oracle normally recommend database firewalling instead of database patching, which a customer can no longer do, as they lose access to patches from Oracle when they go off of support. Therefore, third-party support companies recommend using a firewall rather than applying security patches from Oracle.

ExcitingIP explains a database firewall in the following quotation.

The Database Firewalls include a set of pre-defined, customizable security audit policies and they can identify database attacks based on past incidents / threat patterns called ‘signatures’. So, the SQL input statements/ queries are compared to these signatures, which are updated frequently by the vendors to identify known attacks on the database (Many tasks inside a database are implemented as a series of executable SQL statements).

Who Develops Database Firewall Software?

What tends to go unmentioned is that these firewalls are not the third-party Oracle support provider’s IP. Instead, they leverage firewalls from vendors and wrap up the firewall with their overall support service. For example, Imperva is a well-known firewall vendor, and Exitas is another. However, when reading the third-party support marketing documentation and talking to sales reps, it can be difficult to ascertain what we are explaining directly in this article — which is that the firewall software is unrelated to the third-party support provider.

Imperva SecureSphere can be brought up within AWS.

Conclusion

Third-party support providers like Rimini Street do a good job explaining how vendors like Oracle and SAP greatly overcharge for their support. But the intent is to get the customer to drop Oracle or SAP support and hire a third-party support provider. Firewalling software is available on the market both to Oracle customers that either want to change their strategy from Oracle security patching or for customers that want to bring their support internal — which is where the customer itself “self supports.”

There are several areas that the third-party support provider covers. However, the database firewalling area is not part of what the support provider is offering — that is, it can be purchased directly from the vendor.

References

https://www.imperva.com/resources/resource-library/datasheets/securesphere-database-activity-monitoring-and-database-firewall/

*https://www.excitingip.com/1933/what-are-database-firewalls-why-are-they-required-how-do-they-protect-databases/

https://www.oracle.com/security-alerts/

https://www.mysql.com/products/enterprise/firewall.html

*https://aws.amazon.com/marketplace/pp/Imperva-Inc-SecureSphere-Database-Firewall-for-AWS/B0153ZQOL0