Introducing the RockSolid Database Firewall

Introducing the RockSolid Database Firewall

published: 2015-12-02 12:32Introducing the RockSolid Database Firewall

Security is a rapidly increasing area of focus for all enterprises, and database security is probably the most critical aspect of enterprise security. Today RockSolid SQL is announcing a new feature to help enterprise customers implement tighter control around database access.

SQL Server can generally be considered a secure database platform. Logins provide access to a database server and permissions grant rights to access and update data. However, we have had feedback from customers that wish to further improve permitter control of their databases environments. The default nature of SQL Server is any user with a valid login can connect from any host or application that has a network path to the database server. Many customers have wanted to restrict this and only allow users to login from a specific application, host or network location.

Previously, this level of perimeter control was difficult. Typically it required custom scripting to achieve, something that becomes difficult to manage in moderate size organisations with dozens of servers and virtually unmanageable in larger enterprise environments running hundreds or thousands of SQL Server nodes.

To resolve this security gap, we have introduced the RockSolid Database Firewall. This new feature allows administrations to control access within their structured management policies, which are in turn deployed across the environment regardless of scale or number of SQL Server hosts. The RockSolid Database Firewall allows access control to be much more prescriptive, defining host, application, role and locations within login rules.

RockSolid Database Firewall

The RockSolid Database Firewall operates in two modes, either Active or Passive. In Active mode, logins that violate the firewall rules are blocked and cannot login to the SQL Server host. In Passive mode, the logins are allowed to connect but real time warnings are raised allowing escalation or an automated response to occur.

Example scenarios:

  • Restrict sysadmin group members login access only from specific hosts or specific IP ranges
  • Restrict application users to logging in from specific applications that are installed on specific hosts
  • Restrict reporting users to logging in only at certain times of the day, e.g. after business hours
  • Block certain users during application maintenance periods

The RockSolid Database Firewall is a standard feature of the RockSolid Platform v5.01 and supports all versions of SQL Server from 2005 through SQL Server 2016. It does not require any software to be installed on the SQL Server host and can be enabled within minutes across any environment under current management by the RockSolid platform.

For more information please contact the RockSolid SQL Team.

RockSolid Automation Platform

Related News

RockSolid SQL becomes part of UXC Eclipse, A CSC Company

You are Already Ready for SQL Server 2016!

RockSolid Auto Stop-Start

What Makes RockSolid Different?

Delivering Database as a Service