RE: Oracle Database Firewall beta

• From: "Matthew Zito" <mzito@xxxxxxxxxxx>
• To: <jason.arneil@xxxxxxxxx>, <dreveewee@xxxxxxxxx>, <oracle-l@xxxxxxxxxxxxx>
• Date: Thu, 18 Nov 2010 18:52:07 -0500

Andre,

 

The other thing to keep in mind, for folks that are in the beta program,
is that typically Oracle has a confidentiality agreement with you in
place that you won't disclose any of the good, bad, or ugly to anyone
other than Oracle.  How strictly they enforce this is the question, but
just be careful you don't get your shop in trouble by letting loose the
secret sauce while in beta.

 

Thanks,

Matt

 

________________________________

From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of jason arneil
Sent: Thursday, November 11, 2010 5:26 PM
To: dreveewee@xxxxxxxxx
Cc: oracle-l@xxxxxxxxxxxxx
Subject: Re: Oracle Database Firewall beta

 

Hello,

 

I actually have a bit of familiarity/history with the secerno product.
They, like me are an Oxford, UK based company. Many (3+) years ago, we
were road testing their product (mostly as a favour).

 

Yes, it picked out random sql statements that were fired against the
database, the idea being you would train it to recognise your "allowed"
sql and then you would have the ability to block potentially threatening
sql statements. I have to say It did not really float my boat at the
time, but hopefully your mileage will vary.

 

I'm not allowed to tell you what happened when the network tap the
secerno device (and the db server) was plugged into was switched off,
but you can probably guess. I Was not too amused.

 

regards,

 

jason.

 

--

http://jarneil.co.uk

http://blog.jarneil.co.uk

 

On 11 November 2010 22:04, Andre van Winssen <dreveewee@xxxxxxxxx>
wrote:

 

Great to hear that we have been allowed to participate in the Oracle
Database Firewall beta program. Oracle bought this technology from
Secerno and is now working on oracle'izing the engine, e.g. use an
oracle database as the repository. If there's anything worth mentioning
that is not already in the whitepapers I will write a note and post it
to this forum or to my blog which I haven't started yet :-

 

Andre

Amis Services BV

The Netherlands

 

• References:
  • Oracle Database Firewall beta
    • From: Andre van Winssen
  • Re: Oracle Database Firewall beta
    • From: jason arneil

Other related posts:

• » Oracle Database Firewall beta- Andre van Winssen
• » Re: Oracle Database Firewall beta- jason arneil
• » RE: Oracle Database Firewall beta - Matthew Zito

1. Home
2. oracle-l
3. Archive
4. 11-2010

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---