GreenSQL
GreenSQL | |
---|---|
Basic data
|
|
developer | GreenSQL LTD |
Publishing year | 2006 |
www.greensql.com |
GreenSQL is an open source software that is implemented as a proxy server (communication interface) or database firewall between the database server and web server. The software automatically checks queries for security and only forwards them after they have been checked. In addition to MySQL, it also supports PostgreSQL and contains a graphical user interface for configuring and monitoring a firewall.
development
GreenSQL was developed as an open source project by GreenSQL LTD in 2006 . In 2009 the company responded to the increasing needs of the consumer market and developed a commercial version of the software. This supports Microsoft SQL Azure , Microsoft Azure (all versions), MySQL and MariaDB . Support for PostgreSQL was discontinued in October 2013.
Operating modes
Simulation mode (Intrusion Detection System IDS)
In this mode, the database administrator is notified of suspicious activity. The determination of these suspicious activities is carried out using an included risk matrix . The suspicious structures are not blocked, just information about them.
Blocking suspicious queries (Intrusion Prevention System IPS)
Suspicious queries are blocked using the integrated heuristic engine and unsuspicious queries are forwarded using a white list . Otherwise, an empty result set is returned to the application.
Learning functionality
For the duration of the learning phase, all registered commands are added to the whitelist in order to "train" the filter. During the learning mode, permitted database queries (queries) are carried out and updated.
Database firewall
The actual SQL database firewall mode. All unknown commands are blocked by the proxy and threats are reported to the administrator via the management console. Recommended after the learning phase.
See also
Web links
- GreenSQL.com - website of the manufacturer - English
- GreenSQL / better protection for MySQL databases (May 5, 2009) - German
Individual evidence
- ↑ Database firewall GreenSQL 1.3 published - description and information pro-linux.de - accessed on March 18, 2013
- ↑ Federal Office of Administration Cologne (BVA 2011) - Green SQL oss.bund.de - accessed on March 18, 2013