oracle-sql-firewall-faq.pdf

chirpyli

All China Database Union

17页

0次

2025-04-01

5墨值下载

Oracle SQL Firewall

Frequently Asked Questions

SQL Firewall is built into Oracle Database 23ai. This FAQ addresses questions you may have about this

exciting new capability.

August, 2024, Version [1.0]

Public

 
2  Frequently Asked Questions  /  Version [1.0] 
  Copyright © 2024, Oracle and/or its affiliates  /  Public 
 
Table of contents 
PRODUCT OVERVIEW  4 
What is Oracle SQL Firewall?  4 
How does SQL Firewall work?  5 
What are the key differentiators of SQL Firewall over other 
firewalls?  5 
I have a network firewall. Why do I need SQL Firewall?  7 
I have Database Vault. Why do I need SQL Firewall?  8 
What is the performance impact of SQL Firewall?  8 
Does SQL Firewall inspect encrypted SQL traffic?  8 
Can SQL Firewall be used for DBAs and other ad-hoc users?  8 
I have Oracle Audit Vault and Database Firewall (AVDF). How 
do I decide which one to use: SQL Firewall (or) Database 
Firewall?  9 
I have SQL Firewall. Why do I need database auditing?  10 
ACCELERATE COMPLIANCE  10 
How does SQL Firewall help accelerate compliance?  10 
CONFIGURATION  10 
How do I administer SQL Firewall?  10 
Can I enable SQL Firewall in the CDB?  11 
Can I enable SQL Firewall in the PDB?  11 
How does SQL Firewall know which statements are authorized?  11 
Can I modify the allow-lists once generated and enforced?  11 
Can I reuse the allow list for a user across different databases?  11 
Can I reuse the allow list for a different user on the same 
database?  11 
Is it possible to have multiple policies enforced at the same time 
for the same user?  12 
How can SQL Firewall help prevent zero-day SQL Injection 
attacks?  12 
What happens to applications whose statements are blocked by the 
SQL Firewall? Does the connection terminate?  12 
What are SQL Firewall violations, and how can I monitor them?  12 
Can SQL Firewall track violations on only untrusted database 
connection paths?  12 
How do I extend beyond what I initially captured for allowed IP 
addresses?  12 
How does SQL Firewall identify unique SQL statements for its 
allowed list?  13 
When would you typically want to set TOP_LEVEL to false?  13 

 
3  Frequently Asked Questions  /  Version [1.0] 
  Copyright © 2024, Oracle and/or its affiliates  /  Public 
Are SQL Firewall violations audited?  13 
Do I need to purge SQL Firewall violation logs?  13 
Can I use SQL Firewall for ADMINISTRATIVE users like 
SYSDBA?  13 
How can I configure strict enforcement of allowed SQLs in the 
primary while relaxing the enforcement in Active Data Guard 
(ADG) standby?  14 
Can I configure SQL Firewall protection for a particular schema?  14 
Does SQL Firewall work with Real Application Security (RAS)?  14 
LICENSE  14 
Is SQL Firewall available in Oracle Database Standard Edition?  14 
Is SQL Firewall available in Oracle Database Free Offering?  14 
How is SQL Firewall licensed?  15 
Is SQL Firewall licensed to use on DBaaS offerings in Oracle 
Cloud?  15 
MORE INFORMATION  15 
Where can I get hands-on experience using SQL Firewall?  15 
Where can I see product demo videos of SQL Firewall?  15 
Are there demo scripts available for customers to try hands-on in 
their environment?  15 
Where can I post my queries on this feature?  16 
Where is the documentation reference?  16 
 
   