Database Firewall

DB, server, and personal information are the most important assets to a business. The key to corporate security is to identify
and protect corporate assets. Meet AIDFW- a complete DB server protection.

AIDFW monitors and controls everything related to DB.
AIDFW is an intelligent solution that protects corporate assets by controlling DB access.
DB is the purpose and core of security. To protect your DB, you need to look at all the people who access it, the DB information itself, and how it is exchanged. MONITORAPP is a comprehensive application security company that developed the Application Insight Database Firewall (AIDFW) to protect one of its core applications, DB. Based on query analysis, MONITORAPP’s DB firewall AIDFW provides user-oriented rights control, access control, and profile-based automated security policies, and protects the company’s key information assets by controlling abnormal DB access from outside. ‘AIDFW’ is a dedicated, high-performance network-based equipment that provides automated DB security policy creation and enforcement, access, authority, session control, and configuration mode optimized for customer network environments.
Efficiently analyze/block and enhance real-time security.
Self-Learning Profiling technology learns normal SQL Query through Authority Profiling and Form Profiling, and blocks abnormal and unstructured Query based on a profile DB. It also tracks attackers with real-world attacker IP detection and prevention patent technology through WEB-Database log linkage and correlation analysis. Regular pattern updates with Monitorapp’s threat intelligence platform AICC enhance AIDFW’s virtual patching capabilities to protect against DBMS vulnerabilities.
a businessman in front of a laptop with AIONCLOUD dashboard on it
Monitors all DB accesses and provides powerful privilege/access control.
Monitor DB-related authentication accounts, IP, MAC addresses, DB users, access times, applications, and more, and have strong control over DBMS ACL authentication access. Real-time system monitoring is possible with dashboard-based UI. It provides access control by IP, DB user, and connection time zone. In addition, you can control permissions by DB object and SQL syntax, as well as support session monitoring and control. The protection policy restricts access to columns containing personal information and protects against personal information leakage with masking.
High-performance, high-capacity processing
High-performance Transparent Proxy and Sniffing (Non Proxy) support Hybrid mode enables high-performance, high-capacity traffic handling. Proxy base Full Transparent Mode, which operates in Health-Mode without the need for separate IPs, is the key to high performance.
green background with circular patterns with a white shield in the middle
intuitive UI and various report functions.
AIDFW provides an intuitive, web-based user interface. It supports a variety of log search and management functions and statistical and reporting functions. Efficient access and permission control policy settings are possible without the need for knowledge of DB schema.
Helps you meet the latest privacy compliance.
The Privacy Act and its subordinate clauses, such as collecting information (Article 15 and 16), disabling safety measures (Article 24 and 29), and preventing leakage of personal information without due authority (Article 59) are provided.
lit laptop monitor in a dark room showing AIONCLOUD security dashboard
AIDFW Brochure
Authentication control
Authentication control function for DB access
Allow access by AIDFW authentication account, specific client IP address or MAC address, DB user, application, schedule
Allow and block access to authenticated (or unauthenticated) users
Access Control
Access control function for DB
Allow access by specific client IP address or DB user, application, or schedule
Allow and block access to non-configured users
Authority control
Permission control by DB access client (IP address, DB user), SQL command (DML, DCL, DDL), object (table, view)
Block specific client IP or DB users by their permissions (DML, DCL, DDL)
Allow and block non-configured access
Pattern control
Control of query patterns that can not be entered per DB access client (IP address, DB user)
String matching and regular expression pattern input
Allowing and blocking access other than the configured pattern
Response control
Response Data and Session Control
Block / Detect by setting policy by idle time, SQL time, number of responses, response time, and response size
Masking and blocking of sensitive personal information
Authority profile
Application Server Generate authorization profiles for IP, DB user, and application
Generate a rights profile for the learning period selection
Allow and block queries that violate the profile after the end of the learning period
Form profile
Application Server Create a query form profile for each IP, DB user, and application
Create a form profile for the learning period selection
Allow and block queries that violate the profile after the end of the learning period
DB vulnerability attack detection
+ Personal information log
– Features to protect against inherent vulnerabilities in DBMS type and version – Build strong response system against SQL INJECTION which is vulnerability via WEB – 26 Rule of Regular Expression Types – Real-time update without DBMS service impact – Provides traffic and detection status and dashboard that can check system status
User tracking
Provides client IP / login ID information of the traffic via WEB / WAS
Scroll Up