what is database firewall?

Firewall: A firewall is a hardware or a software which will monitor all the traffic goes through it and allow/block requests based on the rules specified by the administrator. Firewall is mandatory element for every organization's security model. Firewalls are classified into two types: Network Layer & Application Layer. Network layer firewall deals with IP addresses, Port No's and sometimes acts as web app firewall as well. Web application firewall deals with the payload inside every request and if found malicious, it will trigger an alert to the specified body.

Then what is database firewall?

A database firewall is nothing but implementation of web app firewall for database connection. Why do we need one? For a 3 tier architecture model we are placing firewall only for the first layer i.e front end. But an attacker can input payload to bypass the WAF and execute arbitrary commands in web server. This commands fetch data from the database. Now what if a malicious database query can crash the whole database? For this kind of queries we can create a proxy(request handler) and intercept all the database queries. This will block the query if it is not generic or an anomaly. This way we can use a web app firewall as request handler and create some database rules to make it as a database firewall.

Last update: June 3, 2020