ScaleArc’s SQL query firewall lets you simply block any unwanted SQL queries with simple Regex patterns that can be automatically generated from ScaleArc’s analytics or custom crafted to suit certain specific use cases. Here are a few examples of the kind of traffic you could potentially block.
- Malicious SQL queries that contain SQL injection attacks, or other usage patterns that may have been specially crafted to overburden the database (e.g., queries crafted with SLEEP calls in them, or queries requesting very large ranges of data due to certain holes in application design that permit user-defined ranges). Blocking them in ScaleArc will let all legitimate SQL traffic go through but return errors to those attempting to exploit the apps or database.
- Queries that are sapping performance but whose source can’t be easily traced in the application. The moment you block such queries, the application logs themselves will return a very specific error, which will help you trace which part of the application was sending those queries.
- Query patterns you don’t wish to allow to be used in your applications. For example, a development lead at a customer didn’t want his team writing code that required JOINs, but he had no means to enforce that rule in the database. With ScaleArc, enforcing such rules is as simple as blocking keywords including “INNER JOIN” and others.