MySQL Enterprise Firewall

Disponible uniquement avec les éditions commerciales

MySQL Enterprise Firewall guards against cyber security threats by providing real-time protection against database specific attacks. Any application that has user-supplied input, such as login and personal information fields is at risk. Database attacks don't just come from applications. Data breaches can come from many sources including SQL virus attacks or from employee misuse. Successful attacks can quickly steal millions of customer records containing personal information, credit card, financial, healthcare or other valuable data.

MySQL Enterprise Firewall protects your data by monitoring, alerting, and blocking unauthorized database activity without any changes to your applications. It provides multiple operating modes to help administrators block, detect and respond to malicious database attacks:

  • Allow - SQL statements are executed and results are generated for statements that match an approved whitelist
  • Block - SQL statements are blocked from executing that do not match an approved whitelist
  • Detect - SQL statements that do not match a whitelist are executed and administrators are notified of policy violations
Enterprise Firewall

Block SQL Injection Attacks

MySQL Enterprise Firewall blocks SQL Injection attacks that can result in loss of valuable personal and financial data. Whitelist creation, real-time threat monitoring, SQL statement blocking and alerting enable DBAs protect data assets.

NEW! Database Intrusion Detection

Acting as a security alarm, MySQL Enterprise Firewall notifies administrators to SQL statement activity that does not match an approved whitelist.

Real-time Threat Monitoring

MySQL Enterprise Firewall monitors for database threats in real time. All incoming queries pass through a SQL analysis engine and are matched against an approved whitelist of expected SQL statements. SQL attacks are blocked if they don't represent expected statements.

Block Suspicious Traffic

Statements that do not match the approved whitelist are blocked, logged and can be analyzed to help block a potential SQL injection attack. This provides DBAs with valuable information in preventing malicious attacks, stolen credentials and loss of data.

Learn and Build whitelists

Automatically create user specific whitelists of pre-approved SQL statements using a self-learning system. MySQL Enterprise Firewall records all incoming SQL statement and builds a whitelist. Only incoming queries that match the whitelist are approved and allowed to pass through to MySQL.

Transparent Protection

MySQL Enterprise Firewall requires no changes to your application regardless of development language, framework or 3rd party application. MySQL Enterprise Firewall acts as a "walled garden" transparently protecting MySQL databases regardless of application development language (Java, Python, PHP, .NET, Javascript, etc.), database frameworks (Hibernate, Doctrine, SQL Alchemy, etc.) or 3rd party applications (Wordpress, Joomla, Drupal, etc.).

High Performance

MySQL Enterprise Firewall runs within each MySQL instance and provides scale-out performance. It doesn't require additional firewall services to run or maintain and runs transparently so no changes are required to your database applications.


MySQL Enterprise Firewall tracks and provides metrics on both allowed and blocked SQL statements. Blocked statements are logged for inspection and alerting.

Additional Resources