This discussion is archived
3 Replies Latest reply: Mar 16, 2012 2:19 AM by User396406 - Oracle RSS

Monitor non database related traffic

User396406 - Oracle Newbie
Currently Being Moderated
Dear all,

As DB firewall can monitor and block all database related traffic, what if a user telnet/ssh to the database server then execute SQL statement? Can this kind of activities be monitored/logged in DB firewall?

In addition, how many databave server that a DB firewall can be monitored? Is there any limitation?

Thanks for your help,
  • 1. Re: Monitor non database related traffic
    819493 Pro
    Currently Being Moderated
    Hi, and welcome to the forum!

    As I understand the documentation (haven't worked with DB Firewall), there will be no protection from locally (on the database server) entered and executed SQL. This since the SQL never makes it on to the network.

    I suspect that this is something you'll have to protect yourself against from with the help of limiting local access to the servers, both remote access via telnet/ssh and console access.

  • 2. Re: Monitor non database related traffic
    691757 Newbie
    Currently Being Moderated

    the Oracle Database Firewall provides a so-called local monitor. Statements that are not sent over the network will be captured and stored in a table. The content is then sent to the Firewall or Management Server. But so far it is not possible to block such statements.

    I think there is a limitation. You can create Enforcement Points and for each enforcement point you can configure databases. In patch 4 for version 5.0 the number of possible enforcement points was changed to 80, but I don't know how many databases you can configure. This limitation is for a single database firewall.

  • 3. Re: Monitor non database related traffic
    User396406 - Oracle Newbie
    Currently Being Moderated
    Hi Johan & JoergB,

    Many thanks for your reply and it's useful.



  • Correct Answers - 10 points
  • Helpful Answers - 5 points