This content has been marked as final. Show 3 replies
Hi, and welcome to the forum!
As I understand the documentation (haven't worked with DB Firewall), there will be no protection from locally (on the database server) entered and executed SQL. This since the SQL never makes it on to the network.
I suspect that this is something you'll have to protect yourself against from with the help of limiting local access to the servers, both remote access via telnet/ssh and console access.
the Oracle Database Firewall provides a so-called local monitor. Statements that are not sent over the network will be captured and stored in a table. The content is then sent to the Firewall or Management Server. But so far it is not possible to block such statements.
I think there is a limitation. You can create Enforcement Points and for each enforcement point you can configure databases. In patch 4 for version 5.0 the number of possible enforcement points was changed to 80, but I don't know how many databases you can configure. This limitation is for a single database firewall.