Solution of university database security protection
Industry pain points and needs

With the rapid development of computer technology, the application of database is very extensive and goes deep into various fields, but there are data security problems and database access security problems. As the aggregation of information, database system is the core component of computer information system, and its security is very important. People pay more and more attention to the security of a large amount of data in the database of various application systems, and the anti theft and anti tampering of sensitive data.

The main database security risks faced by colleges and universities are as follows:

1. Access identity authentication. Students, teachers and developers of third-party business systems can access the database or access the services provided by the database. There are some problems in the traditional database management mode, such as inadequate management process, lack of technical means, and lax identity authentication and access control;

2. Database operation and maintenance control. In view of the complexity of database operators in Colleges and universities, the traditional information security construction in Colleges and universities often focuses on standardizing network layer application users and focusing on access control at the network boundary, but lacks effective behavior control for internal personnel;

3. The SQL injection problem cannot be cured by external hacker attacks.

Our programme

Palladium next generation database application security defense system (ngdap) is a new generation data protection system developed by Hangzhou Palladium Network Technology Co., Ltd. Ngdap collects, analyzes and identifies the data stream accessing the database. Monitor the running status of the database in real time, record a variety of database access behaviors, find abnormal access to the database and block it in time. The highest security protection system of the database is built through four unique firewalls:

Database network firewall

The network IP address and protocol port are used to prevent unauthorized access to the database host operating system, such as remote download and copy, and solve the threat of data leakage at the operating system level.

Database behavior firewall

Using streaming session technology to fully analyze the database protocol can give an efficient, accurate and timely early warning and block the internal illegal database operation, so that there is no hiding place for malicious illegal operations.

Database access firewall

Solidify the access access rules through the self-learning of the white list (automatically learn the five elements of database access behavior, and artificially solidify the security rules through the manager). The uncured database access behavior will carry out real-time early warning and session blocking (access source access factors include host name, user name, application tool name and database account name), Fundamentally solve the threat of malicious database access.

Database service firewall

Palladium breaks through the technical barriers based on the rule base security protection system, uses the stream session technology to automatically sample and learn the keywords, logical relationships and other characteristics of business SQL statements, and combined with high-performance SQL semantic analysis and calculation, constructs the corresponding SQL syntax tree and completes the modal data modeling, so as to carry out efficient, timely and accurate early warning and blocking of unknown threats. Fundamentally solve the security threats of three-tier business system access, such as SQL injection attack, Zero Day attack, apt attack, web Trojan horse, backdoor program and other attacks that threaten the database.

Deployment mode

Customer Benefits

1. Support off-line deployment and original bypass blocking technology without changing the existing network topology;

2. Support transparent network bridge deployment and create three-layer ByPass technology without sensing to ensure business continuity;

3. Supports anti-generation deployment to hide the real IP address while protecting the database.

4. Completely solve the zero-day attack, APT attack, SQL injection attack, web Trojan, backdoor procedures and other means of database data threats;

5. You do not need to install the Agent or configure the database. Without affecting performance or modifying the database, you can continuously trace all database operations to identify unauthorized or suspicious activities and block them in time to prevent the database from being attacked.

6. Improve users' convenience of database security management, and improve users' ability of risk control and regulatory compliance;

7. Protect the availability, confidentiality and integrity of data in the database.

Classic cases
  • 上海戏剧学院
  • 上海财经大学
  • 上海音乐学院
  • 北京工业大学
  • 武汉大学
  • 上海交通大学
  • 西安交通大学
  • 重庆医科大学
  • 南通大学
  • 上海金融学院
Copyright © 2019 All Rights Reserved Designed
Hangzhou pldsec Network Technology Co