RE: Blue Lane Patchpoint

From: Matthew Zito <mzito_at_gridapp.com>
Date: Mon, 24 Jul 2006 18:03:44 -0400
Message-ID: <C0A5E31718FC064A91E9FD7BE2F081B15E46EB@exchange.gridapp.com>

Well, I don't have any personal experience, but here's the deal -

Bluelane's premise - when a security vulnerability comes out, it can take a long time to get all the servers, databases, and applications patched. You need immediate protection

Their solution: a server appliance that sits in between your users/clients/database clients/etc. and all of the traffic flows through them:

database clients ------ bluelane box ------- database

No one can connect to the database without going through the bluelane box (this is true for servers and enterprise applications, but we'll use databases for obvious reasons). Let's say there's a security patch for Oracle that fixes a hole. Instead of installing the patch on your databases, the bluelane box looks for traffic that is malicious and trying to take advantage of that security hole, and "pretends" to be the database and fixes it. Bluelane does not actually patch your databases, and does not have any functionality that allows that.

Good thigns about this: theoretically, you don't need to patch your databases

Bad things about this: There's a lot:

All of your mission-critical traffic has to go through this bluelane box. If it goes down, your applications stop. If it gets too busy, it's a performance hit.
If someone can connect "around" or not through the bluelane box, they can still hack the database
The vast majority of database patches are not security patches, but stability patches - this solution does nothing for that.
It doesn't protect against vulnerabilities that can be executed directly against the database from the server its running on
If you're encrypting your traffic from your database clients to the database to improve enhanced security, the bluelane box cannot "see" inside the traffic (unless they're doing some very difficult and insecure engineering hoops internally, I'm not 100% sure)

Thanks,
Matt

From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Jared Still Sent: Monday, July 24, 2006 5:08 PM
To: Oracle-L Freelists
Subject: Blue Lane Patchpoint

Have you had experience with Blue Lane's patching solutions that you would care to share?

Is so, I would like to here about your experiences, both positive and negative..

For those of you that do not know what Blue Lane Patchpoint is:

http://bluelane.com/product/oracle.php

Download a paper for Oracle:
http://www.bluelane.com/EROracle/

The paper requires registration.

-- 
Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist


--
http://www.freelists.org/webpage/oracle-l

Received on Mon Jul 24 2006 - 17:03:44 CDT