Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
![]() |
![]() |
Home -> Community -> Mailing Lists -> Oracle-L -> RE: Blue Lane Patchpoint
Well, I don't have any personal experience, but here's the deal -
Bluelane's premise - when a security vulnerability comes out, it can take a long time to get all the servers, databases, and applications patched. You need immediate protection
Their solution: a server appliance that sits in between your users/clients/database clients/etc. and all of the traffic flows through them:
database clients ------ bluelane box ------- database
No one can connect to the database without going through the bluelane box (this is true for servers and enterprise applications, but we'll use databases for obvious reasons). Let's say there's a security patch for Oracle that fixes a hole. Instead of installing the patch on your databases, the bluelane box looks for traffic that is malicious and trying to take advantage of that security hole, and "pretends" to be the database and fixes it. Bluelane does not actually patch your databases, and does not have any functionality that allows that.
Good thigns about this: theoretically, you don't need to patch your databases
Bad things about this: There's a lot:
Thanks,
Matt
From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Jared Still
Sent: Monday, July 24, 2006 5:08 PM
To: Oracle-L Freelists
Subject: Blue Lane Patchpoint
Have you had experience with Blue Lane's patching solutions that you would care to share?
Is so, I would like to here about your experiences, both positive and negative..
For those of you that do not know what Blue Lane Patchpoint is:
http://bluelane.com/product/oracle.php
Download a paper for Oracle:
http://www.bluelane.com/EROracle/
The paper requires registration.
-- Jared Still Certifiable Oracle DBA and Part Time Perl Evangelist -- http://www.freelists.org/webpage/oracle-lReceived on Mon Jul 24 2006 - 17:03:44 CDT
![]() |
![]() |