May 16, 2011 at 9:26 am
I am thinking about putting up GreenSQL firewall in front of one of our sqlserver instances, since there will be internet requests coming to that server.
Has anyone got any reviews on that product ? 🙂
May 16, 2011 at 11:24 am
Looks like an interesting product. Not sure I like their pricing structure though.
CEWII
May 16, 2011 at 12:53 pm
I don´t think they charge for GreenSQL Express, which should be enough for most security issues...
May 16, 2011 at 1:52 pm
It's not so much how much much you spend on security as how much it will cost you if your security fails!
I must admit to always having hardware firewalls and a bunch of other stuff for protection - and it's generally a dedicated team who handle this.
One important step to lessen the risk of sql injection is to only use parameterised stored procedures and never accept single or double quotes in anything.
the rest depends upon your level of paranoia. Strong data typing is useful - if you only 20 chararcters for an input field then don't declare a variable varchar(max).
Security really starts in the application/web/app/database tier , you add the other stuff to enhance it not ptovide the solution..
[font="Comic Sans MS"]The GrumpyOldDBA[/font]
www.grumpyolddba.co.uk
http://sqlblogcasts.com/blogs/grumpyolddba/
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply