2

MariaDBEnterprise Security

3

MariaDB Enterprise: Packaged Enterprise RDBMS

1.2.3.4.5.6.7.8.

MariaDB Enterprise

MariaDB Enterprise Cluster ▪▪

High Availability

•

Scalability •

Performance•

•Security Stack

•

•

•

MariaDB Enterprise Spring 2016

Detect, Protect, Audit, Improve

Detect and Prevent Attacks- Unauthorized Access- Denial of Service- SQL Injections

Protect Data with EncryptionNative Mode Encryption protects data at rest

Audit for Forensics and Compliance

Benefit from CommunityProtection

SSL Encryption protects data in motion

MariaDB Enterprise Security

■

■

■

■

7

Authentication

8

Threat Protection with the Database Firewall

○

■

■

■

○○

■

■

■

■

■

•

•

•

More information on the Firewall

Denial of Service attack protection

■ MariaDB MaxScale Persistent Connections

■ Connection pooling protects against connection surges

■ Cache the connections from MaxScale to the database server

■ Rate limitation

■ Client multiplexing

9

Attack Protection with MariaDB MaxScale

More information on the DoS protection

■

■

■

■

■

■

10

Encryption for Data in Motion

More information on the Connectors & SSL More information on those functions

■

■

■

■

■

○11

Security - Encryption

More information on the Encryption functions

■

■

Security - Auditing

12More information on the Audit Plugin

Connection

Query

Object

ConnectDisconnect

Failed Connect

DDLDML+TCL

DCL

DatabaseTables

TimestampHostUser

Session

MariaDB Enterprise Server 10.1.13+ included Security Features

●○○

●

○

○●

○

13

MariaDB Enterprise Security Features

More information about Enterprise Server Security Features

MariaDB Security Gets Stronger All the Time

14

MariaDB User Community

▪ Quickly identifies new threats

▪ Reports vulnerabilities

▪ Creates solutions

▪ Contributes features

Get notified by watching this page.

Detect and Prevent Attacks• Role Based Access Control

• Password management and validation plugin

• Key Management Services - AWS or Eperi KMS

• Blacklist firewall filtering in MaxScale

• Authentication plug in1. LDAP2. ssh passphrases3. One-time passwords (even

with SMS confirmation)4. System authentication 5. Combinations of

authentication modules

Protect Data with with encryptionNative Mode Encryption protects data at rest

• Everything — all tablespaces and all tables

• Individual tables

• Everything, excluding individual tables

• Support for rolling keys

• XtraDB/InnoDB log files

• Binary log

Audit for Forensics and Compliance• Log database

connection, queries and table access

SSL Encryption protects data in motion

Benefit from Community Protection• Faster detection of

vulnerabilities

• Better threat response

• Security features

MariaDB Enterprise Security

New Service: MariaDB Security Audit

16

■

■

■

■

■

■

17

How do I Evaluate MariaDB Enterprise?

18

Q&AWe will send you those

slides and this video after this webinar.

https://mariadb.com/kb/en/mariadb/password-validation/

19

MariaDB Enterprise: Webinar links

20

MariaDB Enterprise: Additional Resources

Thank You

21

22