Blue Lane ServerShield

How It Works

Deployment

Coverage

Features and Benefits

ServerShield for Oracle

InfoWorld's Review

ServerShield for Oracle

The Challenge for Administrators — 80+ Vulnerabilities Addressed in
January 2006 Alone

As IT administrators continue to struggle to patch quickly without operational disruption, the search for alternatives to rapid, unplanned patching continues. Nowhere is the problem more acute than in Oracle database implementations. With greater than 40 percent market share of the world’s relational database market, Oracle often constitutes an integral component of an organization’s critical infrastructure. Yet failure to properly test new Oracle patches prior to deployment dramatically increases the risk that database and application availability will be affected. And the all too frequent release of patches considered “critical” is continually increasing, stretching already thin IT resources. Even if proper testing can be accomplished in a reasonable timeframe, many companies maintain applications and operating systems that are now being kept in place long after their expected lifespan.

In the January 2006 patch update from Oracle, more than 80 vulnerabilities were addressed, including 37 alone in the core database application. Oracle’s patch updates are not explicit in naming packages, programs and commands within its updates, making the challenge to database administrators that much greater when determining the impact of the update to their organizations.

Fixing Software Vulnerabilities at the Root Cause

The Blue Lane ServerShield System provides the only patching alternative to the installation of Oracle’s Critical Patch Updates. With the inline patches for Oracle, the ServerShield System fixes the database software vulnerabilities at the root cause, checking for the same conditions and applying the same corrective action as Oracle’s patch update. However, because ServerShield resides in the network in front of the server, it requires zero changes to server software. Enterprises can now immediately secure Oracle applications, gaining all of the benefits of the Oracle patch until the actual patch can be installed.