DBSS

Database Security Service (DBSS) is an intelligent database security service. Based on the big data analytics technologies, it can audit your databases, detect SQL injection attacks, and identify high-risk operations.

Supported Databases

Database audit provides the audit function in out-of-path disposition pattern for the following databases on Huawei Cloud:

Relational Database Service (RDS)
Databases built on ECS
Databases built on BMS

Databases of some types and versions can be audited without using agents, as shown in Table 1.

**Table 1** Agent-free relational databases
Type	Supported Edition
MySQL	All editions are supported by default.
PostgreSQL NOTICE: If the size of an SQL statement exceeds 4 KB, the SQL statement will be truncated during auditing. As a result, the SQL statement is incomplete.	All editions are supported by default.
SQLServer	2008 2012 2014 2016 2017
GaussDB(for MySQL)	Mysql8.0
DWS	1.5 8.1
MariaDB	10.2

Database audit supports the following database types and versions.

**Table 2** Database types and versions supported by database audit
Database Type	Edition
MySQL	5.0, 5.1, 5.5, 5.6, 5.7 8.0 (8.0.11 and earlier) 8.0.30 8.0.35 8.1.0 8.2.0
Oracle (The Oracle database uses closed-source protocol and has complex adaptation versions. If you need to audit the Oracle database, contact customer service.)	11g 11.1.0.6.0, 11.2.0.1.0, 11.2.0.2.0, 11.2.0.3.0, and 11.2.0.4.0 12c 12.1.0.2.0, 12.2.0.1.0 19c
PostgreSQL	7.4 8.0, 8.1, 8.2, 8.3, 8.4 9.0, 9.1, 9.2, 9.3, 9.4, 9.5, 9.6 10.0, 10.1, 10.2, 10.3, 10.4, 10.5 11 12 13 14
SQL Server	2008 2012 2014 2016 2017
GaussDB(for MySQL)	MySQL 8.0
DWS	1.5 8.1
DAMENG	DM8
KINGBASE	V8
SHENTONG	V7.0
GBase 8a	V8.5
GBase 8s	V8.8
Gbase XDM Cluster	V8.0
Greenplum	V6.0
HighGo	V6.0
GaussDB	1.3 Enterprise Edition 1.4 Enterprise Edition 2.8 Enterprise Edition 3.223 Enterprise Edition
MongoDB	V5.0
DDS	4.0
Hbase (Supported by CTS instance 23.02.27.182148 and later versions)	1.3.1 2.2.3
Hive	1.2.2 2.3.9 3.1.2 3.1.3
MariaDB	10.6
TDSQL	10.3.17.3.0

Service Features

Help you meet security compliance requirements.
- Comply with DJCP (graded protection) standards for database audit.
- Comply with security laws and regulations, and provide compliance reports that meet data security standards (such as Sarbanes-Oxley).
Back up and restore database audit logs and meet the audit data retention requirements.
Monitor risks, sessions, session distribution, and SQL distribution in real time.
Report alarms for risky behaviors and attacks and responds to database attacks in real time.
Locate internal violations and improper operations and keep data assets secure.

Deployed in out-of-path pattern, database audit can perform flexible audit on the database without affecting user services.

Monitors database login, operation type (data definition, operation, and control), and operation object based on risky operations to effectively audit the database.
Analyzes risks, sessions, and SQL injection to help you master the database situation in a timely manner.
Provides a report template library to generate daily, weekly, or monthly audit reports according to your configurations. Sends real-time alarm notifications to help you obtain audit reports in a timely manner.

Previous topic: DBSS Infographic

Next topic: Functions

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot