We help IT Professionals succeed at work.
Get Started

Watchguard M400

74 Views
Last Modified: 2015-12-10
I have got IPS enabled and denied on most accept information. I have packet filtering policy with IPS enabled for all server including SQL.

I have SQL monitoring agent that looks for trigger words/code in the URL the user is submitting and it has been sending email alert for Possible SQL injection from URL, Trigger - @@, Time and IP - 208.x.x.x.

We have client website manged by us that send query to our SQL server. It looks  bot probing us to see if we have sql injection vulnerabilities. I don't see threat on Watchguard blocked list.
What kind of configuration on watchguard ensures better security against such threat. When I called watchguard they said to enable proxy based policy for that SQL server on HTTP. If I do that would it block genuine request to DB from client web site.

Also, I was planning to add NetFort SQL for LANGuardian on existing LANGuardian VM. But I am not sure if it allows the inspection of packet and signature tracking and blocking.
Comment
Watch Question
Top Expert 2015
Commented:
This problem has been solved!
Unlock 1 Answer and 1 Comment.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE