McAfee Virtual Patching for Databases

McAfee Virtual Patching for Databases

Comprehensive protection from unpatched vulnerabilities

Next Steps:


McAfee Virtual Patching for Databases shields databases from the risk presented by unpatched vulnerabilities by detecting and preventing attempted attacks and intrusions in real time, without requiring database downtime or application testing. With Virtual Patching for Databases, organizations secure protection from threats even if they have not yet installed a vendor-released patch to deal with a known vulnerability.

ePolicy Orchestrator (ePO) Integration — McAfee Virtual Patching for Databases can be directly managed with the ePO platform, providing centralized reporting and summary information for thousands of databases in a single, consistent dashboard.

Security for older versions of database management systems — Protect older versions of database management systems, even those no longer supported by the vendor. For applications running on older versions of the database where patches are no longer provided, Virtual Patching for Databases can protect the systems from attacks, helping to satisfy governance requirements.

Uninterrupted protection for production databases — Installation is nonintrusive, as the sensor is read-only, installs as a user process, and makes no changes to the database management system software. Only minimal testing of applications is necessary.

No database downtime required — Implement patch protection without having to take down databases during installation.

Features & Benefits

Protect sensitive databases between the release and installation of vendor patches

Safeguard databases with virtual patches. McAfee host-based software uses a small, nonintrusive sensor on each database server to detect and prevent attempted exploits of vulnerabilities.

Get ongoing updates to defend against exploits

Trust continuous research of the evolving threat landscape to provide timely patch updates that keep organizations protected despite the changing nature of attack vectors.

Facilitate compliance by keeping systems up to date

Meet compliance standards, including PCI DSS, HIPAA, SOX, and other corporate governance rules.

Secure your databases with an easy-to-implement solution

Save time with less frequent patches, reducing the effort required for application regression testing and physical patch installation.

Simplify managing database security through integration with McAfee ePolicy Orchestrator (McAfee ePO)

McAfee Virtual Patching for Databases is integrated with the ePO software to provide a single pane, unified management platform for database security and other solutions.

System Requirements

These are minimum system requirements only. Actual requirements will vary depending on the nature of your environment.

Minimum system requirements

  • Microsoft Windows Server 2003 with Service Pack 2 (SP2) or higher
  • Microsoft SQL Server 2005 with SP1 or higher
  • 2 GB RAM
  • 1 GB free disk space
  • Browser (for management console): Firefox 2.0 or later, or Microsoft Internet Explorer 7.0 or later

Supported Databases

  • Oracle version 8.1.7 or later, running on Sun Solaris, IBM AIX, Linux, HP-UX, Microsoft Windows, including Oracle RAC and Oracle Exadata
  • Microsoft SQL Server 2000 or later on any supported Windows platform
  • IBM DB2 LUW 9.5, 9.7, 10.1, and 10.5
  • Sybase ASE 12.5 on all supported platforms
  • MySQL 5.1, 5.5, and 5.6 on Linux
  • MariaDB version 5.5 (5.5.32 and later) on Linux 32 and 64 bit


Data Sheets

McAfee Virtual Patching for Databases

For a technical summary on the McAfee product listed above, please view the product data sheet.

Solution Briefs

Defend Legacy Databases and Operating Systems

McAfee has a simple, proven approach to securing EOL databases that combines two best-in-class technologies recognized by compliance officers as valid compensating control for legacy database platforms.

Database-Friendly Security

McAfee Database Security offers real-time protection for business-critical databases from all vectors and types of threats: external, internal, and even intra-database exploits.

McAfee Database Security

McAfee Database Security offers real-time protection for business-critical databases from all types of threats: external, internal, and even intra-database exploits.

Top Five Reasons to Deploy a Dedicated Database Security Solution

Learn about the top five reasons why you should deploy a dedicated McAfee Database Security solution.

White Papers

A Practical Guide to Database Compliance

Compliance does not automatically equate to security. A company may be compliant with a host of regulatory requirements, while its databases remain exposed and vulnerable. Learn how McAfee Database Security can help prevent such vulnerabilities.