I love open source software, however not many open source projects make it and become an enterprise grade solution. In the security field only a handful of projects have succeeded in doing so: snort,Nessus and ModSecurity come to mind. GreenSQL, the only open source database firewall is on its way to achieving this: Its first non beta version, labeled appropriately 1.0 was just released.
As expected, this release focuses on becoming a non-beta release: optimization, pre-packaging for different environments and bug fixes top the list of changes.
For those of you new to GreenSQL, this is an open source database firewall that connects as a proxy between before a MySQL server. GreenSQL employs both a negative security model and a positive security model. The negative model blocks suspicious SQL queries such as data definition commands. The positive model allows SQL queries performed during a learning period and blocks other queries. GreenSQL includes an intriguing anomaly scoring algorithm, However it is only used to quantify the risk of blocked commands and not as a blocking criteria.
Database Firewalls are siblings to Web Application Firewalls. Some think of them as two sides of the same coin, while others view them as independent security solutions within the data center. As we can see from this short description of GreenSQL, WAFs and Database Firewalls have conceptually similar detection engines however they have a very different implementation.
If you use GreenSQL, you are more than welcomed to share you experience.