SQL firewalls are newcomers to the world of content security and firewalls. Historically, most SQL firewalls have been internal solutions built on various firewall and proxy frameworks such as Windows Sockets (SOCKS). However, vendors have now shifted to appliance-based firewalls (firewalls packaged as standalone, hardware-based black boxes) because customers prefer plug-and-run security products that insert easily into the network. Here is a sampling of companies that offer SQL firewall products, including the company I work for:

Check Point VPN-1/FireWall-1 with OPSEC Certified Products
Check Point Software Technologies
650-628-2022
http://www.checkpoint.com

OPSEC content (and database) extensions
http://www.opsec.com/solutions/sec_content_security.html

Check Point VPN-1/FireWall-1 can intercept, inspect, and validate SQL database-access requests and content flowing to an SQL database. The product is part of the company's Open Platform for Security (OPSEC) program, which helps multivendor partners build integrated firewall extensions to monitor database activity that crosses the firewall and to perform other security-authorization tasks.

SQL-Guard
Guardium
781-684-6288
http://www.guardium.com

SQL-Guard is an appliance that you can deploy as an SQL firewall as well as a nonblocking monitoring solution (an SQL Intrusion Detection System—IDS).

Ethereal
Ethereal
http://www.ethereal.com

This free, open-source beta software, downloadable from the Internet, is a network-protocol analyzer for UNIX and Windows that includes dissectors that can extract SQL for most SQL dialects from network packets. Developers can use these dissectors with a SOCKS filter framework to build a custom SQL firewall that has simple capabilities.