Emad Al-Mousa plays around a bit:
It’s a security mechanism designed to filter, and block unauthorized or malicious SQL query being executed against the database system before it reaches the database kernel itself. It acts as a specialized gatekeeper that ensures only “known good” queries are allowed to run. In a sense, you can compare it with WAF (web application firewall) in terms of protection mechanism.
SQL Firewall will provide protection against the following threats and attacks:
SQL Injection
Privilege Escalation
Data Exfiltration
Emad makes it very clear that this is not a viable technique, but it is also a fun enough idea that it’s worth checking out.