Imperva SecureSphere: Database security tool overview
Expert Ed Tittel examines Imperva SecureSphere Database Activity Monitoring and Database Assessment, products that are deployed as an inline bridge or as a lightweight agent to assess and monitor local database access.
Imperva Inc. specializes in cybersecurity products for data centers located on-premises or in the cloud. The Imperva SecureSphere platform includes database activity monitoring and a database firewall, database assessments and big data security products designed to protect databases, files and Web applications in physical and virtual environments.
Although they are two separate products, Imperva SecureSphere Database Activity Monitoring and Database Assessment can be to include database activity monitoring (DAM) functionality to act as a single product.
SecureSphere Database Activity Monitoring product features
Imperva SecureSphere Database Activity Monitoring is a combination appliance and software product that can be deployed non-inline, as an inline bridge, or as a lightweight agent to monitor local database access.
SecureSphere comes with predefined security policies that work with the monitoring system to alert administrators of possible malicious activity in real time. Dynamic Profiling technology (patent pending) creates a baseline of normal user access patterns to data and issues alerts when deviations are detected. Users who don't follow access policies or who perform unauthorized requests are blocked or quarantined.
Predefined audit policies are configured for PCI DSS, Health Insurance Portability and Accountability Act and Sarbanes-Oxley Act.
The Web-based interface is highly user friendly. Imperva does a great job displaying information concisely as well as making most frequently used commands available in one or two clicks. For example, the security alerts screen shows a table of violations that include time, date, database user, query, database response and a description of the violation -- all in one screen.
Imperva SecureSphere supports a wide range of databases, including Oracle, Microsoft SQL Server, MySQL, Sybase, IBM DB2, IBM IMS, IBM Informix, IBM Netezza, MongoDB, PostgreSQL, Progress OpenEdge and Teradata.
SecureSphere Database Assessment product features
Imperva SecureSphere Database Assessment includes database discovery, vulnerability assessment, configuration management and data classification. The assessment scans for over 1,000 vulnerabilities and flaws using DISA STIGs and CIS standards as benchmarks. The resulting reports include details on vulnerabilities as well as remediation recommendations, and flags configurations that don't conform to standards.
The user rights management feature lets an administrator see at a glance which users have excessive privileges, who has access to sensitive data, and when a user last used an object.
Pricing and licensing
Imperva licenses SecureSphere Database Activity Monitoring by database transaction volume, so price varies based on the environment. In this licensing model, a single license can audit and monitor an unlimited number of database servers and databases.
The platform requires a virtual or hardware appliance and management server. Lower-end hardware appliances cost about $30,000, and the price climbs to over $85,000 for higher-end appliances.
Prospective customers must contact an Imperva sales representative for specific pricing and licensing for SecureSphere products.
Imperva offers Standard, Enhanced and Premium support packages. All support plans include access to the Imperva self-service support portal, software updates (major and minor) and hardware warranties.
The Standard package includes phone support during business hours; support engineers are available by phone 24x7x365 in the Enhanced and Premium plans. Customers can engage a Designated Support Engineer for an additional cost.
Imperva supports its software products for two major versions, at a minimum. Customers are encouraged to upgrade to a supported version before support is no longer available. Equipment support extends for several years from date of initial hardware released.
Part one of this series examines the basics of database security in the enterprise
Part two of this series looks at enterprise deployment scenarios for database security tools
Part three of this series offers nine steps for purchasing database security software
Part four of this series compares the top database security tools in the industry