Imperva SecureSphere Database Security Review

Good granular auditing, but have had issues with the WAF and do not find it user friendly

What is our primary use case?

We primarily use the solution for monitoring database activities.

What is most valuable?

Currently, we have audit features for auditing databases, for example, granular auditing, which we really enjoy. We've been using it to check what users do. 

Apart from the WAF, which we've had issues with, every other feature we've been able to use very well. We use it for scanning databases, which is perfect. We need to run vulnerabilities counts as well, and this solution is great for that.

What needs improvement?

The feature right now that we have not been able to use successfully is the firewall aspect, the WAF.

In terms of the WAF, we tried their blocking functionality at some point, and our entire company came to a halt due to the fact that it was blocking even database connections. It was hanging our databases. Until now, we've not been able to fully use their database blocking functionality very well. That is the only aspect that I wish could be improved tomorrow.

The entire system is not user-friendly for me, and definitely not as user-friendly as Oracle Vault. It should be more user-friendly, to make it much more competitive in the space. 

The technical support is not offered by the company itself. Rather, you can only get technical support via partners. It isn't that good and because of this, we want to leave the product.

The solution is expensive.

If we can look at a system that can do 360 annual. There is an app call bridge that is something they've introduced, however, we don't have that yet. I don't know if that is able to do application monitoring as well, but I wish they had a feature that could do both the database and application monitoring.

For how long have I used the solution?

I've been using the solution for about four to five years now.

What do I think about the stability of the solution?

The stability is okay. I don't recall any kind of bug or glitch. It doesn't freeze or crash. Aside from issues with WAF, it's good.

What do I think about the scalability of the solution?

The scalability is fine for our purposes. We are able to modify the product, and we are able to do things to suit what we need, so it's okay for us. If I were to rate them out of ten on scalability, I'd give them a six.

How are customer service and technical support?

One of the reasons we want to leave this solution is the fact that we don't have any technical support whatsoever. If there was some on offer, it might convince us to stay. Technical support is typically handled by partners, and they do not do a good job. We've been trying to reach the parent company directly because we are unsatisfied with the level of service we've received and we've had no luck. Therefore, we'll probably leave the service altogether.

What's my experience with pricing, setup cost, and licensing?

The solution is pretty pricey. It's not the least expensive option. An organization will have to ensure they have the budget to cover the cost or having the product. I'd say that the amount of money they charge is unreasonable sometimes. If I were to rate them out of ten on pricing, I would give them a one.

Which other solutions did I evaluate?

We're currently looking to move away from Imperva. We're considering Audit Vault.

What other advice do I have?

The solution is okay, however, there is a lot to be improved upon. For that reason, I'd rate them five out of ten overall.

It's not a bad tool. It's a good tool. I tend to recommend it to others, however, if you're a small company, it may not make sense due to the fact that it is quite expensive.

Which deployment model are you using for this solution?

**Disclosure: My company has a business relationship with this vendor other than being a customer: partner
More Imperva SecureSphere Database Security reviews from users
...who work at a Financial Services Firm
...who compared it with Oracle Audit Vault
Add a Comment