Imperva SecureSphere Database Security Review

This is a very complex solution with a wide range of capabilities.


Valuable Features

The database activity monitoring module used for real time database monitoring and integrated into the security event and incident monitoring solution. Most importantly for our critical legacy databases that cannot be encrypted and require real time a activity monitoring.

Improvements to My Organization

It provides a more granular monitoring of database activity at the column and row level as opposed to high level database management system logs.

Room for Improvement

The professional services and customer training aspect needs to be improved.

Use of Solution

I've used it for four years.

Deployment Issues

The first implementation was not tailored to our specific requirements and the system was basically an expensive log collector until the vendors came to capture our requirements and then made modifications. This was then followed up with training.

Stability Issues

No issues encountered.

Scalability Issues

No issues encountered.

Customer Service and Technical Support

Customer Service:

It's moderate.

Technical Support:

It's moderate.

Previous Solutions

I used a different solution with a former employer.

Initial Setup

We are a large organization with about 100 critical heterogeneous database servers. This means that one configuration does not fit all, and that made the implementation very complex. Combined with protection of sensitive information that could be logged by the solution.

Implementation Team

We used a vendor and their level of expertise was between moderate and high.

ROI

The ROI based on the number of prevented, and detected, information security incidents can be classified as high.

Other Solutions Considered

We also looked at Sentrigo Hedgehog by McAfee.

Other Advice

Ensure the vendor clearly captures your specific database monitoring requirements and that might include importing the metadata of the database for proper monitoring. Training should be included in the implementation budget as this is a very complex solution with a wide range of capabilities.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest

Sign Up with Email