There are many features that are valuable, it depends on the purpose. If the purpose is compliance or auditing, the most valuable feature are the audit log system, as it helps you to secure an audit trail and from user to action even if the user are privileged and even if the user logs in on the physical server. If the purpose is security the most valuable feature are the way it can drop and prevent the access of sensitive table/data set by rules and policies. Lastly, if the purpose is availability, the most valuable feature is the way it can drop connections set by rules and policies.
Imperva SecureSphere Database Security Review
With the audit log system, it can secure an audit trail from privileged users with user logs on a physical server, but the UX is not great and sometimes confusing.
Valuable Features
Improvements to My Organization
If the purpose is compliance or auditing, ex PCI-DSS you need a system like this to pass part of the compliance. As I help customers with compliance, this is a great tool to make it all "simple" and the report part makes the lives easier for the users/auditors.
If it's used for security, this, or systems like this, are the last line of defence, and you will prevent incursions, or at least know what happened, and what was stolen.
If it is to be used to monitor availability, you will only know the real ROI if you are a victim of a large attack, then you can pat yourself on the back and say "Yay! We prevented that". This cannot be achieved solely on the Imperva system and you need the full suite of WAF.
Room for Improvement
This product needs a good team of UX people, because it's not always that understandable, and sometimes it's straight up confusing.
Deployment Issues
They did have some issues with HA and Clustered environments, but it is supposed to be fixed in v12, which I have not tested.
Stability Issues
No issues encountered.
Scalability Issues
There are issues, but it is supposed to be fixed in v12, which I have not tested.
Customer Service and Technical Support
Customer Service:
It's good, but it's a big company, so you need to know the paths to get the most out of it.
Technical Support:It's very good.
Initial Setup
This is a complex system, and all other in the same league are just as complex. There are no workarounds to simplify it.
Pricing, Setup Cost and Licensing
It's expensive, and their licensing is kind of strange, but it is what it is.
Other Solutions Considered
We also looked at IBM InfoSphere Guardium.
**Disclosure: My company has a business relationship with this vendor other than being a customer: We are a partner/vendor.
Last updated: Dec 30 2015
Author
Mikael Takeo
Security Professional with 501-1,000 employees
Consultant
Top ReviewerTop 5BUYER'S GUIDE
Download our free Database Security Report and find out what your peers are saying about Imperva, IBM, Oracle, and more!
