Imperva SecureSphere Database Security Review

I believe the most valuable feature is the GUI. If load is big and there are advanced filtering rules in place, gateways or MX can crash.


What is most valuable?

I believe the most valuable feature is the GUI. It is still very much oversized for the job it does, but in comparison to other alternatives, it is still the best at the moment.

How has it helped my organization?

Before SecureSphere was used, the native auditing tools were used, and now there is a segregation of duties when managing audit data from DBAs and DBS teams. It is a much more secure way to have audit data from databases and to monitor actions of privileged accounts.

What needs improvement?

All areas of this product have room for improvement. There are a lot of things that can be improved if you want this to run in a corporate environment with thousands of database servers. If your database server count is low, it is a fine solution for you.

Lack of centralized integration when supporting/configuring appliances (SOM has some, but not all configuration/reporting/management functions, but you can’t do a lot of things from one management appliance (SOM) and have to go to separate MX when you want to configure something). As well you can’t upgrade appliances via Update module (you can only do so with agent and that functionality has much room for improvement as the update GUI is not well designed, some functions do not work and event/alert notifications there are mostly useless). So this and some other things make management and support of very large SecureSphere infrastructure sometimes painful.

For how long have I used the solution?

I’ve been using SecureSphere for over three years.

What do I think about the stability of the solution?

It depends on the load of gateways/MXs. If load is big and there are advanced filtering rules in place, gateways or MX can crash or perform slowly.

What do I think about the scalability of the solution?

The SOM does not have all the functionality yet to manage all MXs centrally and, if you have a very large infrastructure, it is not so easy to manage it, as it requires you to apply updates or new configurations directly to agents or MXs 1 by 1.

How is customer service and technical support?

The support team responds promptly but sometimes it seems that, in more complex cases, they just try to stall for time for R&D to look at it and that they don’t know why some problems are happening.

Which solutions did we use previously?

Before, we were using native database auditing tools. Regulators have pointed out that DBAs are managing auditing tools themselves, which is not a good practice. Usage of SecureSphere and forming a new team responsible only for management of this tool was suggested.

How was the initial setup?

Setup was complex. We had to deploy hundreds of gateway appliances to gather audit data and deploy thousands of agents to different OSs. This was not an easy task, as there were no simple solutions to do that. There were also challenges to configuring auditing rules and monitoring rules to work with all kinds of databases and different kind of requirements relating to them.

What's my experience with pricing, setup cost, and licensing?

I don’t know anything about pricing and licensing.

Which other solutions did I evaluate?

I believe an IBM solution was considered, but it was much too expensive and didn’t provide as many features.

What other advice do I have?

Use the newest version (at the moment I think it is 11.5) and pay extra for staff training and additional consultation on how to set up rules, etc.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email