Imperva SecureSphere Database Security Review
We found new patterns of user behaviour and corrected authorisations.

Improvements to My Organization:

Database auditing has become simple and easy, releasing storage previously used for native database audit processes. We found new patterns of database users' behaviour and corrected some user authorisations.

Room for Improvement:

Mainframe mappings/agents/optimization for CPU usage are areas with room for improvement.

Agent on z/OS does not have a limit for CPU usage like on other platforms. If
you specify filter too "wide", the agent would consume too much cpu so that
could cause more cost for your mainframe. Agents are a bit special for
configuration because the logic is different than the one on other

That is because mainframe agents were originally from Tomium company that
was acquired by Imperva some time ago. They still run the same code, just
little improved.
At this point, my configuration does not collect what I expected, but that
could be due to bugs, that is expected to be solved in version 12 of the

You can say for sure that security audit costs money - in this case, your
mainframe CPU money.

Use of Solution:

I have been using it for 18 months.

Deployment Issues:

We had a problem with mainframe DB2 mappings; incorrect results due to bug. A fix is expected in DAM (Database Activity Monitoring) version 12 in March 2017.

Stability Issues:

I have not encountered any stability issues. Only, you need to optimize the data/events you are receiving. If you have too much input, you will have a stability problem (in that case, lower event throughput and increase manager memory).

Scalability Issues:

I have not encountered any scalability issues. It's flexible.

Customer Service:

Customer service is excellent, 5/5.

Previous Solutions:

We did not previously use a different solution. We had some pilot projects and chose this solution.

Initial Setup:

Initial setup was straightforward and it was simple/easy to install and customize.

Implementation Team:

A combination of in-house and local support teams implemented it. We are satisfied with their level of expertise.


ROI is good. We needed this system for getting ISO 27001.

Pricing, Setup Cost and Licensing:

Be careful if you have a mainframe. Calculate well...

Other Solutions Considered:

Before choosing this product, we evaluated IBM InfoSphere Guardium.

Other Advice:

We are very satisfied with this product. It's simple to use, customize and administer. Installation is simple and easy, even on mainframe.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

Add a Comment

Why do you like it?

Sign Up with Email