Imperva SecureSphere Database Security Review

Policies and alerts allow us to detect malicious activity in critical databases


What is our primary use case?

The primary use case is specific to database security through log auditing, to identify the actions performed by various users. That gets logged. Then policies are used to see whether any action performed by a database user is below a threshold or above a threshold; whether there should there be an alert because of it.

It is used by specific teams within our organization to monitor activity, to see whether there is any malicious activity or a user who's not supposed to be performing a certain action.

How has it helped my organization?

It helps us look into who's doing what, particularly on databases related to critical applications. That's the way we see it as useful. We've been using it for four or five years now, and it has been bringing in the value that we expected it to.

What is most valuable?

The tool happens to be very intelligent when it comes to processing policies and sounding alerts. It allows us to implement policies and measure actions against them, raising alerts accordingly. That is the best feature.

What needs improvement?

Comparing it with other products in the market, we definitely see that Imperva SecureSphere is head-to-head with the likes of McAfee, IBM Guardium, and others. It's definitely good. The only challenge I see is that SecureSphere is deployed on servers or databases which are held on physical infrastructure. However, there are databases which are hosted on cloud platforms and Imperva has a separate tool altogether for that, not SecureSphere. If an organization is monitoring databases which are on physical as well as virtual infrastructure, running two different tools can become a problem. If that could be merged together it would be an improvement.

Having read about Imperva, I couldn't get much detail as to what their roadmap is for the future, whether they would want to merge them or not. But as a customer, if I can have one tool for various landscapes, like the databases hosted on a physical landscape as well as the virtual ones, that makes it a lot easier.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The stability has been good. In our case, we've been using it through one of our suppliers so we don't directly manage it. It's our supplier who manages it for us. The supplier happens to manage the infrastructure on which the database application or databases are hosted as well.

We don't deal with it but, getting the reports that we have been getting from our supplier, it looks pretty good as far as stability is concerned. We haven't experienced many issues. Even if there were any, it would be our supplier's responsibility to make sure that they got resolved very quickly, so they rarely come to our notice.

What do I think about the scalability of the solution?

When it comes to scalability, as I noted, there are two different tools, one for physical infrastructure and another for virtual infrastructure.

If I want to scale it up from a physical to a virtual platform, that's certainly not a feature at this point of time. That can be a drawback. You have to look for a separate tool from the same vendor because you already have an existing tool from that vendor which is doing well. And you cannot have tools from two different vendors running on two different platforms.

How are customer service and technical support?

We have not used technical support. Our supplier manages the tool, so we don't get in touch with Imperva if there are any issues. Our supplier does that for us.

What other advice do I have?

My advice is to go to IT CentralStation and download the report on database security tools.

In general, it's all about the policies that you put into the tool to get the output. The tool itself is pretty smart. As someone who is designing the policies or the outputs or the queries, it is like putting a query into a SQL database to get the results. The better or more optimized the query is, the better output you will receive, and so it goes with this solution.

When selecting a vendor, pricing, of course, is the most important thing to look at. Then, you look at the scalability options, at how good the tool is, that it suffices your functionality requirements, and that it provides interoperability.

I rate Imperva at eight out of ten across the various areas that I just mentioned, be it interoperability, scalability, cost, or ease of installation and setup. Measuring it on each of these aspects is how I came up with my rating.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email