What is our primary use case?
The primary use case is for database monitoring. We are also using the blocking part, which is used for:
- Any suspicious activities which are done, such as delete command and query command, outside the admin, the solution is supposed to block them.
- The blocking of compromised databases through cloning. Blocking will not allow the cloning.
We use it for blocking and auditing. Our job is monitoring. We are a government entity and provide services to other ministries. We use Imperva for its Database Activity Monitoring and File Integrity Monitoring tools. We have also enabled Database Firewall.
How has it helped my organization?
As we are very sensitive to financial impacts, this product provides great protection for our organization.
It enabled us to monitor the most critical DBA activities, and most critically helped us identify default accounts and passwords. Additionally, with this solution we were able to block an external attack on our Oracle DB.
What is most valuable?
- DB Activity Monitoring
- DB Firewall
Their web application firewall (WAF) is quite good.
What needs improvement?
They have to put more focus on the administrative part of the application, especially on upgrades. There are a lot of packages to download and install that you have to be knowledgeable on. For example, we tried to install a version, and it did not work. Then, support had to become involved.
They should add an application availability dashboard feature and should focus more on the alerting mechanism.
There is a problem with the integrations. I would also like to see improvement in the integration part of the tool. This should be an easy process. For example, I had an issue with the integration of a file server.
Within the endpoints, the communication is breaking down most of the time. Sometimes, once the communication stops, it does not resume again.
They could approve monitoring in the next release. E.g., right now, we lack the ability to know when databases are down. This is something we could use monitoring to mitigate.
For how long have I used the solution?
I have been using Imperva for around four and a half years.
What do I think about the stability of the solution?
The stability is good. Sometimes the gateways disconnect and connect again automatically.
We have a dedicated staff person for maintenance: alert, fine tuning, and adjustments.
What do I think about the scalability of the solution?
The solution is scalable. I would rate the scalability as an nine out of ten. We have used this solution since 2014 but have not encountered any scalability issues so far.
Within our organization, we have around 500 users. Our site protects approximately 70,000 end users.
How are customer service and technical support?
When the technical support is required, they assist us. I would rate them as seven out of ten because they are not so good due to the due to differing time zones.
We managed by using the regional vendors. Overall, the support is effective.
Which solution did I use previously and why did I switch?
We previously used IBM Guardium. Before 2015, it was bit complicated to use.
How was the initial setup?
A bit complex, but following the instructions and the manual guide is enough for the initial setup. A little knowledge helps.
What about the implementation team?
We used the Imperva Professional Services for the configuration in our environment. It is important to have experienced professionals do these changes.
The initial deployment for our team was a failure.
The implementation took one week. Afterwards, the configuration started, then the use case testing. Overall, it took for us around one month.
Our local partner is now supporting us. Gulf IT has very good experience in the Middle East. They are nice to work with and supporting us well.
What was our ROI?
We have seen ROI, as it protects our company from threats.
This tool helped us mitigate audit risks by 100 percent.
What's my experience with pricing, setup cost, and licensing?
We have all the licenses, which we pay for annually. The price is a little high, but the product is good.
Which other solutions did I evaluate?
What other advice do I have?
Identify the proper use cases, then implement it.
Resource overhead management is a good option. The OS chain option provides the real user behind the DB application user.
Which version of this solution are you currently using?