Imperva SecureSphere Database Security Reviews

• SecureSphere Database Assessment
• SecureSphere Database Activity Monitoring

It was instrumental in scanning a large inventory of databases to identify sensitive data. Using Imperva Assessment scans, we were able to identify SHR, PII & confidential data sources in a large inventory of database systems.

This helped us classify our large inventory and apply additional security controls based on the data classification output.

I would like to see a better web management console; the UI is not very intuitive, unless you really know what you’re doing. And scan error details should be readable from the web console, instead of running Unix commands on the backend server to view detailed logs.

I would like to see improvements in setting custom device configuration (e.g., Server Name, TCP Port for connections). In a large inventory, it is a time-consuming process if you need to change any configuration.

The web management console UI, could be much more user friendly. The product is pretty powerful, but the management UI is not very intuitive, i.e. not very user friendly and can be improved to make it much better.

When the DAM scans contains errors, the web UI should have the ability to show detailed logs in the web console, instead of requiring an admin to query the back-end server via commands to retrieve scan error logs. This limited web functionality causes extra work when scanning a large inventory where sometimes some servers return scan errors.

I have used it for 3.5 years.

I have not encountered any deployment, stability or scalability issues.

While configuring custom strings for data classification, we did engage Imperva Support and they were very helpful in setting up custom hex strings to help with our data classification. The response time was good too.

As mentioned above, Imperva was already set up in our Enterprise environment and we only had to add on the Database Assessment module license to our setup.

It was implemented in-house.

During the evaluation phase of the project, many of the IT service providers we spoke to quoted figures ranging from half-a-million Australian dollars and up. This cost was inclusive of X people they proposed to get the job done. Imperva DAM was already included in our Enterprise licensing and until last year, we didn’t have a use-case for it. With this project, we had no second thoughts about adding this module license. Excellent ROI using the automated scans, especially comparing it to the manual method proposed by many vendors.

We did evaluate many software solutions & IT service providers, but none of them were close to meeting our project objective. We had a vast inventory of 5000+ databases, hosting data for thousands of applications, each having different schema & naming conventions. We did a Proof of Technology (PoT) in-house using the Imperva DAM module and, with a few tweaks, it met our project needs. Considering we were already using Imperva for different security assessments, it was an easy decision to add on the Database Assessment module and use that in our infrastructure.

Out of the box, Imperva comes with a lot of security modules & features that straight away add value to your organisation’s security objectives. That’s just the beginning in my opinion. There are enough customization options available for administrators to get Imperva to work for them the way they want it to. The ability to use custom scripts for scans and the ability to use TCP-level capture of database events are excellent features to use in an enterprise.

Our use case for the solution is for monitoring, reporting and access management as well as looking for alerts in anomalies of behavior. I'm an information security analyst and we're a customer of Imperva. 

The integration with CounterBreach, which is the anomalous behavior detection feature, is the coolest thing and it's quite user friendly as far as the console goes. 

I think the biggest challenge with their product is the management of it. Not that it needs a lot of engineering, but it requires a lot of upkeep and deployment of a lot of servers that require regular updating. If you want to make any changes it's a lot of work to get things moving. I personally find it quite difficult to work with in that regard.

The product would be better with improvement to the database security from the access management perspective. A lot of it falls into content on the database and is difficult to retrieve. Also, looking into databases themselves, table sets and data sets and being able to retrieve that information.

I've been using this solution for a couple of months. 

I think it's a pretty stable product, but there's a lot you need to know about it. It's not like most fast products that you can just log in and get a feel for. You have to really get an understanding of how it was set up and the policies that are in place on it. 

The technical support is all right. They're not great, they're not terrible.

I would recommend including the entire team on the initial implementation because it's something that's not easy to pass along down the road. There's a lot to understand initially, and to upkeep it you have to know all that information.

I would rate this solution a seven out of 10. 

There are many features that are valuable, it depends on the purpose. If the purpose is compliance or auditing, the most valuable feature are the audit log system, as it helps you to secure an audit trail and from user to action even if the user are privileged and even if the user logs in on the physical server. If the purpose is security the most valuable feature are the way it can drop and prevent the access of sensitive table/data set by rules and policies. Lastly, if the purpose is availability, the most valuable feature is the way it can drop connections set by rules and policies.

If the purpose is compliance or auditing, ex PCI-DSS you need a system like this to pass part of the compliance. As I help customers with compliance, this is a great tool to make it all "simple" and the report part makes the lives easier for the users/auditors.

If it's used for security, this, or systems like this, are the last line of defence, and you will prevent incursions, or at least know what happened, and what was stolen.

If it is to be used to monitor availability, you will only know the real ROI if you are a victim of a large attack, then you can pat yourself on the back and say "Yay! We prevented that". This cannot be achieved solely on the Imperva system and you need the full suite of WAF.

This product needs a good team of UX people, because it's not always that understandable, and sometimes it's straight up confusing.

They did have some issues with HA and Clustered environments, but it is supposed to be fixed in v12, which I have not tested.

No issues encountered.

There are issues, but it is supposed to be fixed in v12, which I have not tested.

It's good, but it's a big company, so you need to know the paths to get the most out of it.

It's very good.

This is a complex system, and all other in the same league are just as complex. There are no workarounds to simplify it.

It's expensive, and their licensing is kind of strange, but it is what it is.

We also looked at IBM InfoSphere Guardium.

Data discovery and classification: It gives you the ability to find your sensitive data where it exists, even though you may not have known it was there.

Vulnerability assessments: This feature helps you to know the possible vulnerabilities in your protected servers.

Database firewall: This is the most important feature. It provides you with the capability to block attacks (external or internal) in real time to your protected servers.

This product has helped us to protect the environment against malicious activities. We have detected some security violations and have taken actions against them.

Imperva must work on more features for z/OS.

I’ve been using SecureSphere for four years.

We had some issues but they were attributed to bad administration.

Scalability is one of the most powerful features of Imperva. We have grown easily, once it was necessary.

Support is good. The Imperva engineers have excellent technical knowedge.

We made a PoC with other solutions but Imperva was the best.

The initial setup was really easy. This product has a friendly wizard and in a few simple steps, we implemented it without troubles.

The product is not cheaper, but is one of the best options. Besides, the other options have more or less the same pricing.

We evaluated IBM Guardium.

They must take into account that this solution, like others, must be sized correctly. If they do not size the solution correctly, they might have some issues.

I am using Imperva in different projects for application defense.

This solution provides analytics using rules in the application. For example, it can report who most often uses certain queries.

The most valuable feature is the protection from Botnets. The DDoS attack is one of the things that it protects against.

The functionality is very useable and easy to understand. It is also easy to update if you follow the instructions.

It would be better to update the solution by using a GUI that guides me, rather than through a CLI. It would be best if it were simply updated automatically from an admin page.

I think that the stability is fine, although sometimes the server is down.

It is easy to scale. I use only universal appliances and I know exactly how they work.

Three people use this solution on a single server for a few services.

We have contacted technical support a few times, and the experience was ok.

We did not use another solution prior to this one.

The initial setup for this solution is very easy. Just start it up, log in, and the instructions are there. It is launched from an FTP server and takes four or five hours.

We handled the implementation in-house.

It is difficult to say because it has stopped some attacks, but I have nothing to compare against when the solution was not being used. It can protect against attacks, but I cannot say how much money it has saved.

Licensing fees are on a yearly basis, and it is a good value for the money.

I was not involved in the selection of the solution.

There are many functions in this solution that I do not use at this time.

This is a fine product, and one of the best. We needed it for DDoS protection and for Botnet protection, and all of this works fine.

I would rate this solution an eight out of ten.

• Easy agent setup
• Big data
• SIEM tool integration

SecureSphere covers the legal obligations for Turkish banks. According to Turkish banking regulations, database activities (especially admins' activities) should be monitored and alerted.

Syslog size for transferring data should be increased.

I used it from September 2015-May 2016.

I remember that SecureSphere stores limited data according to the number of the data structure type that is defined in the server configuration files. If a customer does not realize this, data taken with the policy that has a max data structure type is interrupted.

The vendor’s local partners, NGN Company and Bulent Daldal, were very supportive whenever my company needed their help.

I supported NGN when SecureSphere was set up. Although I only experienced this setup process once, I can now setup SecureSphere DAM and agents on my own. I mean, it was easy and feasible with guidance.

A vendor team implemented it.

I did not evaluate other solutions, but I have heard from my clients (Deloitte clients) who have used Guardium before that SecureSphere is better.

SecureSphere fulfills so many requirements for our clients. Additionally, if they want to evaluate and correlate data more comprehensively, they can use this product with SIEM tools such as ArcSight or Splunk.

• Database activity monitoring
• Web application firewall

This product has limited attacks to the core tax collection application. It also provides audit logs for changes to the database and gives user account details.

None so far.

I've used it for over two years.

I was not around during the implementation, but reports do not show any issues noted.

None so far.

None so far. Our solution has not had bottlenecks so far

Customer service has always been available.

Technical support is rated highly.

Only a firewall was in place before. WAF was needed for web application specific protection as firewalls are not the best solution.

No issues noted in the implementation reports.

A third party vendor was used to implement the product and to get the IT security staff trained.

We have had a high ROI with this product.

Budget for licenses in synch with your financial years, and it's best to have licenses covering over a year so that planning for procurement of new licenses is done earlier. Of course, if you operate in AWS cloud, its much easier to justify as you can pay for three or more years at once.

I am not privy to procurement details, but we use Gartner as a source. Imperva is the sole leader in its field.

Implement this product across all systems running applications as access to one unprotected system can be elevated to a protected one. Also, have reports produced frequently using the tools available in the system and analyze them to know and investigate the sources of attacks the WAF has blocked. That's because they could be internal indicating a compromise or a malicious user within. Ensure that your SharePoint environment is also protected as though it may be internal, attacks can be directed at it.

I use this solution to discover missing data, and to find weaknesses or miscalculations in my database standards.

One example of how this has improved my organization is with respect to security. We previously had a default passcode in place, and this is discouraged by our password policy. I was able to find this problem and solve it.

The best feature of this solution is the integration between components. It has a lot of different components that cover the needs of our customers.

The pricing for support could be improved.

Integration with other databases or third-party products would be useful.

It is a stable solution.

I think that the product is scalable.

There are five users for this solution.

I have no experience with their technical support.

I did use other tools for a short span of time.

The initial setup for this solution is straightforward.

I am not using the entire solution, so the deployment time was very short. There were five people involved in the installation.

The cost of support for this solution is very expensive.

There are no costs in addition to the standard licensing fees.

I looked at several websites and read reviews. All of them said that Imperva is the best product in this area.

My advice is to do a POC before implementing this solution.

I would rate this solution an eight out of ten.