Imperva SecureSphere Database Security Reviews

I have worked with IBM before, and I prefer its ease of deployment and management. Imperva SecureSphere Database Security has tricky deployment, whereas IBM's deployment is straightforward because of the UI.

I have been using the solution for three years.

The tool's pricing is flexible and affordable for small and medium enterprises.

I rate the product an eight out of ten.

We use Imperva SecureSphere Database Security to monitor user activities within databases. It includes detecting DDA activities, unauthorized queries, abnormal user behavior, and potential security breaches. It allows us to check and filter activities based on IP addresses, enabling us to track the sources of incoming requests. If any application uses SQL queries, SecureSphere can monitor these activities for unusual or unauthorized patterns. Additionally, we can set alerts for updates whenever a user profile is added to the database to ensure there is no malicious activity.

The product’s most valuable feature is real-time highlights. It helps with detecting natural weaknesses. The users can see the activity as soon as it is visible to administrators. It makes it easier to determine if some action has to be taken against malicious activity. The users can scan the data and check if it meets CIS standards.

Once we read the activity logs on the platform, we cannot open them anywhere else as they are stored in a proprietary format.

It is a stable platform.

The product’s on-premises version is not scalable. In contrast, it starts scaling once deployed on VMs.

We contact the technical support team while deploying resources. Sometimes, the team replies with the solutions already available online. It could be better.

Neutral

The product generates a return on investment for a large database capacity.

The product’s price is reasonable compared to IBM and other products.

I rate Imperva SecureSphere Database Security a five out of ten.

Our customers are using Imperva SecureSphere Database Security for GDP compliance.

Using Imperva SecureSphere Database Security has improved our organization by providing us with safety from vulnerabilities. We have better rules and rights management for our sensitive database.

The most valuable features of Imperva SecureSphere Database Security are the user-friendliness, easy-to-use interface compared to competitors, database operations do not need a specialist, and simple to manage for our security team. Additionally, the solution can show all the databases and the level of sensitivity. It can show what is more sensitive or less sensitive.

Imperva SecureSphere Database Security could improve the database defense feature called camouflage. This feature was responsible for the data mask but now it does not work well and we need another solution. All our banks have teams that are regarded with care and they need to mask sensitive data in order to provide testing to developers.

I have been using Imperva SecureSphere Database Security for approximately two months.

Imperva SecureSphere Database Security is stable.

The scalability of Imperva SecureSphere Database Security is easy, and it scales well.

We have approximately 10 to 15 users using the solution. There are administrators and team leaders using the solution.

I have not used another solution previously.

Imperva SecureSphere Database Security was simple for our engineers to implement. It is easier than other similar solutions. The full deployment took a few weeks.

Our engineering team did he implementation Imperva SecureSphere Database Security with the help of some partners. We require a lot of people for the deployment of the solution. We typically require one IT administrator, engineer, and partner engineers.

It is too early to tell if we have received a return on investment.

Imperva SecureSphere Database Security was quite expensive several years ago, but now they provide a subscription plan for licensing. It is available now for smaller and medium-sized companies, not only large enterprises.

There are many licensing options available, such as monthly and annually. Additionally, The hardware can be available on a perpetual license. There are not any additional costs other than deployment fees if you use a partner or integrator.

I rate Imperva SecureSphere Database Security a nine out of ten.

We generally use Imperva as a database firewall and for activity monitoring. 

The solution has to fit the organization first. Once we know the product is a fit, we support in the creation of reports. We look at the core users (administrators, auditors, accountants, etc.) who need to get information and we look at the responsibility matrix. Our responsibility is the database and we try to implement the total solution for an organization. This means reports are created for the specific needs of, say, IT security administrators, top management, IT guys, etc. This shows each group or individual what they need to know. We try to make it so database administrators do not have to directly interface with the solution by creating report editors and report creators based on the unique assessment of the organization. 

Imperva is a high-end product and it doesn't come cheap. Most government agencies don't use it because of its expense. But those who use it, like it and it's on the wishlist of many organizations.

The ability to automate reports simplifies what an organization has to do. Even the in-built reports are quite useful. But customization can make the product experience very specific and efficient.

But besides that, clients like to compare industry benchmarks and establish best practices. Report analysis can help with that.

The reporting ends up being the most visible feature even though the protection and automated blocking are as valuable. The reporting is very flexible, and users can create any type of reports they want. It gives them insight into the information they need to be effective at what they are responsible for.

I think the support needs more improvement than the product. The support we get struggles a bit to provide solutions. They take additional time to respond to support requests.

The core of Imperva can sometimes be very slow. This mostly happens when you turn on many alerts, if a lot of people log-in, or if you turn on auditing. It can get noticeably slow. Performance under a heavy load is noticeably reduced.

That could be because of scalability, but most of my major issues have to do with performance. I think it's because they run an Oracle database at the backend. If they allowed the administrators to tune the back end database it might solve the issue. If the backend database is having trouble you have to call support and that takes time. It is not efficient.

Finally, they might consider reducing the licensing fee. It's a bit high compared to the competition. 

Imperva is very stable. I think because of the core on which it is built.

The Imperva solution is quite scalable. You can start by adding it to one device and then scale it to the whole organization. 

We've had instances where we added a gateway and the end user didn't notice. It scales fluidly.

There are different levels of support that you can contract for and it is supposed to be based on priority. In our region, the level of support — whether you have paid for premium or expanded support — you get the same level of support. There are no options for same day support or one hour support. You may still get a response within an hour no matter what level you pay for. That said, we normally pay for premium support and we have been satisfied with the service when we do that.

Most of the time, the customers I deal with pick products which have a particular reputation. That may lead to their decision to go with Imperva. 

The initial setup was straightforward. We normally use Imperva's professional services, so that makes it very easy to deploy. We build on the knowledge gained in previous deployments, which makes it easier still. 

In the deployment, we want to get up as soon as possible. We know that for a typical deployment that it is usually two weeks. 

We use Imperva's professional services for most of our deployments, but we work through a distributor data group. The services are always really good. They know the company, they know the market, they know the region where we operate from, and they know the language and the culture. The knowledge of the local environment makes everything easier in completing a proper implementation.

We don't do actual studies on return on investment. The key thing is for the product to do its job. The value of good security is practically limitless and it would be hard to define in hard dollar value.

Licenses are yearly. We normally try to negotiate a perpetual license but separate annual support and maintenance.

The pricing over-all depends on the entry level. For example, if support and maintenance are about $20,000 - $25,000, the initial cost can be five times more. It is less expensive for the company to maintain the client than to make the deployment.

There are some additional costs for add-ons and scaling.

Normally, in this region, clients look at McAfee and Oracle security solutions first because of recognition. Our suggestions are normally to compare Imperva and Oracle. Clients like the reputation of Oracle because it has a large footprint and is proven in areas like databases and applications. Sometimes clients try to build database security strictly around Oracle Technology without considering other options. They are often surprised what Imperva has to offer as the name is less familiar.

Imperva is a good product if you look at its core functionality and the way it's built. It's a newer product and very consistent. Oracle has been around a long time and may suffer from that legacy a little. If clients want a product which covers all database management systems, then Imperva can work out of the box. Ideally, you can deploy within a day or two of signing a contract. Implementation time with Imperva is much shorter than with Oracle. 

I think I would rate Imperva a nine out of ten, despite the occasional performance issues. It delivers on the core functionality. If it's running well you are assured you will get the value out of it in terms of the security assurance. 

The primary use for our company is to enable the auditing on the DB level. The main target is to track the activities happening and by whom on critical tables. Based on that requirement, we purchased this database auditing solution because it was specific to Oracle for auditing purposes.

It addresses our needs and our clients' needs for Oracle DB reporting.

The features which are most valuable are from the security perspective. We do not have other specific tools for vulnerability assessment. The package allows user activity monitoring. The second thing is for assessing the vulnerability of the database while it is running. 

The GUI needs to be improved and made more user-friendly. This solution is a little complicated compared with other solutions for database auditing because of the GUI interface. It will be much more competitive if the interface meets the standards of the other vendors in the market.

For example, the price of the IBM Guardium is very high, but it's user-friendly. On the other hand, the Imperva GUI is complicated. It is harder for us to generate reports. That's why we face some hurdles in operations.

For security, the main point is to report on any violation of compliance. The administrator is required to generate reports. The GUI is set by the operator and not the admin of the device. Every time they need to make changes, it requires a lot of configuration to generate a new report. For any urgent report, the administrator has to be involved. It should not be necessary.

The agent should be installed at the box itself instead of going on the bridging system and doing the installation. Whenever any dependency is required, the activity becomes harder. If the dependency is not required then the activity can be handled from the box itself. It should be very easy to execute the administration and operations of the device. Comparing to Cisco devices, which are very user-friendly, other product manufacturers can take a lesson and make an effort to make the operational and administrative tasks easy.

It should be possible to execute by the team without writing custom lock sources. 

Everything is working fine, so it is stable.

As we are able to change our licensing to expand resources and features, it is scalable. We have not yet actually implemented the scalability.

Till now we have not had any open cases with the technical support, so I cannot comment on that.

Before Imperva, we used IBM Guardium. We switched because of the price. With IBM Guardium we were charged for features we never needed to use. We were using it only for auditing purposes. That is the same thing we are using Imperva for. As we did not have any need for the other features in Guardium we were paying extra for nothing. Some of the higher level features we now use in Imperva were available in Guardium, but we didn't use them at that time. 

The initial setup was straightforward. At first, we were unable to find the application user tracking and our main target was to track specific user privileges, activity and who was making changes inside the database from the console. It was a minor setback.

There are two types of deployment. The first one is for the solution to integrate the database which took about three days. For the usage, identifying the queries and creating rules, it took longer. The whole was complete within 15 days or 20 days, I think.

We have three operators and two administrators. The administrator role is to make the policies, install the agent, do the integration with the gateway and enable the auditing on the specific tables and the specific columns.

The operator generates reports on users and activity based on the areas we need to monitor. If a user is doing any activity outside of the normal time, the operator's responsibility is to report users to the DVR admin and the security feed.

One guy was enough for the deployment. We have only integrated one database, so in our environment is simple.

Another thing I want to highlight is that you can adjust the permissions from anywhere.

The deployment was done by the Imperva partner.

The immediate return is that we are saving money by having a lower cost for the same functionality. The new solution has satisfied management. I couldn't tell you the exact return. The only real additional cost was retraining staff. That was minimal.

I don't know the exact prices because that is a function of accounting, but I know service is contracted on a yearly basis. We purchased the minimal license for Imperva initially even though we have a lot of databases, but the license covered our needs. The company has recommended increasing the licensing. 

There are additional costs depending on the features. For example, if we want to prevent something on the DV level we can't because we didn't purchase that license. If we want it, we can add it. Our main goal right now is to enhance the license for the TPS license (transaction process system). It is easy to enhance functionality by adding other features licenses.

We did a comparison between Imperva and IBM Guardium before making the switch. The comparison was based on two things: auditing the databases and monitoring user privileges. These two features were offered by both solutions, so we were just left to evaluate based on the difference in prices. 

I would give Imperva an eight out of ten as a solution. It meets our requirements equally to what we got from IBM Guardium which we went with based on little more than their name.

In a later review, we considered Imperva and realized that both products had almost the same features. If the same functionality is provided by both, it is hard to justify the more expensive product. Now we will save the extra money.

At that time, the administrator was not comfortable with the change to Imperva but we provided official training from Imperva. He had experience with other solutions for database auditing systems, so he was able to make the adjustment.

We are working with the minimal license so currently, the resources are lower compared to our IBM Guardium license. Even with a shortage of resources, everything is equal to the IBM Guadium solution and we can correct that resource shortage while still saving money.

The main thing is defining the actual requirements. If a solution complies with the requirements there's no need to spend extra money for the brand names.

We primarily use the solution for monitoring database activities.

Currently, we have audit features for auditing databases, for example, granular auditing, which we really enjoy. We've been using it to check what users do. 

Apart from the WAF, which we've had issues with, every other feature we've been able to use very well. We use it for scanning databases, which is perfect. We need to run vulnerabilities counts as well, and this solution is great for that.

The feature right now that we have not been able to use successfully is the firewall aspect, the WAF.

In terms of the WAF, we tried their blocking functionality at some point, and our entire company came to a halt due to the fact that it was blocking even database connections. It was hanging our databases. Until now, we've not been able to fully use their database blocking functionality very well. That is the only aspect that I wish could be improved tomorrow.

The entire system is not user-friendly for me, and definitely not as user-friendly as Oracle Vault. It should be more user-friendly, to make it much more competitive in the space. 

The technical support is not offered by the company itself. Rather, you can only get technical support via partners. It isn't that good and because of this, we want to leave the product.

The solution is expensive.

If we can look at a system that can do 360 annual. There is an app call bridge that is something they've introduced, however, we don't have that yet. I don't know if that is able to do application monitoring as well, but I wish they had a feature that could do both the database and application monitoring.

I've been using the solution for about four to five years now.

The stability is okay. I don't recall any kind of bug or glitch. It doesn't freeze or crash. Aside from issues with WAF, it's good.

The scalability is fine for our purposes. We are able to modify the product, and we are able to do things to suit what we need, so it's okay for us. If I were to rate them out of ten on scalability, I'd give them a six.

One of the reasons we want to leave this solution is the fact that we don't have any technical support whatsoever. If there was some on offer, it might convince us to stay. Technical support is typically handled by partners, and they do not do a good job. We've been trying to reach the parent company directly because we are unsatisfied with the level of service we've received and we've had no luck. Therefore, we'll probably leave the service altogether.

The solution is pretty pricey. It's not the least expensive option. An organization will have to ensure they have the budget to cover the cost or having the product. I'd say that the amount of money they charge is unreasonable sometimes. If I were to rate them out of ten on pricing, I would give them a one.

We're currently looking to move away from Imperva. We're considering Audit Vault.

The solution is okay, however, there is a lot to be improved upon. For that reason, I'd rate them five out of ten overall.

It's not a bad tool. It's a good tool. I tend to recommend it to others, however, if you're a small company, it may not make sense due to the fact that it is quite expensive.

I believe the most valuable feature is the GUI. It is still very much oversized for the job it does, but in comparison to other alternatives, it is still the best at the moment.

Before SecureSphere was used, the native auditing tools were used, and now there is a segregation of duties when managing audit data from DBAs and DBS teams. It is a much more secure way to have audit data from databases and to monitor actions of privileged accounts.

All areas of this product have room for improvement. There are a lot of things that can be improved if you want this to run in a corporate environment with thousands of database servers. If your database server count is low, it is a fine solution for you.

Lack of centralized integration when supporting/configuring appliances (SOM has some, but not all configuration/reporting/management functions, but you can’t do a lot of things from one management appliance (SOM) and have to go to separate MX when you want to configure something). As well you can’t upgrade appliances via Update module (you can only do so with agent and that functionality has much room for improvement as the update GUI is not well designed, some functions do not work and event/alert notifications there are mostly useless). So this and some other things make management and support of very large SecureSphere infrastructure sometimes painful.

I’ve been using SecureSphere for over three years.

It depends on the load of gateways/MXs. If load is big and there are advanced filtering rules in place, gateways or MX can crash or perform slowly.

The SOM does not have all the functionality yet to manage all MXs centrally and, if you have a very large infrastructure, it is not so easy to manage it, as it requires you to apply updates or new configurations directly to agents or MXs 1 by 1.

The support team responds promptly but sometimes it seems that, in more complex cases, they just try to stall for time for R&D to look at it and that they don’t know why some problems are happening.

Before, we were using native database auditing tools. Regulators have pointed out that DBAs are managing auditing tools themselves, which is not a good practice. Usage of SecureSphere and forming a new team responsible only for management of this tool was suggested.

Setup was complex. We had to deploy hundreds of gateway appliances to gather audit data and deploy thousands of agents to different OSs. This was not an easy task, as there were no simple solutions to do that. There were also challenges to configuring auditing rules and monitoring rules to work with all kinds of databases and different kind of requirements relating to them.

I don’t know anything about pricing and licensing.

I believe an IBM solution was considered, but it was much too expensive and didn’t provide as many features.

Use the newest version (at the moment I think it is 11.5) and pay extra for staff training and additional consultation on how to set up rules, etc.

The most valuable feature of this product is vulnerability management since you don’t need to run different scans by logging into different databases. Everything can be done and monitored through the centralized console by a few clicks and without any hassle.

Also, the report generation option on a daily/weekly/monthly basis comes in very handy to the top management.

Some of the ways in which this product has helped our organization are:

• All the databases are being monitored.
• All the compliance requirements can be taken care of through a console.
• The daily and weekly reports are helpful in understanding the environment.

The stability and the ease of use of this product can be improved. I believe the product can be made more flexible and stable.

Additionally, it is very unlikely for a new professional to easily use this tool to its full potential. For this purpose, I believe a few more video tutorials can be uploaded for the newer versions.

I have been using this solution for one year.

We have encountered some stability issues. There were situations when sometimes the gateway didn’t work as expected. However, thanks to active-passive mode, none of the information was lost.

Every manager and gateway has a predefined capacity. It is very easy to scale up to that capacity. But, if that is exhausted you have to burn the midnight oil.

The technical support is good in terms of knowledge. However, the replies are not so frequent and hence can be frustrating sometimes.

I have not used any other solution before. I have only used Imperva SecureSphere 11.0.

The initial setup was straightforward. Each and every step is clearly mentioned in the manual. After the initial setup, it becomes a bit tricky.

Since this tool is far better than the competitors and manages a lot of compliance requirements, the pricing seems to be fine.

We had evaluated other solutions such as McAfee DAM and IBM Guardium.

You should follow both the guide and the tutorials. The tool is handy only if it is implemented properly. Implementation is a bit complicated; hence, it is advisable to create documentation alongside. It would be more beneficial to use the directory present on the Imperva site before logging for any issues.