Imperva SecureSphere Database Security Reviews

I like Imperva SecureSphere platform forms. Imperva SecureSphere is the foundation for SecureSphere data, file and web application solutions. Imperva SecureSphere is designed to work together, however can be independently deployed.

Imperva SecureSphere allows people to secure data, while seamlessly allowing the distribution of that data in an effortless manner.

SecureSphere activity log can be used with Imperva CounterBreach in an effort to protect enterprise data from theft and loss caused. Since such is core to its function, I would like to see future versions to integrate such options.

Imperva SecureSphere allows the company to adhere to data compliance requirements, and at the same time to effectively protect data from theft.

No.

No. After using Imperva SecureSphere the first few days, implementing it was second nature.

No.

Very good customer service was responsive to needs to get Imperva SecureSphere operational.

Imperva SecureSphere did not require very much tech support, but with the few issues we had, they were cured very quickly by tech support.

No.

Setting up Imperva SecureSphere was very simple, and configuration was easy.

We used in-house.

It was well worth implementing Imperva SecureSphere and found the rate of productivity increased by using it.

Compare other similar products and definitely use the free trial. I truly enjoyed using it, and recommend Imperva SecureSphere to any one who has similar needs.

No we did not.

Imperva SecureSphere provides great options to secure data and would not hesitate to use it.

We use Imperva SecureSphere Database Security to monitor user activities within databases. It includes detecting DDA activities, unauthorized queries, abnormal user behavior, and potential security breaches. It allows us to check and filter activities based on IP addresses, enabling us to track the sources of incoming requests. If any application uses SQL queries, SecureSphere can monitor these activities for unusual or unauthorized patterns. Additionally, we can set alerts for updates whenever a user profile is added to the database to ensure there is no malicious activity.

The product’s most valuable feature is real-time highlights. It helps with detecting natural weaknesses. The users can see the activity as soon as it is visible to administrators. It makes it easier to determine if some action has to be taken against malicious activity. The users can scan the data and check if it meets CIS standards.

Once we read the activity logs on the platform, we cannot open them anywhere else as they are stored in a proprietary format.

It is a stable platform.

The product’s on-premises version is not scalable. In contrast, it starts scaling once deployed on VMs.

We contact the technical support team while deploying resources. Sometimes, the team replies with the solutions already available online. It could be better.

Neutral

The product generates a return on investment for a large database capacity.

The product’s price is reasonable compared to IBM and other products.

I rate Imperva SecureSphere Database Security a five out of ten.

We primarily use the product for data security.  

The feature that I have found the most valuable is the firewall component.  

What I would like to see improved is Imperva making further development in terms of them going to the Cloud. Our business is moving to the cloud, so we want to have cloud availability as an option. Imperva can do the cloud database, but they are still working at building it out and it does not seem to me to be fully operational.  

We have been using Imperva for a little bit more than six years.  

We are experiencing good stability with this product. We have not had any crashes and no major problems navigating its management.  

I think that SecureSphere is very scalable. Across our whole company, everyone is using it. We are 50 people. Right now at this size, we only require two people for maintenance.   

The technical support for Imperva is super, super, super. They have a very experienced support team. They can diagnose all of our issues and are always very fast. They have very good documentation and knowledgebase resources that add to the depth of their support.  

I have previously used McAfee as a similar solution. We decided to switch because McAfee is a little bit tricky to get to work the way it should work. I had experience with their version 6.4 solution and it used a lot of resources and had too much overhead.  

The initial setup is moderately difficult. You have to understand the database and how the database communicates and also some knowledge about the platform. For example, if you have got the Unix environment you have got to understand how to work with that together with the product.  

Initially, SecureSphere was expensive but they have incentives on their packages now. They have introduced new price models, which makes the product more affordable now. It is now at a pricing level in the range where most people are looking for this type of solution.  

Before choosing Imperva, we did evaluate other options including IBM Guardian Data Protect and also Oracle Audit Vault. In the end, we finally made the choice to go with Imperva first of all because they are a company that is very much into digital security. Security is the central focus of their business, so that is one of their strong areas. Then their product support is one of the best. The solution is very advanced in terms of comparing their available resources and training to other companies. These resources make it a very complete solution.  

Imperva Security Sphere is something that I recommend any day, anytime because they are very much focused on security as a passion. So you find it has tons of capacity for scalability. It is focused on security. Even the solution's usability is very good.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate this product as a nine scored out of ten possible points.  

Features that I would like to see to make it to ten-out-of-ten means that they will need to add a few things. First, they need to onboard database encryption features. Then they need to add some of the other features which they do not have that other competitors already have. They can do more to offer a broader range of features and be more feature-rich.  

Reporting is the most valuable aspect. It's very fast, even versus IBM. IBM could take three, or four days to get a report. In Imperva, everything is online, and you get the reports very fast. 

It is very easy to configure the new dashboards, and reporting is easy to do. It takes maybe an hour to do it. 

The solution is very stable. 

We'd like better compliance with cyber security and legal as well as other areas. 

I'd like to see some sort of solution for storage. For example, if someone in the company is doing some backup, I cannot reach that information in the discovery and in the protection. I only can protect the information, the databases that I use that are in developer or Q&A, and not those databases that are in the backups. It's a limitation.

I've been using the solution for three years. 

This is a stable, reliable product. It never fails. There are no bugs or glitches. 

There are six areas that are using the solution, and each area has maybe three or four users, at least. Risk, compliance, operations, and internal security, for example, are some areas that use it and get reports. 

I'm not sure if we have plans to increase usage. I am covering all the databases right now. I have no other space to do it. Of course, if we are going to grow and use more databases, I'm going to use this solution. That said, right now, all the databases are covered.

We pay for the solution on a yearly basis. There are no additional costs or extra fees beyond the license itself. 

Have compared the solution to IBM. Previously, I was an IBM customer, and IBM would take maybe a week to have a good configuration. 

With Imperva, it's very easy to configure. It's very easy to get the reports. The reports are coming fast, and you are saving a lot of money if you send the logs to Splunk since Splunk charges per alert. In the Imperva solution, instead of sending tons of alerts, it is consolidating everything. It helps me save money with Splunk. 

I am a consultant. 

I have been working with the previous version of the product. Right now, the latest one is the Data Security Fabric.

It is very easy to use, and it helps us to discover the databases. In some cases, the shadow IP or the business areas are not reporting that they are using other databases. With the Imperva solution, I can find the other databases that are not reported to IT, and it's very easy to know where they are, where the information is, and what kind of information it is, if we are talking about the personal data or if we are talking about a financial data, et cetera. It's very easy to find the databases, and to know what kind of information is in each one of those databases. It's so helpful.

It helps a lot to have a consultant as they have the knowledge and experience a company can use. Even if a solution is very easy to implement, it helps to have the knowledge and experience of partners. 

I'd rate the solution ten out of ten.

We primarily use the solution for monitoring database activities.

Currently, we have audit features for auditing databases, for example, granular auditing, which we really enjoy. We've been using it to check what users do. 

Apart from the WAF, which we've had issues with, every other feature we've been able to use very well. We use it for scanning databases, which is perfect. We need to run vulnerabilities counts as well, and this solution is great for that.

The feature right now that we have not been able to use successfully is the firewall aspect, the WAF.

In terms of the WAF, we tried their blocking functionality at some point, and our entire company came to a halt due to the fact that it was blocking even database connections. It was hanging our databases. Until now, we've not been able to fully use their database blocking functionality very well. That is the only aspect that I wish could be improved tomorrow.

The entire system is not user-friendly for me, and definitely not as user-friendly as Oracle Vault. It should be more user-friendly, to make it much more competitive in the space. 

The technical support is not offered by the company itself. Rather, you can only get technical support via partners. It isn't that good and because of this, we want to leave the product.

The solution is expensive.

If we can look at a system that can do 360 annual. There is an app call bridge that is something they've introduced, however, we don't have that yet. I don't know if that is able to do application monitoring as well, but I wish they had a feature that could do both the database and application monitoring.

I've been using the solution for about four to five years now.

The stability is okay. I don't recall any kind of bug or glitch. It doesn't freeze or crash. Aside from issues with WAF, it's good.

The scalability is fine for our purposes. We are able to modify the product, and we are able to do things to suit what we need, so it's okay for us. If I were to rate them out of ten on scalability, I'd give them a six.

One of the reasons we want to leave this solution is the fact that we don't have any technical support whatsoever. If there was some on offer, it might convince us to stay. Technical support is typically handled by partners, and they do not do a good job. We've been trying to reach the parent company directly because we are unsatisfied with the level of service we've received and we've had no luck. Therefore, we'll probably leave the service altogether.

The solution is pretty pricey. It's not the least expensive option. An organization will have to ensure they have the budget to cover the cost or having the product. I'd say that the amount of money they charge is unreasonable sometimes. If I were to rate them out of ten on pricing, I would give them a one.

We're currently looking to move away from Imperva. We're considering Audit Vault.

The solution is okay, however, there is a lot to be improved upon. For that reason, I'd rate them five out of ten overall.

It's not a bad tool. It's a good tool. I tend to recommend it to others, however, if you're a small company, it may not make sense due to the fact that it is quite expensive.

The primary use case is for database monitoring. We are also using the blocking part, which is used for: 

• Any suspicious activities which are done, such as delete command and query command, outside the admin, the solution is supposed to block them.
• The blocking of compromised databases through cloning. Blocking will not allow the cloning.

We use it for blocking and auditing. Our job is monitoring. We are a government entity and provide services to other ministries. We use Imperva for its Database Activity Monitoring and File Integrity Monitoring tools. We have also enabled Database Firewall.

As we are very sensitive to financial impacts, this product provides great protection for our organization.

It enabled us to monitor the most critical DBA activities, and most critically helped us identify default accounts and passwords. Additionally, with this solution we were able to block an external attack on our Oracle DB.

• DB Activity Monitoring
• DB Firewall
• CounterBreach

Their web application firewall (WAF) is quite good.

They have to put more focus on the administrative part of the application, especially on upgrades. There are a lot of packages to download and install that you have to be knowledgeable on. For example, we tried to install a version, and it did not work. Then, support had to become involved.

They should add an application availability dashboard feature and should focus more on the alerting mechanism.

There is a problem with the integrations. I would also like to see improvement in the integration part of the tool. This should be an easy process. For example, I had an issue with the integration of a file server. 

Within the endpoints, the communication is breaking down most of the time. Sometimes, once the communication stops, it does not resume again.

They could approve monitoring in the next release. E.g., right now, we lack the ability to know when databases are down. This is something we could use monitoring to mitigate. 

The stability is good. Sometimes the gateways disconnect and connect again automatically.

We have a dedicated staff person for maintenance: alert, fine tuning, and adjustments.

The solution is scalable. I would rate the scalability as an nine out of ten. We have used this solution since 2014 but have not encountered any scalability issues so far.

Within our organization, we have around 500 users. Our site protects approximately 70,000 end users.

When the technical support is required, they assist us. I would rate them as seven out of ten because they are not so good due to the due to differing time zones. 

We managed by using the regional vendors. Overall, the support is effective.

We previously used IBM Guardium. Before 2015, it was bit complicated to use.

A bit complex, but following the instructions and the manual guide is enough for the initial setup. A little knowledge helps.

We used the Imperva Professional Services for the configuration in our environment. It is important to have experienced professionals do these changes.

The initial deployment for our team was a failure.

The implementation took one week. Afterwards, the configuration started, then the use case testing. Overall, it took for us around one month.

Our local partner is now supporting us. Gulf IT has very good experience in the Middle East. They are nice to work with and supporting us well.

We have seen ROI, as it protects our company from threats.

This tool helped us mitigate audit risks by 100 percent.

We have all the licenses, which we pay for annually. The price is a little high, but the product is good.

Yes, Guardium.

Identify the proper use cases, then implement it.

Resource overhead management is a good option. The OS chain option provides the real user behind the DB application user.

The most valuable features are:

• DAM Module
• Third-party data source integration: Feeds automation
• Data enrichment: Provides better data quality and session handling
• API: Used for process automation

The solution has improved our organization as follows:

• Better agent performance compared to v9.5
• Gateways are much more stable
• Gateway cluster improves resource utilization and provides better resiliency
• Offers the option to manage cluster capacity without touching the agent configuration

BUGs, BUGs, BUGs. The product is under high development and the amount of bugs is bit disappointing. The product has lots of limitations which are not clearly documented. You can only find out the limitations by engaging the support

By using this product you can have only one type of date and time format which is US format. I’m EU citizen and I prefer different date format, same for time format. I would prefer 24Hour clock instead of AM/PM.

We have been used this solution for over three years.

There were stability issues in v9.5. There are no major stability issues in v10.5.

Stability is dependent on the infrastructure. If you use hypervisor, then you need to make sure to use resources and I/O settings that are optimal for SecureSphere. Otherwise, you will end up with stability and performance issues.

There are some scalability issues. There was a hardcoded limitation in the number of MXs you can connect to SOM. In addition, the bigger the infrastructure, the bigger challenge there is to create a single audit report file.

The technical support is OK. But they have big potential to do things better.

We had a previous solution. We switched because the new requirements couldn’t be accomplished with the old solution.

The installation was quite complex. We had to integrated lots of external systems in order to make it work right.

Give it a try. Write down your requirements as detailed as possible, and perform a PoC using this list. If you find gaps that require additional development, it could take some time until you actually get it.

I believe the most valuable feature is the GUI. It is still very much oversized for the job it does, but in comparison to other alternatives, it is still the best at the moment.

Before SecureSphere was used, the native auditing tools were used, and now there is a segregation of duties when managing audit data from DBAs and DBS teams. It is a much more secure way to have audit data from databases and to monitor actions of privileged accounts.

All areas of this product have room for improvement. There are a lot of things that can be improved if you want this to run in a corporate environment with thousands of database servers. If your database server count is low, it is a fine solution for you.

Lack of centralized integration when supporting/configuring appliances (SOM has some, but not all configuration/reporting/management functions, but you can’t do a lot of things from one management appliance (SOM) and have to go to separate MX when you want to configure something). As well you can’t upgrade appliances via Update module (you can only do so with agent and that functionality has much room for improvement as the update GUI is not well designed, some functions do not work and event/alert notifications there are mostly useless). So this and some other things make management and support of very large SecureSphere infrastructure sometimes painful.

I’ve been using SecureSphere for over three years.

It depends on the load of gateways/MXs. If load is big and there are advanced filtering rules in place, gateways or MX can crash or perform slowly.

The SOM does not have all the functionality yet to manage all MXs centrally and, if you have a very large infrastructure, it is not so easy to manage it, as it requires you to apply updates or new configurations directly to agents or MXs 1 by 1.

The support team responds promptly but sometimes it seems that, in more complex cases, they just try to stall for time for R&D to look at it and that they don’t know why some problems are happening.

Before, we were using native database auditing tools. Regulators have pointed out that DBAs are managing auditing tools themselves, which is not a good practice. Usage of SecureSphere and forming a new team responsible only for management of this tool was suggested.

Setup was complex. We had to deploy hundreds of gateway appliances to gather audit data and deploy thousands of agents to different OSs. This was not an easy task, as there were no simple solutions to do that. There were also challenges to configuring auditing rules and monitoring rules to work with all kinds of databases and different kind of requirements relating to them.

I don’t know anything about pricing and licensing.

I believe an IBM solution was considered, but it was much too expensive and didn’t provide as many features.

Use the newest version (at the moment I think it is 11.5) and pay extra for staff training and additional consultation on how to set up rules, etc.