Imperva SecureSphere Database Security Reviews

The most valuable feature of this product is vulnerability management since you don’t need to run different scans by logging into different databases. Everything can be done and monitored through the centralized console by a few clicks and without any hassle.

Also, the report generation option on a daily/weekly/monthly basis comes in very handy to the top management.

Some of the ways in which this product has helped our organization are:

• All the databases are being monitored.
• All the compliance requirements can be taken care of through a console.
• The daily and weekly reports are helpful in understanding the environment.

The stability and the ease of use of this product can be improved. I believe the product can be made more flexible and stable.

Additionally, it is very unlikely for a new professional to easily use this tool to its full potential. For this purpose, I believe a few more video tutorials can be uploaded for the newer versions.

I have been using this solution for one year.

We have encountered some stability issues. There were situations when sometimes the gateway didn’t work as expected. However, thanks to active-passive mode, none of the information was lost.

Every manager and gateway has a predefined capacity. It is very easy to scale up to that capacity. But, if that is exhausted you have to burn the midnight oil.

The technical support is good in terms of knowledge. However, the replies are not so frequent and hence can be frustrating sometimes.

I have not used any other solution before. I have only used Imperva SecureSphere 11.0.

The initial setup was straightforward. Each and every step is clearly mentioned in the manual. After the initial setup, it becomes a bit tricky.

Since this tool is far better than the competitors and manages a lot of compliance requirements, the pricing seems to be fine.

We had evaluated other solutions such as McAfee DAM and IBM Guardium.

You should follow both the guide and the tutorials. The tool is handy only if it is implemented properly. Implementation is a bit complicated; hence, it is advisable to create documentation alongside. It would be more beneficial to use the directory present on the Imperva site before logging for any issues.

I use SecureSphere to monitor our core databases and privilege operations by administrators, and to provide compliance reports.

In terms of regulatory compliance, one of the key requirements is to ensure that our core databases are monitored. SecureSphere allows us to generate details to prove that we're compliant with all requirements.

The most valuable feature is the automatic reports on new databases, which gives us up-to-date inventory management.

Sometimes the reports are cumbersome, and you have to drill down to get more information. SecureSphere also sometimes needs a lot of maintenance to keep the agents running on the database. In the next release, Imperva should include a preventative solution that will stop an attack before it happens or read the behavior of particular accounts and act on it. They should also make SecureSphere available on mobile so that if an administrator isn't on-prem, he can access the solution via the internet wherever he may be.

I've been using this solution for almost three years.

SecureSphere has been very stable until recently, due to the addition of new source databases causing performance issues.

SecureSphere is very scalable.

Imperva's technical support has been good. In the past, it sometimes took a long time to resolve an issue, but more recently, the responsiveness has been very impressive.

Neutral

Previously, we used Oracle Audit Vault, but its reports were a little complex, and their support was not so impressive.

The initial setup was straightforward, and the deployment took between one and two weeks.

Our deployment was done in-house.

SecureSphere has resulted in us receiving audit exceptions, especially from the final details, which is a big deal to my organization since we have to be compliant.

I would recommend SecureSphere to other users and advise making a dedicated team available to work on the solution and configure the correct set of policies so they can get value for their money. I'd give SecureSphere a rating of eight out of ten.

I'm the product manager for Imperva in Africa for a distributor. I manage it every day, but I don't personally use it. We sell Imperva to customers in 17 countries. 

Its deployment depends on the customer. Some customers have their databases in the cloud, and if they have them in the cloud, we give them the cloud database security of Imperva. If their database is on-premises, then we deploy it on-premises, and the reseller implements the solution on-premises.

There are three major main use cases of this solution. The first one is to fulfill compliance regulations. Customers—especially the banks, health sector, and manufacturing—need to comply with the regulations in different countries. They have to fulfill compliance regulations around the privacy of data. In order to fulfill those requirements, they're using Imperva. It helps them to fulfill these requirements, and they are not fined by the regulators. That is the first use case why people buy Imperva.

The second one is for security itself. They don't want a cybercriminal to have access to the data. Imperva is a security solution, and you can use it to block unauthorized access to your data. 

The third one is related to rightful access to the data. They want to know:

• Who has access to the data internally?
• What queries were being issued on the database?
• What time did they log in?
• What is going on within the environment?
• Who is touching the data?
• What are they doing with the data internally? 

Customers or organizations want to have access or have visibility into all these.

They can maybe look at its pricing model. Its pricing could be cheaper for the African countries or developing economies.

I have been using this solution for three years.

It is very scalable. If a customer wants it for five database servers, he gets licenses for five database servers. Tomorrow, if they want licenses for two extra databases, they can just buy the extra two licenses. It is very scalable and very straightforward.

Their support is fantastic. It is 24/7. You raise a ticket, and you get someone assigned to you immediately.

I would rate them a five out of five. In a worst-case scenario, it would be a four, but it's always very straightforward. We get a very quick response.

It is very easy and very straightforward. There are no complications.

Its pricing could be cheaper for the African countries or developing economies. The British pound is valued way more than the currency of most African countries. A better or cheaper pricing model for Nigerian and African customers would be better.

It has a per-year subscription model. You pay exactly for what you need. That's all. You don't have to buy what you don't need.

It is very straightforward. It is probably the best solution out there in terms of data security. About 90% to 95% of the banks in Nigeria use Imperva. When you have such a success story in Nigeria, Ghana, and of course, many other African countries, you can be sure that you are getting a very good solution. 

I would rate it a nine out of 10.

Database auditing has become simple and easy, releasing storage previously used for native database audit processes. We found new patterns of database users' behaviour and corrected some user authorisations.

Mainframe mappings/agents/optimization for CPU usage are areas with room for improvement.

Agent on z/OS does not have a limit for CPU usage like on other platforms. If
you specify filter too "wide", the agent would consume too much cpu so that
could cause more cost for your mainframe. Agents are a bit special for
configuration because the logic is different than the one on other
platforms.

That is because mainframe agents were originally from Tomium company that
was acquired by Imperva some time ago. They still run the same code, just
little improved.
At this point, my configuration does not collect what I expected, but that
could be due to bugs, that is expected to be solved in version 12 of the
SecureSphere.

You can say for sure that security audit costs money - in this case, your
mainframe CPU money.

I have been using it for 18 months.

We had a problem with mainframe DB2 mappings; incorrect results due to bug. A fix is expected in DAM (Database Activity Monitoring) version 12 in March 2017.

I have not encountered any stability issues. Only, you need to optimize the data/events you are receiving. If you have too much input, you will have a stability problem (in that case, lower event throughput and increase manager memory).

I have not encountered any scalability issues. It's flexible.

Customer service is excellent, 5/5.

We did not previously use a different solution. We had some pilot projects and chose this solution.

Initial setup was straightforward and it was simple/easy to install and customize.

A combination of in-house and local support teams implemented it. We are satisfied with their level of expertise.

ROI is good. We needed this system for getting ISO 27001.

Be careful if you have a mainframe. Calculate well...

Before choosing this product, we evaluated IBM InfoSphere Guardium.

We are very satisfied with this product. It's simple to use, customize and administer. Installation is simple and easy, even on mainframe.

The database activity monitoring module used for real time database monitoring and integrated into the security event and incident monitoring solution. Most importantly for our critical legacy databases that cannot be encrypted and require real time a activity monitoring.

It provides a more granular monitoring of database activity at the column and row level as opposed to high level database management system logs.

The professional services and customer training aspect needs to be improved.

I've used it for four years.

The first implementation was not tailored to our specific requirements and the system was basically an expensive log collector until the vendors came to capture our requirements and then made modifications. This was then followed up with training.

No issues encountered.

No issues encountered.

It's moderate.

It's moderate.

I used a different solution with a former employer.

We are a large organization with about 100 critical heterogeneous database servers. This means that one configuration does not fit all, and that made the implementation very complex. Combined with protection of sensitive information that could be logged by the solution.

We used a vendor and their level of expertise was between moderate and high.

The ROI based on the number of prevented, and detected, information security incidents can be classified as high.

We also looked at Sentrigo Hedgehog by McAfee.

Ensure the vendor clearly captures your specific database monitoring requirements and that might include importing the metadata of the database for proper monitoring. Training should be included in the implementation budget as this is a very complex solution with a wide range of capabilities.

We utilise the following components:

1. Database activity monitoring of Oracle/SQL/Sybase databases - we did have UDB running, but that was decommissioned
2. Assessment scans using mostly custom checks to check for security settings - we did expand this at one point to check for best practise, but this was discontinued

It hasn't really improved the way we function, but it has allowed us to meet several audit issues that were outstanding for many years. We tried another product, but we found it did not meet our requirements.

• Capacity management of application needs significant improvement
• Task management functionality is pretty basic, with not a lot of functionality
• I would also like to be able to replace IP addresses with DNS names for easier recognition of host machines
• The SOM feature could also be dramatically improved to allow central management of the entire feature set
• The ability to manage lifecycle of agents could be improved via central deployment of upgraded agents

I started using the database auditing/risk areas of the product in mid-2011. We use agents for monitoring database activity. We do not use the gateways for collecting data via the network.

We had several performance issues on high throughput applications due to outdated, old hardware/non-ideal settings in the agents. These were mostly on our end.

We had a few minor issues with stability, but it has not impacted our service. We did have an agent cause a reboot of a host server, but this was quickly fixed via an upgrade of the agent.

Capacity management is a major issue with the application. There is no easy way to identify when new hardware is required, or if a modification to the configuration could solve the issue. This may have been due to our method of deployment though.

We had a service provider in-between Imperva and our organisation. It did not make things easy. When dealing directly with Imperva I had good experiences with the vendor, and real issues were escalated quickly and getting access to the relevant engineering sections of the vendor was possible.

Technical support was hit and miss. Sometimes we received excellent support, and other times it was not so good. Sometimes convincing the engineering team that there was a real problem in the software was a bit harder than it should have been. Overall, compared to other vendors, support was good.

We previously used another solution, and that product was different depending on the DBMS that was being monitored. Technical expertise in DBMS technology with that vendor was poor, so we switched..

The initial setup was easy, but some of the specific requirements we had required some work. Deploying the hardware during the initial setup did not require and specific customisation for our organisation. The audit policies and assessments obviously did require customisation, but it was relatively simple. Later on, we did find some issues that were due to the setup of the site hierarchy that was not brought to our attention until one to two years later.

We used on-site vendor engineers to support the internal implementation. Their level of expertise was excellent.

This is not relevant to the production selection, as we were required to close off auditing items.

We compared IBM Guardium and Imperva SecureSphere via a POC process. We did a paper evaluation of other products to choose two products for the POC.

Go through the POC process and test all ITIL processes to ensure you understand what will be required for the entire lifecycle of implementation/support. Engage with DBA teams to provide DBA support and knowledge. If it's possible, ensure there are people who understand databases on the SecureSphere support team.

We primarily use the solution  just to monitor database activity on all the in-house databases.

I like almost everything about the solution. That includes sensitive data scanning, which is what is the most important. The data discovery is great as well. 

I like the activity monitoring. That was the main reason we purchased the tool.

The integration is great.

They do quite a lot of feature updates. 

The solution needs local support.

They need to do a little bit more knowledge-sharing with the tool. Knowledge-sharing is not what you normally get with Microsoft, Symantec, or any other tools that are leaders in their respective spaces. This is more of a closed-group type of solution only, whereby the information is only accessible to certain groups, or maybe in certain countries. It needs a broader, more accessible knowledge base. 

There could be more on the monitoring side of things. They need more monitoring tools within the tool itself. Although it does a good job monitoring databases, in terms of the health of its agent gateways to verify communication and all that, there are basically no utilities available within the tool.

I've used the solution for a little over three years. 

The stability is average. I'd rate it three and a half out of five in terms of stability. It's not too bad. 

This is a highly scalable product. I'd rate it four out of five in terms of its ability to scale. 

We have 15 people using the solution.

Local companies have limited exposure to the tool There's professional support and support from the providers, however, if they don't know too much about it, they cannot provide adequate help. 

Positive

While I didn't handle the initial deployment myself, from the training I have done, it is my understanding that the implementation process would not be that hard. 

I'm not sure how many people were involved in the deployment. 

I handle any maintenance myself with the sales provider. There might be six people available to maintain the product. There would be about three from the customer side and two from the service provider's side.

We did have a third party assist with the initial setup. They were from the vendor. 

I am not sure how much the licensing is exactly. that said, my understanding is that it is expensive. 

We're customers and end-users.

We are using the latest version of the solution. 

It's pretty good in terms of capabilities. I'd rate it eight out of ten. 

The solution helps us with monitoring the databases, servers, and activities.

Using the product is a good experience. Database reporting features are valuable to us.

The GUI is bad. The product must focus on improving its reporting features and the dashboard.

I have been using the solution for nine months.

I rate the tool’s stability a five or six out of ten. The glitches and errors have recently been quite high because they allow connection to databases without verifying or discovering the database. We have to keep in mind that we must monitor all the time.

The scalability is pretty good. I rate it a seven out of ten.

The setup can be a little complicated.

For the pricing that the solution provides, the return on investment is good for large companies. It's quite expensive for small to medium businesses.

Overheads like physical databases and servers can be a little bit expensive. The setup and license are quite expensive.

I would not recommend the product to small and medium businesses. Overall, I rate the tool a seven out of ten.