What needs improvement with Imperva SecureSphere Database Security?

It would be more efficient if we could manage the consoles of management servers from a single location. Currently, if the management server for our DR environment is separate from the production management server, we have to log in to each server individually. For example, to check the status of production servers integrated with Infowa, I need to log in to the production management server. Similarly, I have to log in to the DR management server to check the status of the DR servers. Connecting both servers and managing them through a single console would make it easier to handle all alerts in one place.

The platform doesn’t support some newer databases, such as Oracle on Ubuntu or databases running on Gatsby. Coverage for certain banking databases, like T24, needs enhancement as well. Additionally, its encryption capabilities need improvement.

Imperva’s agent is not suitable for container systems. The agent does not monitor databases in the containers. Imperva must improve it. The vendor provides Imperva DSF, but customers must pay a lot. It would be better if Imperva’s agents could monitor containers. In Turkey, we have a Linux-based operating system that is used extensively. Imperva’s agent does not fit the operating system.

I have worked with IBM before, and I prefer its ease of deployment and management. Imperva SecureSphere Database Security has tricky deployment, whereas IBM's deployment is straightforward because of the UI.

Mostly in areas like data masking since they previously had a product called "camouflage," but it was dropped. It would be better to have something similar to that. Additionally, improvements can be made in data enrichment, aggregation of data from different perspectives, and enhancing the GUI (Graphical User Interface) for a better user experience.

The GUI is bad. The product must focus on improving its reporting features and the dashboard.

We have a lot of lost communication between the clients and the management server. This is a client-on-server solution and sometimes the agent stops communicating and it can take a lot of troubleshooting to solve the issue. It would also be helpful if they'd improve artificial intelligence.

Data encryption. Yeah, Imperva needs to pull up on data encryption and make it a standard feature to allow maybe for tokenization, encryption of data, and things like that.

We'd like better compliance with cyber security and legal as well as other areas. I'd like to see some sort of solution for storage. For example, if someone in the company is doing some backup, I cannot reach that information in the discovery and in the protection. I only can protect the information, the databases that I use that are in developer or Q&A, and not those databases that are in the backups. It's a limitation.

The solution needs local support. They need to do a little bit more knowledge-sharing with the tool. Knowledge-sharing is not what you normally get with Microsoft, Symantec, or any other tools that are leaders in their respective spaces. This is more of a closed-group type of solution only, whereby the information is only accessible to certain groups, or maybe in certain countries. It needs a broader, more accessible knowledge base. There could be more on the monitoring side of things. They need more monitoring tools within the tool itself. Although it does a good job monitoring databases, in terms of the health of its agent gateways to verify communication and all that, there are basically no utilities available within the tool.

Imperva SecureSphere Database Security can improve something in all the versions I have used. In an upcoming release, there should be a more simplistic way to learn the policy. The security policies can be complex, you need to know the attacks in order to give the portal a security policy. They should be more user-friendly to a level you do not need an expert.

Sometimes the reports are cumbersome, and you have to drill down to get more information. SecureSphere also sometimes needs a lot of maintenance to keep the agents running on the database. In the next release, Imperva should include a preventative solution that will stop an attack before it happens or read the behavior of particular accounts and act on it. They should also make SecureSphere available on mobile so that if an administrator isn't on-prem, he can access the solution via the internet wherever he may be.

Some cloud versions are not supported by the agent. For example, we had a client that wanted to move to the cloud and wanted to use AWS, however, it was not possible. Imperva should have every kind of agent.

They can maybe look at its pricing model. Its pricing could be cheaper for the African countries or developing economies.

It is quite expensive. I would prefer a lower price. In terms of features, I started using it this month. I need more time to explore it.

The support could be improved. The product needs to perform better in extremely busy databases. It does not do really well where the DB is extremely, extremely busy. The updates could be better. The UI can be improved. The ability to narrow down to the right environment could be helpful. They need to allow users to find an easy way to drill down to what's important.

The solution could improve by having more integration.

The system reports vulnerabilities in my vulnerability assessment, but I need something to generate warning messages. I would like to see integration such that there is support for different kinds of environments, such as on-premises versus cloud.

It is very expensive. Its price can be better.

Overall, it's a very good product but they could do with some modifications log-wise — it should be more comprehensive. Otherwise, 95% of the product is very good. The interface could be more user-friendly.

I've been part of various projects and also interact with clients because I do pre-sales. Most of the feedback I receive relates to clients wanting to see an improvement in the reporting. They like the ability and functionality of the solution but they feel the reporting is lacking. The general feeling is also that the GUI has been the same for a very long time and there is room for improvement there. It could look a little better and then if the reports are also improved that would make a big difference all round. From a basic implementation point of view, there are some features that are very technical, clients want everything very granular and they always say Imperva bundles everything. You do a signature, and ABC updates and you trust what the ABC is doing. I think if it were a little more granular and detailed in terms of how, for example, a query stream is being detected or something like that, rather than just blocking something, it would give the administrator a better view and understanding of what's happening.

Its reporting can be improved. The reporting feature is currently not good enough for our clients.

What I would like to see improved is Imperva making further development in terms of them going to the Cloud. Our business is moving to the cloud, so we want to have cloud availability as an option. Imperva can do the cloud database, but they are still working at building it out and it does not seem to me to be fully operational.

The feature right now that we have not been able to use successfully is the firewall aspect, the WAF. In terms of the WAF, we tried their blocking functionality at some point, and our entire company came to a halt due to the fact that it was blocking even database connections. It was hanging our databases. Until now, we've not been able to fully use their database blocking functionality very well. That is the only aspect that I wish could be improved tomorrow. The entire system is not user-friendly for me, and definitely not as user-friendly as Oracle Vault. It should be more user-friendly, to make it much more competitive in the space. The technical support is not offered by the company itself. Rather, you can only get technical support via partners. It isn't that good and because of this, we want to leave the product. The solution is expensive. If we can look at a system that can do 360 annual. There is an app call bridge that is something they've introduced, however, we don't have that yet. I don't know if that is able to do application monitoring as well, but I wish they had a feature that could do both the database and application monitoring.

I think the biggest challenge with their product is the management of it. Not that it needs a lot of engineering, but it requires a lot of upkeep and deployment of a lot of servers that require regular updating. If you want to make any changes it's a lot of work to get things moving. I personally find it quite difficult to work with in that regard. The product would be better with improvement to the database security from the access management perspective. A lot of it falls into content on the database and is difficult to retrieve. Also, looking into databases themselves, table sets and data sets and being able to retrieve that information.

They have to put more focus on the administrative part of the application, especially on upgrades. There are a lot of packages to download and install that you have to be knowledgeable on. For example, we tried to install a version, and it did not work. Then, support had to become involved. They should add an application availability dashboard feature and should focus more on the alerting mechanism. There is a problem with the integrations. I would also like to see improvement in the integration part of the tool. This should be an easy process. For example, I had an issue with the integration of a file server. Within the endpoints, the communication is breaking down most of the time. Sometimes, once the communication stops, it does not resume again. They could approve monitoring in the next release. E.g., right now, we lack the ability to know when databases are down. This is something we could use monitoring to mitigate.

I think the support needs more improvement than the product. The support we get struggles a bit to provide solutions. They take additional time to respond to support requests. The core of Imperva can sometimes be very slow. This mostly happens when you turn on many alerts, if a lot of people log-in, or if you turn on auditing. It can get noticeably slow. Performance under a heavy load is noticeably reduced. That could be because of scalability, but most of my major issues have to do with performance. I think it's because they run an Oracle database at the backend. If they allowed the administrators to tune the back end database it might solve the issue. If the backend database is having trouble you have to call support and that takes time. It is not efficient. Finally, they might consider reducing the licensing fee. It's a bit high compared to the competition.

The GUI needs to be improved and made more user-friendly. This solution is a little complicated compared with other solutions for database auditing because of the GUI interface. It will be much more competitive if the interface meets the standards of the other vendors in the market. For example, the price of the IBM Guardium is very high, but it's user-friendly. On the other hand, the Imperva GUI is complicated. It is harder for us to generate reports. That's why we face some hurdles in operations. For security, the main point is to report on any violation of compliance. The administrator is required to generate reports. The GUI is set by the operator and not the admin of the device. Every time they need to make changes, it requires a lot of configuration to generate a new report. For any urgent report, the administrator has to be involved. It should not be necessary. The agent should be installed at the box itself instead of going on the bridging system and doing the installation. Whenever any dependency is required, the activity becomes harder. If the dependency is not required then the activity can be handled from the box itself. It should be very easy to execute the administration and operations of the device. Comparing to Cisco devices, which are very user-friendly, other product manufacturers can take a lesson and make an effort to make the operational and administrative tasks easy. It should be possible to execute by the team without writing custom lock sources.

The GUI for this solution could use some improvement. I would like to see better support for countries in the Middle East, and other places that do not have direct access to the vendor.

There is room for improvement in the firewall capabilities when it comes to additional features such as Traffic Shaping, Connection Pooling and Load Balancing. Barracuda and F5 are leading in this aspects.

Technical support for this solution needs improvement.

It would be better to update the solution by using a GUI that guides me, rather than through a CLI. It would be best if it were simply updated automatically from an admin page.

The pricing for support could be improved. Integration with other databases or third-party products would be useful.

Comparing it with other products in the market, we definitely see that Imperva SecureSphere is head-to-head with the likes of McAfee, IBM Guardium, and others. It's definitely good. The only challenge I see is that SecureSphere is deployed on servers or databases which are held on physical infrastructure. However, there are databases which are hosted on cloud platforms and Imperva has a separate tool altogether for that, not SecureSphere. If an organization is monitoring databases which are on physical as well as virtual infrastructure, running two different tools can become a problem. If that could be merged together it would be an improvement. Having read about Imperva, I couldn't get much detail as to what their roadmap is for the future, whether they would want to merge them or not. But as a customer, if I can have one tool for various landscapes, like the databases hosted on a physical landscape as well as the virtual ones, that makes it a lot easier.