Imperva SecureSphere Business Security Suite
November 01, 2012
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Enormous feature set and flexible deployment options.
- Weaknesses: High cost and slightly more complex setup.
- Verdict: Excellent for large enterprises or those which can afford the cost, but almost certainly overkill for smaller businesses.
With large enterprise networks under constant attack from malicious entities, administrators need powerful defenses. With what may just be the Cadillac of application and database security products, Imperva makes its appearance to help hold attackers at bay. Just prepare your checkbook, this Caddy doesn't come cheap.
While Imperva supports running the SecureSphere software in a multitude of configurations, both virtual and physical, the product was delivered to us as a pair of appliances - a dedicated management server and a gateway device. The setup process was not insurmountably complex. However, we did need to contact support in order to acquire the administrator's guide before we could make much progress. The appliances used a 38400 baud rate on its serial ports as opposed to the somewhat-standard 9600 baud rate we find on most networking gear, so we had to check the admin guide for those settings. The product's configuration was split between the command line interface (CLI) and the web interface on the management device, with all networking configuration being done via the CLI, as well as linking the gateway to the management device. There was a decent menu-driven system, so we didn't find ourselves typing out long commands. All other functionality was set up via the management server's web interface, so after the initial setup we didn't need to go back to the CLI again.
SecureSphere has far more functionality than we could possibly cover here in the space allotted. Functioning primarily as an application and database firewall with IDS/IPS features, the solution is deployable in a number of different configurations, with support for deployment as an inline gateway, as a reverse proxy or as a network sniffer. The offering supports SSL offloading and decryption of SSL traffic, input validation, application user tracking, session/cookie protection and more. Attack signatures are automatically updated from the Imperva website, and the product supports user-created signatures as well, using a proprietary language resembling that used by Snort. In addition to the standard attack signature detection methodology, subscribers to Imperva's ThreatRadar service get the added benefit of reputation-based IP blocking. On the database side, the product supports activity auditing, continuously monitoring target databases and maintaining an audit trail. It also can alert on and/or block unauthorized access attempts and perform user rights analysis.
The documentation is stellar. The administrator's guide covers everything from deployment planning to product configuration, with network diagrams and screen shots where appropriate. The user's guide covers day-to-day tasks, including reporting, detection signature writing, user tracking and more. Both manuals come as well-formatted PDF files.
Imperva offers three tiers of support. Standard includes help from 8 a.m. to 6 p.m., Monday through Friday, while the enhanced tier extends those hours to 24/7. The premium support package includes advanced hardware replacement.
At a base price of $51,000, buying into the SecureSphere platform isn't cheap. Support costs start at $7,650 for the standard support package.
Sign up to our newsletters
SC Magazine Articles
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Report: $19M breach settlement between MasterCard, Target terminated
- Logjam attack exposes data passed over TLS connections
- Google releases Chrome 43, addresses 37 bugs
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Senate fails to pass USA Freedom Act; McConnell moves for revote of Patriot Act extension
- Android ransomware distributed to English speakers in spam campaign
- Site operator sentenced to 13 months for facilitating prostitution
- ISA presses for data to shape cyber security policy, encourages use of NIST framework
- Former Jacobi Medical Center employee improperly emails patient data