Imperva SecureSphere Database Activity Monitoring v8.5
November 01, 2011
basic: X2500 appliance with management server (M100): $55,000
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Multiple deployment options, and audit and forensic capabilities.
- Weaknesses: Pricey. Not as simple to use as one would expect in an appliance-based solution.
- Verdict: Delivers a lot of capabilities. We make this our Recommended choice.
SecureSphere Database Activity Monitoring (DAM) v8.5 from Imperva continuously monitors and audits all database operations, including privileged user access and response, to detect and block attacks and data leaks. The product uses a dynamic profiling behavior-based baseline to help determine malicious behavior or variances in use.
The solution is deployed as a set of hardware appliances. We used two, the M100 Management Server and the X2500 database activity monitoring appliance. Imperva also offers a virtual appliance that can be deployed on in-house hardware.
SecureSphere DAM enables continuous monitoring and granular auditing of all database operations in real time, providing organizations with a detailed audit trail that shows the "who, what, when, where and how" of each transaction. The solution captures all database activity, including data definition language (DDL), data manipulation language (DML), and data control language (DCL). In addition, it will record read-only activity (SELECTs), changes made to stored procedures, triggers and database objects, as well as SQL errors and database login activity. Additionally, it looks for various database attacks at the OS, protocol and SQL levels, including SQL injection, buffer overflow denial-of-service attacks and protocol violations.
The user interface is fairly easy to pilot. However, the documentation was lacking in detail relating to management and configuration of the system.
The application was at the high end of the pricing scale, but it delivers quite a number of capabilities. It is a true enterprise-class solution.
Sign up to our newsletters
SC Magazine Articles
- FireEye: First multi-vendor ATM malware targeting cardholders
- Customer data possibly compromised in online photo store malware attack
- Excellus BlueCross BlueShield announces breach, 10.5M records at risk
- CVS employee steals data on 55K Molina Healthcare members
- False Facebook 'dislike button' ensnares users
- Stored XSS vulnerability identified in Jetpack plugin for WordPress
- Experian, T-Mobile breach exposes 15 million customers, but what will happen to the data?
- Only a matter of time before cyber-attack hits broader finance
- Don't spend more, spend better: Interview with FireEye's Richard Turner
- Landmark European data protection judgement