Imperva SecureSphere Database Activity Monitoring v8.5
November 01, 2011
basic: X2500 appliance with management server (M100): $55,000
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Multiple deployment options, and audit and forensic capabilities.
- Weaknesses: Pricey. Not as simple to use as one would expect in an appliance-based solution.
- Verdict: Delivers a lot of capabilities. We make this our Recommended choice.
SecureSphere Database Activity Monitoring (DAM) v8.5 from Imperva continuously monitors and audits all database operations, including privileged user access and response, to detect and block attacks and data leaks. The product uses a dynamic profiling behavior-based baseline to help determine malicious behavior or variances in use.
The solution is deployed as a set of hardware appliances. We used two, the M100 Management Server and the X2500 database activity monitoring appliance. Imperva also offers a virtual appliance that can be deployed on in-house hardware.
SecureSphere DAM enables continuous monitoring and granular auditing of all database operations in real time, providing organizations with a detailed audit trail that shows the "who, what, when, where and how" of each transaction. The solution captures all database activity, including data definition language (DDL), data manipulation language (DML), and data control language (DCL). In addition, it will record read-only activity (SELECTs), changes made to stored procedures, triggers and database objects, as well as SQL errors and database login activity. Additionally, it looks for various database attacks at the OS, protocol and SQL levels, including SQL injection, buffer overflow denial-of-service attacks and protocol violations.
The user interface is fairly easy to pilot. However, the documentation was lacking in detail relating to management and configuration of the system.
The application was at the high end of the pricing scale, but it delivers quite a number of capabilities. It is a true enterprise-class solution.
Sign up to our newsletters
SC Magazine Articles
- Study: Open Source Software use increasing in enterprises but without vulnerability monitoring
- RSA Conference 2015: Prepare for the IoT before it's too late, Sorebo warns
- 'Aaron's Law' returns to Congress
- RSA 2015: Tension continues to grow between govt, cryptographers
- Data at risk for 9,000 individuals following unauthorized access to SRI Inc. website
- Study: Conficker declared top threat of 2014, but N. America targeted mainly by AnglerEK
- RSA 2015: Straight talk about encryption, bulk surveillance and IoT
- RSA 2015: In the healthcare industry, security must innovate with business
- RSA 2015: Unintended use of aircraft systems next challenge for counterterrorism community
- RSA 2015: Bug hunting and responsible vulnerability disclosure