SecureSphere Database Activity Monitoring (X2500)
November 01, 2013
$41,000 for the SecureSphere Database Activity Monitoring hardware appliance, including management, and $18,500 for the SecureSphere Web Application Firewall hardware appliance, including management. The two can be ordered as a single bundle for $51,000. We tested the two products separately.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Feature-rich with good documentation.
- Weaknesses: Support was quite inflexible, even when we notified the company that we were reviewing their product.
- Verdict: A capable database firewall offered in a variety of form factors.
SecureSphere Database Activity Monitoring hardware appliance by Imperva is a well put together and configured machine that provides outstanding protection to both web and database servers. It provides protection against such attacks as SQL injection. It is intended to be used with SecureSphere X1010 Web Application Firewall X1010, but inclusion of the web firewall is not a requirement for successful deployment of the Imperva Database Activity Monitoring appliance. The X2500 supports 12 different database platforms. It comes with prebuilt security policies and a monitoring system that alerts users of possible attacks. It can even take action to block the attack. Further, it lets the user audit access by individual users and it detects and essentially patches database software vulnerabilities. The X2500 is versatile as it can also be used as a file firewall, file activity monitor and web application firewall.
The instillation was relatively easy with the documentation provided, but there were some issues with the license we received. We started the setup by attaching a monitor and keyboard to the server and used the console port to initialize. It was a little complex due to the need to manually install the most up-to-date version of SecureSphere after it failed on the initial setup via a USB drive. Plus, there was a tedious amount of password entry. However, with the solid documentation it was relatively easy to complete. After we finished all of that, we were able to access the user interface. It should also be noted that we were informed by technical support that there is no way to factory reset the server, which we believe should be implemented in some way.
The work surface is well done and has clear easy-to-use monitoring. We were impressed with how well it is laid out and how easy the monitoring center is to use. It allowed us to modify and create policies the way we wanted to. The documentation is well done and contains clear concise instructions with screen shots and diagrams.
Imperva has three different levels of technical support. The standard level provides aid from 8:00 a.m. to 6:00 p.m, while the enhanced level offers 24/7/365. The highest level of assistance, premium, includes advanced hardware replacement. When we contacted technical support, we were disappointed with their lack of interest in helping us. We had a problem with our license and at one point were refused support because we didn't have a valid one. All problems were eventually solved with their assistance, but we received intervention based on our reviewing of the product. We wonder what an average customer with a similar problem would do. However, the product, overall, still is a good value for the money.
We tested the full hardware appliance version of this tool, but Imperva has other configurations, such as virtual appliances, available at various prices. We found the website to be lacking a bit in support information. For example, finding the manual for the product was a challenge.
Tyler Atkinson contributed to this review.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards