SecureSphere Database Activity Monitoring (X2500)
November 01, 2013
$41,000 for the SecureSphere Database Activity Monitoring hardware appliance, including management, and $18,500 for the SecureSphere Web Application Firewall hardware appliance, including management. The two can be ordered as a single bundle for $51,000. We tested the two products separately.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Feature-rich with good documentation.
- Weaknesses: Support was quite inflexible, even when we notified the company that we were reviewing their product.
- Verdict: A capable database firewall offered in a variety of form factors.
SecureSphere Database Activity Monitoring hardware appliance by Imperva is a well put together and configured machine that provides outstanding protection to both web and database servers. It provides protection against such attacks as SQL injection. It is intended to be used with SecureSphere X1010 Web Application Firewall X1010, but inclusion of the web firewall is not a requirement for successful deployment of the Imperva Database Activity Monitoring appliance. The X2500 supports 12 different database platforms. It comes with prebuilt security policies and a monitoring system that alerts users of possible attacks. It can even take action to block the attack. Further, it lets the user audit access by individual users and it detects and essentially patches database software vulnerabilities. The X2500 is versatile as it can also be used as a file firewall, file activity monitor and web application firewall.
The instillation was relatively easy with the documentation provided, but there were some issues with the license we received. We started the setup by attaching a monitor and keyboard to the server and used the console port to initialize. It was a little complex due to the need to manually install the most up-to-date version of SecureSphere after it failed on the initial setup via a USB drive. Plus, there was a tedious amount of password entry. However, with the solid documentation it was relatively easy to complete. After we finished all of that, we were able to access the user interface. It should also be noted that we were informed by technical support that there is no way to factory reset the server, which we believe should be implemented in some way.
The work surface is well done and has clear easy-to-use monitoring. We were impressed with how well it is laid out and how easy the monitoring center is to use. It allowed us to modify and create policies the way we wanted to. The documentation is well done and contains clear concise instructions with screen shots and diagrams.
Imperva has three different levels of technical support. The standard level provides aid from 8:00 a.m. to 6:00 p.m, while the enhanced level offers 24/7/365. The highest level of assistance, premium, includes advanced hardware replacement. When we contacted technical support, we were disappointed with their lack of interest in helping us. We had a problem with our license and at one point were refused support because we didn't have a valid one. All problems were eventually solved with their assistance, but we received intervention based on our reviewing of the product. We wonder what an average customer with a similar problem would do. However, the product, overall, still is a good value for the money.
We tested the full hardware appliance version of this tool, but Imperva has other configurations, such as virtual appliances, available at various prices. We found the website to be lacking a bit in support information. For example, finding the manual for the product was a challenge.
Tyler Atkinson contributed to this review.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Education sector bullied by ransomware and can barely defend itself, report
- DetoxCrypto ransomware imitates Malwarebytes software
- Cisco warns of exploitation of new flaws linked to Shadow Brokers exploits
- House Committee urges Obama not to pardon Snowden
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Hard Rock Hotel & Casino Las Vegas hit with POS breach
- X-ray and MRI machines among devices used as springboards for data breach attacks
- Brexit shakeup: How will the U.K.'s exit from the EU affect the technology sector?
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace
- OpenSSL patches 14 vulns, including high-severity flaw that can be exploited for DoS attacks
- IoT assault, connected devices increasingly used for DDoS attacks
- Cybercriminals already able to hack ATM biometric readers
- Cities planning transparency laws for police surveillance tech
- Malicious apps leveraging top UK brands has increased by 130%