SecureSphere Database Activity Monitoring (X2500)
November 01, 2013
$41,000 for the SecureSphere Database Activity Monitoring hardware appliance, including management, and $18,500 for the SecureSphere Web Application Firewall hardware appliance, including management. The two can be ordered as a single bundle for $51,000. We tested the two products separately.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Feature-rich with good documentation.
- Weaknesses: Support was quite inflexible, even when we notified the company that we were reviewing their product.
- Verdict: A capable database firewall offered in a variety of form factors.
SecureSphere Database Activity Monitoring hardware appliance by Imperva is a well put together and configured machine that provides outstanding protection to both web and database servers. It provides protection against such attacks as SQL injection. It is intended to be used with SecureSphere X1010 Web Application Firewall X1010, but inclusion of the web firewall is not a requirement for successful deployment of the Imperva Database Activity Monitoring appliance. The X2500 supports 12 different database platforms. It comes with prebuilt security policies and a monitoring system that alerts users of possible attacks. It can even take action to block the attack. Further, it lets the user audit access by individual users and it detects and essentially patches database software vulnerabilities. The X2500 is versatile as it can also be used as a file firewall, file activity monitor and web application firewall.
The instillation was relatively easy with the documentation provided, but there were some issues with the license we received. We started the setup by attaching a monitor and keyboard to the server and used the console port to initialize. It was a little complex due to the need to manually install the most up-to-date version of SecureSphere after it failed on the initial setup via a USB drive. Plus, there was a tedious amount of password entry. However, with the solid documentation it was relatively easy to complete. After we finished all of that, we were able to access the user interface. It should also be noted that we were informed by technical support that there is no way to factory reset the server, which we believe should be implemented in some way.
The work surface is well done and has clear easy-to-use monitoring. We were impressed with how well it is laid out and how easy the monitoring center is to use. It allowed us to modify and create policies the way we wanted to. The documentation is well done and contains clear concise instructions with screen shots and diagrams.
Imperva has three different levels of technical support. The standard level provides aid from 8:00 a.m. to 6:00 p.m, while the enhanced level offers 24/7/365. The highest level of assistance, premium, includes advanced hardware replacement. When we contacted technical support, we were disappointed with their lack of interest in helping us. We had a problem with our license and at one point were refused support because we didn't have a valid one. All problems were eventually solved with their assistance, but we received intervention based on our reviewing of the product. We wonder what an average customer with a similar problem would do. However, the product, overall, still is a good value for the money.
We tested the full hardware appliance version of this tool, but Imperva has other configurations, such as virtual appliances, available at various prices. We found the website to be lacking a bit in support information. For example, finding the manual for the product was a challenge.
Tyler Atkinson contributed to this review.
SC Magazine Articles
- USAA members hit with multiple phishing attacks
- Industry pros react to Cisco, Fortinet advisories after possible Snowden NSA leak
- Trust exercise: Symantec's new website security expert is reaching out to hacker community
- U.S. government extends offer to protect states from electoral cyberthreats
- Cisco shedding 7% of its workforce
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- Microsoft warns of new, self-propagating ransomware in the wild
- Wendy's POS breach 'considerably' bigger than first thought