SecureSphere Database Activity Monitoring (X2500)
November 01, 2013
$41,000 for the SecureSphere Database Activity Monitoring hardware appliance, including management, and $18,500 for the SecureSphere Web Application Firewall hardware appliance, including management. The two can be ordered as a single bundle for $51,000. We tested the two products separately.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Feature-rich with good documentation.
- Weaknesses: Support was quite inflexible, even when we notified the company that we were reviewing their product.
- Verdict: A capable database firewall offered in a variety of form factors.
SecureSphere Database Activity Monitoring hardware appliance by Imperva is a well put together and configured machine that provides outstanding protection to both web and database servers. It provides protection against such attacks as SQL injection. It is intended to be used with SecureSphere X1010 Web Application Firewall X1010, but inclusion of the web firewall is not a requirement for successful deployment of the Imperva Database Activity Monitoring appliance. The X2500 supports 12 different database platforms. It comes with prebuilt security policies and a monitoring system that alerts users of possible attacks. It can even take action to block the attack. Further, it lets the user audit access by individual users and it detects and essentially patches database software vulnerabilities. The X2500 is versatile as it can also be used as a file firewall, file activity monitor and web application firewall.
The instillation was relatively easy with the documentation provided, but there were some issues with the license we received. We started the setup by attaching a monitor and keyboard to the server and used the console port to initialize. It was a little complex due to the need to manually install the most up-to-date version of SecureSphere after it failed on the initial setup via a USB drive. Plus, there was a tedious amount of password entry. However, with the solid documentation it was relatively easy to complete. After we finished all of that, we were able to access the user interface. It should also be noted that we were informed by technical support that there is no way to factory reset the server, which we believe should be implemented in some way.
The work surface is well done and has clear easy-to-use monitoring. We were impressed with how well it is laid out and how easy the monitoring center is to use. It allowed us to modify and create policies the way we wanted to. The documentation is well done and contains clear concise instructions with screen shots and diagrams.
Imperva has three different levels of technical support. The standard level provides aid from 8:00 a.m. to 6:00 p.m, while the enhanced level offers 24/7/365. The highest level of assistance, premium, includes advanced hardware replacement. When we contacted technical support, we were disappointed with their lack of interest in helping us. We had a problem with our license and at one point were refused support because we didn't have a valid one. All problems were eventually solved with their assistance, but we received intervention based on our reviewing of the product. We wonder what an average customer with a similar problem would do. However, the product, overall, still is a good value for the money.
We tested the full hardware appliance version of this tool, but Imperva has other configurations, such as virtual appliances, available at various prices. We found the website to be lacking a bit in support information. For example, finding the manual for the product was a challenge.
Tyler Atkinson contributed to this review.
Sign up to our newsletters
SC Magazine Articles
- Popular adult website XTube compromised, delivers malware
- Android vulnerability leaves apps open to malicious overwriting
- One in three of the top million websites are 'risky,' researchers find
- Orgs predict $53M risk, on average, from crypto key, digital cert attacks
- Hanjuan Exploit Kit leveraged in malvertising campaign
- Report: 71 percent of orgs were successfully attacked in 2014
- Self-deleting malware targets home routers to gather information
- 'PoSeidon' point-of-sale malware targets payment card information
- Amedisys notifies nearly 7,000 individuals of potential breach
- Report: More than 15,000 vulnerabilities in nearly 4,000 applications reported in 2014
- The best defense is a good offense: The importance of securing your endpoints
- British Airways says rewards accounts hacked, locked down
- Documents on NSA's zero-day policy provide little insight, EFF says
- GitHub on DDoS alert, efforts to curb its largest attack continue
- Shadow data: The monster that isn't just under your bed