Item: Imperva Data Security
Rating: 8
Author: Jennifer Greulich, GSED, GSEC

Use Cases and Deployment Scope

This is currently used as a database monitor to monitor activity in all of our critical databases. We monitor transactions, log activity, user activity, and all edits, adds, drops, inserts, etc.

Pros and Cons

Alerts when suspicious activity is detected
Records all database transactions for analysis
Determines activities in stored procedures

Alerts require a lot of tuning to get actionable intelligence
Certain common encryption ciphers are incompatible with Imperva and have to be disabled at the server level
Technical support is sometimes a little hard to work with

Return on Investment

Allowed us to meet important compliance requirements.
When protecting critical data, we can see exactly how it's being used and by whom.
Licensing costs are very reasonable.
It takes a fair amount of administration to use properly.

Other Software Used

Symantec Endpoint Protection, Palo Alto Networks PA-3000 Series, Symantec Critical System Protection

Imperva is great to monitor when new users access a database and will monitor when there are unauthorized users or activity is occurring. Imperva is not well suited to interpret whether an activity is unauthorized or not. The administrator has to be familiar with what the organization determines as good or bad traffic.

Imperva Review

Overall Satisfaction with Imperva SecureSphere

Use Cases and Deployment Scope

Pros and Cons

Return on Investment

Other Software Used

Likelihood to Recommend