Twitter Us!

Imperva - Database and Application Security, Reporting and Audit Solutions.Imperva SecureSphere Standard Edition - Discovery and Assessment Server

Discovery and Assessment for Databases

 

Overview:

The Imperva SecureSphere SE Discovery and Assessment Server delivers a full database vulnerability assessment solution that discovers databases in networks, classifies the data they contain, and assesses vulnerability risks associated with that data. In addition to known databases, SecureSphere can identify rogue servers and help discover the data they contain. Organizations can use SecureSphere to automatically classify the database data as Personally Identifiable Information (PII), financial data, SOX, or PCI-relevant data, or custom data types. SecureSphere then helps you manage risks by performing vulnerability assessment tests and mapping test results to classified data.

The SecureSphere SE Discovery and Assessment Server is an intuitive and easy to deploy solution for medium enterprises that need vulnerability management for databases within their organization. Organizations needing additional upgrade paths may also consider the Enterprise Edition Discovery and Assessment Server.

SecureSphere Discovery and Assessment Server

Benefits:

  • Database platform, software, and configuration vulnerability analysis
  • Automatic network discovery of database servers
  • Comprehensive data classification by pre-defined or custom data types
  • Risk scoring for vulnerability management

Features:

  • Automated Database Server Discovery – SecureSphere discovers known and rogue servers over the network and reports servers, platforms, software, versions and other critical information.
     
  • Data Classification – SecureSphere locates sensitive data on discovered databases. Data is classified by data type, including PII (Personally Identifiable Information), financial data, credit card numbers, PCI, SOX, and custom types.
     
  • Vulnerability Assessment – SecureSphere performs non-intrusive assessments to detect hundreds of platform, software, and configuration vulnerabilities specific to the assessed database platform. Comprehensive reports recommend remediation steps and actions.
     
  • Risk-based Vulnerability Management – Risk-scoring based on data classification and assessed vulnerabilities enables SecureSphere to help organizations prioritize security activities.
     
  • Clear, Relevant Reports Analyze Database Threats – The SecureSphere Discovery and Assessment Server includes intuitive and easy-to-understand reports that provide high-level summaries of security status as well as detailed, drill down reports with individual assessment results. Pre-defined reports make it easy to document compliance to auditors.
     
  • Scheduled Assessments and Report Distribution – Saving operational time and effort, organizations can schedule one-time or recurring database assessments.
     
  • Inclusive Vulnerability Knowledgebase – With the most in-depth and current database of vulnerability assessments, customers can be assured that SecureSphere will uncover all vulnerabilities and configuration flaws.
     
  • Up-to-date Vulnerability Assessments – The Imperva Application Defense Center (ADC) constantly analyzes the latest database threats and vulnerabilities. Assessments are continually and automatically updated.

SecureSphere DAS Dashboard

Solutions:

Discovery and Classification

Discovering Databases
An essential part of any compliance and database vulnerability management program is a clear knowledge of the assets requiring protection. The SecureSphere Discovery and Assessment Server (DAS) offers automated network-based database discovery. Scheduled scans of designated networks discover new database installations and ensure awareness of these assets. The discovery results include detailed information about the specific platforms and RDBMS, which combined with data classification and vulnerability assessment and mitigation enable risk management that maps sensitive data with vulnerability risks. Database discovery also helps with asset management and is an important first step for ensuring that rogue database servers do not exist on the network.

Data Classification
Classifying the data contained within databases helps security and compliance managers to fundamentally understand which databases are within the scope of a regulatory compliance project.

SecureSphere uses Dictionaries and Rules as key data classification methods to scan the contents of databases. An extensive list of pre-defined data classification types is included in the solution, and custom data types can be added as well. Asset discovery and data classification scans can be scheduled and repeated to ensure ongoing awareness of types of data within an organization’s databases.

Data Classification Types
SecureSphere DAS offers an extensive list of built in data types in the following classification categories:

  • Financial Information
  • Credit Card Numbers
  • System and Application Credentials
  • Personal Identification Information
  • Custom Data Types

Discovery and Classification Results
Once discovered and classified, organizations can quickly view discovered platforms and add them to server groups based on location, type of database, and data by classified type. Server groups are then applied with assessment policies. This enables organizations to have full visibility of the data within their organizations. In addition, discovered servers can be added to a server group and included in assessment scans and on-going monitoring.

Database Vulnerability Assessment

SecureSphere DAS identifies and quantifies vulnerabilities using over 500 tests for various platforms and databases. Operating Systems and RDBMSs are tested for known exploits and mis-configurations. Custom assessments can also be added to address specific requirements.

The assessment tests are kept up-to-date with the latest research from the Imperva Application Defense Center (ADC) research team. The ADC team conducts primary research on the latest OS, database and application vulnerabilities and exploits, and translates the findings into useful assessment tests and signatures. The updated assessments are automatically sent to the SecureSphere systems ensuring up-to-date identification of known vulnerabilities and the ability to protect systems against the latest attacks.

Database Vulnerability Assessments
SecureSphere DAS arms organizations with a comprehensive list of predefined assessment tests, which is continuously updated by the Imperva Application Defense Center (ADC) research team, providing the most extensive database discovery and assessment solution.

SecureSphere assessments address PCIDSS, SOX and HIPAA requirements and include the following:

  • Latest patches and releases installed
  • Changes to database files
  • Default accounts and passwords
  • Newly created/updated logins
  • Remote OS authentication enabled
  • Escalated user privileges granted

Additional vulnerabilities specific for SAP, Oracle EBS and PeopleSoft databases are available with Imperva ADC Insights.

Managing Database Vulnerabilities
To assist organizations with tracking and understanding their vulnerabilities, discovered vulnerabilities are assigned with a severity based on the Common Vulnerability Scoring System (CVSS). They are also mapped to a CVE identifier and the NIST standard, allowing users to search and learn more about the vulnerability.

Mitigating Discovered Vulnerabilities
An interactive vulnerability dashboard helps organization understand and analyze vulnerabilities by showing status, top vulnerabilities, and trending charts with drill down capabilities.

SecureSphere also provides a Vulnerability Workbench where users can track, manage and mitigate discovered vulnerabilities. When deployed with SecureSphere Database Firewall or Data Security Suite it enables vulnerability mitigation through virtual patching and blocking capabilities.

Effective Data Risk Management

Data Risk Explorer
Though for most organizations Risk Management is a top priority, it is often implemented as disparate efforts and manual processes that provide only limited visibility and incomplete analysis. SecureSphere delivers a unique data risk management approach that centralizes and automates data risk management processes and gives better visibility into risks to sensitive data.

The graphical Risk Explorer helps organizations effectively understand the areas of risk in the organization by geographical location, server groups, servers, and by classified data type. The views support drill down capabilities that provide more details on specific vulnerabilities, supporting quick focus and decision making.

Audit and Change Management
Pre-defined and custom reports provide detailed visibility into configuration changes, allowing auditors and management to track risk mitigation efforts. Reports are also useful for change management as they can list the configuration changes that take place in the monitored environment. SecureSphere DAS supports integration with SIEM, Workflow and Ticketing systems.

Data Governance and Protection
SecureSphere DAS ensures that organizations are aware of what data is stored in their organization and what steps should be taken to secure it. Dashboards and reports help provide a risk-based view into database vulnerability management. Through centralized management and automated compliance reporting, SecureSphere DAS provides a critical part of any risk, governance, and compliance project.

Deploying SecureSphere DAS

The SecureSphere DAS is provided as a turn-key network appliance and available in two editions:

Enterprise Edition
Designed for larger enterprises, with extended platform options. Upgrade paths supported to SecureSphere DAM, DBF and DSS. Supports integration with 3rd party enterprise solutions including SIEM, Workflow and Ticketing systems.

Standard Edition
Designed for medium enterprises looking for a cost effective stand-alone database vulnerability management solutions. No upgrade paths are supported.

Risk Scoring and Visualization


Features and Appliance Specifications:

Features Specifications:
Supported Database Platforms
  • Oracle
  • MS-SQL
  • Sybase
  • DB2
  • Informix
  • Teradata
  • MySQL
Automated Discovery
  • Automated discovery of database servers
  • Reported information: IP, ports, database version
Data Classification
  • Financial Information
  • Credit Card Numbers
  • System and Application Credentials
  • Personal Identification Information
  • Custom data types
Vulnerability Assessment
  • Operating System vulnerabilities
  • Database vulnerabilities
  • Configuration flaws
  • Risk scoring and mitigation steps
Enterprise Application Assessments
  • SAP
  • Oracle E-Business Suite
  • PeopleSoft
Compliance Assessments
  • PCI DSS
  • SOX
  • HIPAA
Risk Management
  • Data Risk Explorer and risk scoring based on sensitive data and location. Recommended mitigation activities prioritization.
Scheduling
  • One time and scheduled discovery and assessment tests
Actions
  • Accept in scope
  • Reject out of scope
  • Group by site or category
  • Inventory export/import
Assessment Updates
  • Daily Application Defense Center updates for latest vulnerabilities
Performance Overhead
  • Network monitoring – Zero impact on monitored servers
Management
  • Web User Interface (HTTP/HTTPS)
  • Command Line Interface (SSH/Console)
Role-Based Controls
  • Flexible role-based management delegates operations and report viewing
Event Notification
  • SNMP
  • Syslog
  • Email
  • Incident management ticketing integration
  • Real-time dashboard
Reports
  • Clear, concise summary and detailed assessment reports
  • Risk analysis reports prioritize risk, severity of vulnerability
  • Reports include remediation actions
Report Formats
  • HTML, PDF, CSV Reports

 

Appliance Specifications:
  SecureSphere DAS G2 SecureSphere DAS G4 SecureSphere DAS G4 FTL
Editions Standard Edition Enterprise Edition Enterprise Edition
Number of Assessed Servers 25 100 100
Upgrade Options None SecureSphere Database Activity Monitoring, Database Firewall, Data Security Suite SecureSphere Database Activity Monitoring, Database Firewall, Data Security Suite
Interfaces 4 x 10/100/1000 Mbps 6 x 10/100/1000 Mbps
(max 4 fiber interfaces)		 6 x 10/100/1000 Mbps
(max 4 fiber interfaces)
Interface Types Copper Copper/Fiber SX/Fiber LX Copper/Fiber SX/Fiber LX
Form Factor 1U, 19 inch rack 2U, 19 inch rack 2U, 19 inch rack
Hard Drive 250GB SATA 250GB SATA (2) Hot-Swap 250GB SATA
Power Supply 250W 350W (2) Hot-Swap 750W total
AC Power 90-264V, 47-63 Hz 100-240V, 50-60 Hz 100-240V, 50-60 Hz

 

Documentation:

PDF File
Download the Imperva SecureSphere Discovery and Assessment Server Datasheet (PDF).