Twitter Us!

Imperva - Database and Application Security, Reporting and Audit Solutions.Imperva SecureSphere - Data Security Suite

Full Visibility and Control for Applications and Databases

 

Overview:

The SecureSphere Data Security Suite delivers a complete lifecycle for Web application and database security in a single platform. By securing transactions from the end user through the Web application to the database, the SecureSphere Data Security Suite offers complete data security and visibility. SecureSphere can identify the unique application users that performed database queries—even in multi-tier environments. This Universal User Tracking capability provides user accountability to database audit trails and compliance reports.

As the premier SecureSphere Suite it combines the power of the Web Application Firewall, the visibility of the Database Activity Monitoring and the vulnerability tests of the Discovery and Assessment Server. The Data Security Suite provides complete visibility into application data usage and more accurate protection against a large variety of sophisticated attacks.

Data Center and DMZ Databases and Web Application Servers

Benefits:

  • Complete Application and Database Security Suite to secure databases and the applications that use them
  • Accurately protects against sophisticated attacks such as SQL Injection, Cross Site Scripting and database protocol manipulation
  • Tracks application users to database transactions, even for pooled connections
  • Streamlines auditing and compliance with automated data collection and analysis and a powerful compliance reporting engine
  • Scales to support large, distributed environments with centralized management

Features:

  • Fully Integrated Data Security Suite – The Data Security Suite is the complete integrated package of the other SecureSphere product lines- Web Application Firewall, Discovery and Assessment Server, Database Activity Monitoring, and Database Firewall.
     
  • Accurate Protection against Web application and Database Attacks – SecureSphere detects multiple types of security violations, including unexpected application or database requests, known (signature-based)attacks, privilege abuse, protocol violations, and session exploits.
     
  • Complete Visibility – From the database to the application end user, the SecureSphere Data Security Suite can monitor and track the full transaction. SecureSphere audits all types of activities, including all types of SQL operations and local, privileged access by DBAs. Supporting heterogeneous database deployments, SecureSphere is the clear choice for data auditing, monitoring and forensics.
     
  • User Accountability – The SecureSphere Data Security Suite makes individual users accountable even when user connections are pooled by an application server. Imperva’s innovative Universal User Tracking capability offers four different user tracking mechanisms to correctly identify end users regardless of how the users authenticate and access the database.
     
  • Discovery and Assessment – SecureSphere offers server and sensitive data discovery, configuration assessment, and behavior assessment. SecureSphere enables organizations to identify and prioritize risks, mitigate vulnerabilities, and document compliance.
     
  • Data Leak Prevention – SecureSphere detects and can optionally block sensitive data leaks, such as credit card and social security numbers, from Web applications and databases.
     
  • Automated, Intuitive Management – Imperva’s unique Dynamic Profiling technology automatically learns the structure, elements, and expected usage of protected applications and databases.
     
  • Enterprise-grade Centralized Management – Scaling to protect large, distributed data centers, the MX Management Server centralizes the configuration, monitoring and reporting of multiple appliances.
     
  • Integrated Risk Management – Includes innovative Risk Dashboard to visualize and prioritize data security activities based on risk.
     
  • Business Relevant Reporting – SecureSphere includes a powerful reporting framework with both pre-defined and fully-customizable reports that offers instant visibility for security and compliance requirements.

SecureSphere DSS Dashboard

Solutions:

Trusted Leader in Data Security

With the only solution in the world that protects data from the database, through the application, to the end user, Imperva understands that Web and database security together are designed to achieve one ultimate goal: to safeguard sensitive data.

Combining the security of the SecureSphere Web Application and Database Firewalls, the visibility of Database Activity Monitoring, and the vulnerability management of the Discovery and Assessment Server, the SecureSphere Data Security Suite provides a comprehensive risk management framework to assess, audit and protect the most critical assets in any organization: the database and the business applications that use them.

User Accountability
By unifying Web and database activity monitoring, SecureSphere solves a key requirement for audit and compliance: identifying application end users that performed database transactions, even in multi-tier environments.

SecureSphere’s Universal User Tracking discovers application IDs, monitors user sessions and correlates those sessions with specific database transactions. SecureSphere accurately associates application users with SQL queries, enforcing user accountability as mandated by compliance regulations.

Complete Visibility and Control
By providing an integrated solution, organizations gain unmatched insight, accurate identification of end users, and correlation of application and database activity. SecureSphere is the clear choice to assess, monitor and protect sensitive data.

Discovery and Assessment Server

The SecureSphere Data Security Suite includes the Discovery and Assessment Server, which discovers database servers, classifies database data based on sensitivity level, and assesses databases for vulnerabilities.

To assess organizations’ security and compliance posture, SecureSphere scans databases for over 500 software vulnerabilities, configuration flaws, privilege errors, and compliance violations.

All assessment results are presented in easy to understand reports that prioritize risk, support targeted corrective action, and document compliance status.

Database Activity Monitoring

SecureSphere delivers automated and scalable activity monitoring, auditing, and reporting for Oracle, MS-SQL, DB2, Informix, MySQL, Sybase, and SybaseIQ. SecureSphere tracks SQL transactions for forensics, prevents database leaks, and ensures data integrity by establishing an independent audit trail of user activity.

Detailed Activity Monitoring
SecureSphere captures all database actions, including DML, DDL, DCL and read-only activity, as well as changes made to store procedures, triggers, and database objects, ensuring complete audit trails of database activity.

Audit Analytics and Compliance Reports
Visibility into audited activities enables non-technical auditors to analyze, correlate, and view database activity with just a few mouse clicks, uncovering the patterns and trends that indicate security risks. SecureSphere provides both fullycustomizable and “out-of-the-box” reports for security and compliance.

Zero Impact on Performance
Unlike native database logging or software auditing, SecureSphere imposes no impact on database or application performance.

Database Firewall

Building on the visibility provided by Database Activity Monitoring, the SecureSphere Database Firewall provides real-time protection to prevent database intrusions, fraud, and sensitive data loss.

Web Application Firewall

The SecureSphere Data Security Suite leverages the power of the market-leading SecureSphere Web Application Firewall to protect applications against sophisticated attacks. SecureSphere accurately blocks SQL injection, Cross-Site Scripting (XSS) and brute force login, stops online identity theft, and prevents data leaks from applications.

Automated Security
SecureSphere’s unique Dynamic Profiling technology automatically learns the structure, elements and usage of protected Web applications. By comparing transactions to the profile, SecureSphere detects malicious activity with pinpoint precision.

Unparalleled Accuracy
SecureSphere performs multiple layers of inspection, detecting:

  • Usage violations by Dynamic Profiling
  • Application attack signatures
  • HTTP protocol violations
  • Network and platform attacks
  • Web services (XML) attacks
  • Session exploits
  • Data leakage signatures

With transparent deployment, automated and up-to-date security, and low operational overhead, SecureSphere is the only choice to protect critical applications and databases.

Addressing the Full Data Security and Compliance Life Cycle

With an increasing number of industry and government regulations, businesses must implement a repeatable process that addresses data governance and data protection. The SecureSphere Data Security Suite empowers organizations to establish a successful framework for security and standards compliance.

Because many regulations are vague and subject to interpretation, organizations have wasted valuable time and expense coordinating separate compliance initiatives. However, even though the number of regulatory mandates is escalating, more and more regulations present common themes.

Imperva has outlined an actionable set of steps that helps organizations meet many of the regulatory requirements that oversee data governance and data protection.

This iterative compliance framework comprises the following four steps:

  1. Discover and Assess
  2. Set Policies and Controls
  3. Monitor and Enforce
  4. Measure

Using this framework, organizations can satisfy compliance requirements, as well as align business objectives, implement controls, and ensure robust security.

Data Security and Compliance Lifecycle


Features and Appliance Specifications:

Features Specifications:
Integrated Suite
  • Licensed to include the full features for the following: Web Application Firewall, Discovery and Assessment Server, Database Activity Monitoring, and Database Firewall.
Databases Supported
  • Oracle
  • MS-SQL
  • Sybase
  • DB2
  • Informix
  • Teradata
  • MySQL
Data Discovery and Classification
  • Database servers
  • Financial Information
  • Credit Card Numbers
  • System and Application Credentials
  • Personal Identification Information
  • Custom data types
Vulnerability Assessment
  • Operating System vulnerabilities
  • Database vulnerabilities
  • Configuration flaws
  • Risk scoring and mitigation steps
Database Audit
  • All SQL operations - DML, DCL, DDL
  • Database, application user name
  • Timestamp
  • Stored procedures, prepared statements, triggers
  • Source IP, OS, application
  • Full (raw) SQL query and response
Database Security
  • Dynamic Profile of user activity
  • Database attack signatures
  • SQL protocol violations
Web Securiy
  • Dynamic Profile (White List security)
  • Web server & application signatures
  • HTTP RFC compliance
  • Normalization of encoded data
HTTPS/SSL Inspection
  • Passive decryption or termination
  • Optional HSM support for SSL key storage
Web Services Security
  • XML/SOAP profile enforcement
  • Web services signatures
  • XML protocol conformance
Platform Security
  • Operating system intrusion signatures
  • Known and zero-day worm security
Network Security
  • Stateful firewall
  • DoS prevention
Advanced Protection
  • Correlation rules incorporate all security elements (white list, black list) to detect complex, multi-stage attacks
Fraud Prevention
  • Unauthorized activity on sensitive data
  • Unexpected source IP or time of day
  • Abnormal user activity
Data Leak Prevention
  • Credit card number
  • PII (personally identifiable information)
  • Pattern matching
Policy/Signature Updates
  • Security updates provided weekly or immediately for critical threats
Management
  • Web User Interface (HTTP/HTTPS)
  • Command Line Interface (SSH/Console)
Administration
  • MX Server for centralized management
  • Integrated management option (G4, G8)
  • Hierarchical management groupings
Monitoring
  • SNMP
  • Syslog
  • Email
  • Incident management ticketign integration
  • SecureSphere task workflow
  • Custom followed action
  • Integrated graphical reporting
  • Real-time dashboard
High Availability
  • IMPVHA (Active/Active, Active/Passive)
  • Fail open interfaces (bridge mode only)
  • VRRP
  • STP and RSTP
Deployment Modes
  • Transparent Bridge (Layer 2)
  • Router (Layer 3)
  • Non-inline sniffer
  • Light-weight agents for database host monitoring
  • Agentless collection of database audit logs

 

Appliance Specifications:
  Imperva X6500 Imperva X4500 Imperva X2500 Imperva X2000 Imperva X1000
  X6500 X4500 X2500 X2000 X1000
Fault Tolerance Dual, hot-swap hard drives, power supplies, and fans Dual, hot-swap hard drives, power supplies, and fans Dual, hot-swap hard drives, power supplies, and fans N/A N/A
Throughput 2 Gbps 1 Gbps 500 Mbps 500 Mbps 100 Mbps
HTTP Transactions/Sec 44,000 36,000 22,000 22,000 8,000
SQL Transactions/Sex 200,000 100,000 50,000 N/A N/A
Latency Sub-millisecond Sub-millisecond Sub-millisecond Sub-millisecond Sub-millisecond
Interfaces 10 x 10/100/1000 Mbps
(max 4 Fiber interfaces; optional 10Gbps Fiber)		 6 x 10/100/1000 Mbps
(max 4 Fiber interfaces; optional 10Gbps Fiber; optional 4 additional Copper)		 6 x 10/100/1000 Mbps
(max 4 Fiber interfaces)		 6 x 1GbE 6 x 1GbE
Interface Types Copper, Fiber SX, Fiber SR or Fiber LR Copper, Fiber SX, Fiber SR or Fiber LR Copper or Fiber SX Copper Copper
Max Network Segments (4) Bridge; (9) Proxy, Non-inline (4) Bridge; (9) Proxy, Non-inline (2) Bridge; (5) Proxy, Non-inline (2) Bridge; (5) Proxy, Non-inline (2) Bridge; (5) Proxy, Non-inline
Inline Fail Open (Bridging only) 4 bypass segments Up to 4 bypass segments 2 bypass segments 2 bypass segments 2 bypass segments
Hard Drive 2 hot-swap 1 TB 2 hot-swap 1 TB 2 hot-swap 500 GB 500 GB 500 GB
Memory 8 GB 8 GB 4 GB 4 GB 2 GB
Serial Port RJ45 connector RJ45 connector RJ45 connector RJ45 connector RJ45 connector
USB Port 2 2 2 2 2
SSL Acceleration Included Optional Optional N/A N/A
Fibre Channel, LOM or HSM Optional Optional Optional N/A N/A
Power Supply Dual 400 W Dual 400 W Dual 400 W 250 W 250 W
AC Power 100-240V, 50-60 Hz 100-240V, 50-60 Hz 100-240V, 50-60 Hz 100-240V, 50-60 Hz 100-240V, 50-60 Hz
Typical Consumption 290 W 210 W 190 W 110W 80 W
Typical Heat Output 990 BTU/Hr 720 BTU/Hr 650 BTU/Hr 375 BTU/Hr 275 BTU/Hr
Form Factor 2U 2U 2U 1U 1U
Dimensions 17.4 x 20.1 x 3.46 in 443 x 512 x 88 mm 17.4 x 20.1 x 3.46 in 443 x 512 x 88 mm 17.4 x 20.1 x 3.46 in 443 x 512 x 88 mm 17 x 14 x 1.73 in 431.8 x 355.2 x 44 mm 17 x 14 x 1.73 in 431.8 x 355.2 x 44 mm
Weight 53.3 lbs (24.2 Kg) 51.10 lbs (23.2 Kg) 50.44 lbs (22.9 Kg) 14.1 lbs (6.4 Kg) 14.1 lbs (6.4 Kg)
Operating Environment Temperature: 5° - 40° C
Relative Humidity: 20% - 90%
Storage Environment Temperature: 0° - 70° C
Relative Humidity: 20% - 90%
Safety Agency Approval CE/FCC/cTUVus/VCCI
Supported SecureSphere Products Web Application Firewall
Discovery and Assessment Server
Database Activity Monitoring
Database Firewall
Data Security Suite		 Web Application Firewall
Web Application Firewall Standard Edition (SE)
Discovery and Assessment Server
Database Agents Included1 100 50 20 N/A N/A
Database Vulnerability Assessments Included2 400 200 100 100 25

1 Database agents only included with SecureSphere Database Activity Monitoring, Database Firewall, and Data Security Suite.
2 Database assessments only included with Discovery and Assessment Server, Database Activity Monitoring, Database Firewall, and Data Security Suite. (and Discovery and Assessment Server for X2000 and X1000)

View Demo:

 

Documentation:

PDF File
Download the Imperva SecureSphere Data Security Suite Datasheet (PDF).