Efficient Operations, Low Ongoing Maintenance
Automated Policy Configuration and Maintenance
Implementing a white-list security model has traditionally required constant manual tuning. The application firewall white list needed to be updated whenever the Web application changed. Dynamic Profiling eliminates manual tuning by automatically modeling Web applications and adapting to application changes. SecureSphere administrators still have full access to modify application profiles and create custom policies.
Centralized Management for Enhanced Data Security
The SecureSphere MX Management Server offers centralized configuration, monitoring, and reporting for larger environments, including mixed Web and database deployments. Hierarchical organizational groupings, granular administrative permissions, and a unique task-oriented workflow streamline management of large enterprise and ASP environments.
Enterprise Class Reporting for Auditing and Compliance
SecureSphere offers rich graphical reporting capabilities, enabling customers to easily understand security status and meet regulatory data compliance requirements. SecureSphere provides both pre-defined and fully-customizable Web based reports. Reports can be viewed on demand or emailed on a daily, weekly or monthly basis. SecureSphere's reporting platform provides instant visibility into security, compliance, and content delivery concerns.
Monitoring and Alerting
SecureSphere screens important database activity and provides the highest level of security.
A dashboard provides a real-time, high-level view of system status and security events. Alerts are easily searched, sorted, and directly linked to corresponding security rules. For flexible integration with Security Event Management products, SecureSphere supports syslog, SNMP, and direct ODBC access.
Application User Tracking
Imperva's Dynamic Profiling technology enables SecureSphere to monitor, enforce and audit policy on a per-user basis by automatically capturing Web application user names and associating all subsequent session activity with that specific user name.
Optional Database Protection
The SecureSphere Web Application Firewall can be extended, via the SecureSphere Database Security Gateway, to monitor and protect Oracle, MS-SQL Server, DB2 and Sybase databases from external attacks and insider abuse, providing end-to-end security for the data center. By leveraging SecureSphere's Application User Tracking to deliver Universal User Tracking, it can trace individual SQL queries back to the Web user, providing unparalleled visibility into database requests, changes and violations.
- SecureSphere Web Application Firewall Datasheet
(English | 汉语 | Français |
עברית | 日本語 | Deutsch) - Understanding Web 2.0: Technologies, Risks and Best Practices Whitepaper
- The Top 5 Identity Theft Attacks Whitepaper
- SecureSphere SQL Injection Protection Whitepaper
- The New PCI Requirement: Application Firewall vs. Code Review TCO Whitepaper
- Securing Web Applications and Databases for PCI Compliance Whitepaper