Cloud Security For AWS Web Applications and Data

Imperva SecureSphere for Amazon Web Services (AWS) delivers the benefits of the renowned SecureSphere Web Application Firewall, Database Activity Monitoring and Database Firewall while natively leveraging important AWS features like VPC, CloudFormation, CloudWatch, and Elastic Load Balancing.

SecureSphere Web Application Firewall analyzes all user access to your business-critical Web applications and protects your applications and their data from attacks. SecureSphere Web Application Firewall dynamically learns your applications’ “normal” behavior and correlates this with the industry’s leading threat intelligence for Web applications to deliver superior protection.

SecureSphere Database Activity Monitoring and Database Firewall provide enterprise-class protection, audit analysis, automated processes and customizable reports running natively on AWS. SecureSphere data protection solutions protect databases from attack, reduce risk and streamline compliance by enabling organizations to leverage common infrastructure, and thus common processes and reporting, both in AWS and on-premises.

SecureSphere Web Application Firewall for AWS and SecureSphere database protection solutions are available on AWS MarketPlace.

Web Security Overview


  AV1000 WAF Gateway AV2500 WAF Gateway AV2500 DAM and DBF Gateway AVM150 Management Server1,2  
Bring Your Own License (BYOL) Annual Subscription
On-demand hourly subscription
On-demand annual subscription

1 On-demand licensing for Management Server only supported for WAF. DAM and DBF require BYOL licenses.
2 WAF and DAM/DBF require separate management server instances.

SecureSphere for AWS is available in multiple configurations, which can be mixed/matched to meet your specific buying needs (min 1 Management Server and 1 Gateway instance)

Key Capabilities

  • Protect Data and Meet compliance Mandates

    As data is moved to AWS, hackers, auditors and compliance mandates follow. SecureSphere Database Activity Monitoring for AWS reduces risk and streamlines compliance by enabling organizations to leverage common infrastructure, and thus common processes and reporting, both in AWS and on-premises.

    SecureSphere Database Activity Monitoring for AWS uses the same scalable architecture proven to cost-effectively support thousands of databases on-premises in AWS as well. Lightweight SecureSphere agents run on database nodes to monitor local traffic. Non-intrusive virtual appliances (deployed individually or in HA pairs) monitor network traffic and also offload processing from the agents, keeping impact upon the databases themselves minimal. SecureSphere MX management servers provide detailed out-of-the box reporting and alerting to speed time-to-value and improve efficiency of AWS security.

  • Safeguard AWS Applications With The Only Enterprise-Class Web Application Firewall For AWS
    amazon aws cloud security

    As the market-leading Web application firewall, more organizations rely on SecureSphere to protect their critical Web applications than any other solution. SecureSphere for AWS is the only enterprise-class Web application firewall for AWS, and provides your business with a practical, highly secure solution to prevent Web attacks without blocking your customers. SecureSphere incorporates patented technologies that boost AWS security accuracy and automate management.

    SecureSphere Web Application Firewall is also available on AWS GovCloud, to enable government agencies to quickly and easily migrate critical apps and workloads to the cloud, with the peace of mind that comes from knowing the data and applications are protected.

  • Scale Web Application Firewall Security Elastically with Your AWS Applications

    Extend the scalability benefits of AWS to your Web Application Firewall with SecureSphere. SecureSphere for AWS provides the same elasticity and ease-of-deployment that AWS customers have come to expect from the world’s largest public cloud. SecureSphere for AWS customers can take advantage of important AWS features like CloudFormation, Elastic Load Balancing and CloudWatch.

    • CloudFormation: provides easy deployment, scaling and elasticity. Customers can define network settings and elasticity parameters like scaling groups in different availability zones.
    • Elastic Load Balancing: balances traffic load, detects unavailable instances, and routes around them.
    • CloudWatch: detects critical issues like high CPU or bandwidth utilization, and automatically spawns new web application firewall instances which then register with the SecureSphere Management Server and synchronize security settings.
  • Eliminate Downtime with Elastic Load Balancing and HA
    amazon cloud security

    SecureSphere Web Application Firewall integrates with Amazon’s Elastic Load Balancing to handle large traffic loads and boost uptime. Elastic Load Balancing offers fault tolerance by detecting when instances are down, automatically rerouting traffic to available instances in one Availability Zone or across multiple Availability Zones. With SecureSphere, you can take advantage of native AWS infrastructure capabilities for load balancing and auto-scaling, which improves availability and streamlines IT operations. SecureSphere MX Management Servers can also be deployed in high-availability pairs— within a single availability zone or across availability zones—within a single AWS region.

  • Use AWS CloudFormation to Quickly Deploy AWS Security
    AWS Cloud Security

    By supporting AWS CloudFormation, you can quickly and easily roll out and scale your SecureSphere for AWS cloud security deployment. With CloudFormation, you can provision SecureSphere for AWS in minutes by using simple templates to define network configuration, CloudWatch monitoring and more. SecureSphere Web Application Firewall CloudFormation templates can be further extended to configure Elastic Load Balancing and auto-scaling to dynamically add and remove SecureSphere Web Application Firewall gateways as application traffic changes.

  • Monitor SecureSphere Gateway Health
    AWS security

    By integrating with Amazon CloudWatch, you can track the status of SecureSphere gateway instances and view resource utilization and performance metrics. CloudWatch also detects problems like high CPU utilization and can launch new SecureSphere Web Application Firewall instances as needed. By supporting Amazon CloudWatch, SecureSphere for AWS helps deliver a single point of visibility into the security, health and performance of your AWS deployment.