• Imperva SecureSphere Appliances: A Comprehensive Foundation for Cyber Security


    Whether you need to deploy SecureSphere in a physical or a virtual data center--on-premise or in the cloud--Imperva has you covered. SecureSphere virtual appliances support flexible deployment on VMware ESX, Amazon Web Services (AWS), and Microsoft Azure environments. Physical appliances deliver high performance, resiliency, and integrated fail open interfaces for high availability.

      • Hardware Appliances
         
      • Virtual Appliances
         
      • SecureSphere
        for AWS
      • SecureSphere
        for Azure
      • Superior Performance, Scalability, and Resilience

        SecureSphere hardware appliances deliver ultra-fast security, high performance monitoring and auditing, and resiliency for demanding network environments. SecureSphere hardware appliances provide you with the flexibility, reliability, and performance needed to power SecureSphere cyber security solutions.



        Key Capabilities

        • Support Massive Traffic Loads with Multi-Gigabit Throughput

          Built on a high-performance architecture, SecureSphere appliances enable you to manage heavy traffic loads without impacting application or network performance. High transaction rates and low latency meet the exacting requirements of the largest enterprises and service providers. SSL acceleration, provided standard with the X6510 model and available as an add-on for other models, offers you lightning-speed SSL performance.

        • Maximize Uptime with Redundant, Hot-Swappable Components

          You can ensure continuous availability with redundant hardware components. The SecureSphere X2510, X4510, and X6510 models include redundant power supplies and hard drives. SecureSphere appliances deliver a powerful and reliable platform for deploying the award-winning SecureSphere Web, Database, and File Security solutions.

        • Satisfy Security, Management, and Storage Requirements with Expansion Options

          SecureSphere appliances can be extended to provide remote, out-of-band management and monitoring, performance acceleration, and more with expansion modules. Options include:

          • Intelligent Platform Management Interface (IPMI)
          • Hardware Security Module (HSM)
          • SSL acceleration
          • Fibre Channel interfaces
        • Security For High Bandwidth Data Centers

          Companies are running bandwidth intensive, content rich applications that process more data and more transactions than ever before. With Imperva SecureSphere, you can rest assured that your high value applications and data are safe with our high throughput X8510 and X10K appliances, designed to meet the needs of demanding data center environments.

        • SecureSphere Hardware Appliance Specifications
          Specifications X10K X8510 X6510 X4510 X2510 X2020 X1020
          Throughput (Web and Database Security Products) 10 Gbps 5 Gbps 2 Gbps 1 Gbps 500 Mbps 500 Mbps 100 Mbps
          Throughput (SecureSphere for SharePoint) 10 Gbps 5 Gbps 2 Gbps 1 Gbps 500 Mbps Not Available Not Available
          Throughput (File Firewall) 10 Gbps Not Available Not Available 4 Gbps 2 Gbps Not Available Not Available
          Fault Tolerant (Form Factor) Yes (2U) Yes (2U) Yes (2U) Yes (2U) Yes (2U) No (1U) No (1U)

          Refer to the SecureSphere Appliances Datasheet and the SecureSphere High Performance Appliances Datasheet for detailed specifications.

        • SecureSphere Management Appliances

          The M-series management appliances offer you increased storage capacity, faster disk speeds, and expansion options to provide Intelligent Platform Management Interfaces (IPMI) or Fibre channel interfaces.


          Specifications M160 M120
          FTL/Form Factor Yes (2U) No (1U)

          Refer to SecureSphere Appliances Datasheet for detailed specifications.

        • Ultra High Bandwidth

          Imperva SecureSphere, in conjunction with our network visibility partners, delivers a scalable, high-performance cyber security solution for your bandwidth-intensive applications. Leveraging solutions from Net Optics, an Ixia company, and Gigamon, SecureSphere deployments easily scale to meet the needs of high bandwidth and cloud deployments. These network visibility solutions distribute your high volume of inbound traffic across multiple SecureSphere gateways, ensuring only relevant protocols are sent to SecureSphere Web, Database, and File Security gateways.

      • Virtualize Your Security and Compliance with SecureSphere Virtual Appliances

        SecureSphere Virtual Appliances provide all of the capabilities of SecureSphere hardware appliances in a flexible, easy to install software solution based on VMware ESX. Virtual Appliances offer you adaptable, reliable, and manageable security no matter what size organization you are in. With SecureSphere Virtual Appliances, you can leverage existing hardware for appliance consolidation, maximize the utilization of your servers, and lower power, cooling, and support costs.

        Key Capabilities

        • Leverage the Same, Best-in-class SecureSphere Capabilities You Know and Love

          SecureSphere Virtual Appliances provide all of the security and management functionality of the entire SecureSphere product line in a software form factor. Supporting SecureSphere Web, Database, and File Security Solutions, as well as MX Management, and SecureSphere Operations Manager, SecureSphere Virtual Appliances help you meet security and compliance requirements for your virtual data center.

        • Inspect Inter-VM Communications and Support Disaster Recovery

          If you've installed web servers and database servers and other applications on a single hardware device, you can leverage SecureSphere Virtual Appliances to inspect traffic sent between virtual machines. SecureSphere Virtual Appliances also help you support VMotion for disaster recovery and workload migration requirements.

        • Lower Your Capital and Operational Costs and Drive Cloud Computing Initiatives

          Data center virtualization is a game-changer for IT. Virtualization allows you to lower hardware costs and maximizes uptime. With SecureSphere Virtual Appliances, you can enjoy all of the benefits of virtualization, and ensure that your virtualized assets are protected. Plus, you can deploy SecureSphere Virtual Appliance on your preferred choice of hardware.

        • SecureSphere Virtual Appliance Models
          Performance V4500 V2500 V1000
          Throughput (Web and Database Security and Secure products)* Up to 1 Gbps Up to 500 Mbps Up to 100 Mbps
          Throughput (SecureSphere for SharePoint)* Up to 1 Gbps Up to 500 Mbps Not Applicable
          Throughput (File Activity Monitoring & File Firewall)* Up to 4 Gbps Up to 2 Gbps Not Applicable

          Minimum Hardware Requirements

          Minimum Requirements per Physical Host
          Hypervisor ESX/ESXi 4.x/5.0/5.1/5.5
          Processor Dual core server Intel VTx or AMD-V
          Hard Drive 250 GB
          Network Interface Hypervisor-supported network interface card
          Minimum Requirements for Each Guest SecureSphere Virtual Appliance
          V4500 V2500 V1000 VM150
          CPU 4 2 2 2
          Memory 8 GB 4 GB 4 GB 4 GB**
          Disk Space 160 GB 160 GB 160 GB 160 GB

          *Actual performance is dependent upon underlying hardware and virtual infrastructure

          ** Expandable to 32 GB for SecureSphere V11.0 and above

          Refer to the SecureSphere Appliances Datasheet for detailed specifications.

      • Enterprise-Class App and Data protection for your AWS Environment

        As organizations move data and apps to Amazon Web Services (AWS), they can lower hardware and operational costs. But this raises new security risks, especially if existing security and compliance controls assume on-prem applications. With Imperva SecureSphere for AWS, you can move your applications and data to AWS, use common security infrastructure to protect data and apps and meet compliance mandates both on-prem and in the cloud.

        Key Capabilities

        • Protect AWS Applications with An Enterprise Class Web Application Firewall

          Run your applications in the Amazon cloud while maintaining best-in-class web application protection. SecureSphere WAF for AWS provides all of the features and functionality of the market-leading SecureSphere Web Application Firewall, but with deployment and networking enhancements designed specifically for Amazon cloud environments.

          SecureSphere WAF for AWS supports server elasticity and easy deployment—capabilities that Amazon AWS customers have come to expect. SecureSphere WAF for AWS customers can take advantage of important AWS features like Elastic Load Balancing, CloudFormation and CloudWatch. With on-demand pricing, you can keep costs under control by quickly spinning SecureSphere instances up or down as you experience variations in web application traffic.

          SecureSphere WAF is also available on AWS GovCloud, to enable government agencies to quickly and easily migrate critical apps and workloads to the cloud, with the peace of mind that comes from knowing applications and the data behind them are protected.

        • Protect Data and Meet Compliance Mandates for Databases Running on AWS

          As data is moved to AWS, hackers, auditors and compliance mandates follow. SecureSphere data protection solutions for AWS protect databases, reduce risk and streamline compliance by enabling organizations to leverage common infrastructure, and thus common processes and reporting, both in AWS and on-prem.

          SecureSphere DAM and DBF for AWS use the same scalable architecture proven to cost effectively support thousands of databases on-prem in AWS as well. Lightweight SecureSphere agents run on database instances to monitor local traffic. Non-intrusive virtual appliances (deployed individually or in HA pairs) monitor network traffic and also offload processing from the agents, keeping impact upon the databases themselves minimal. SecureSphere MX management servers provide detailed reporting and alerting out-of-the box to speed time-to-value and improve efficiency.

        • SecureSphere for AWS Models
          Performance AV1000 AV2500 AVM150
          Supported SecureSphere Products Web Application Firewall Web Application Firewall, Data Activity Monitoring, Database Firewall MX Management Server
          Throughput Up to 100 Mbps Up to 500 Mbps Not Applicable
          Minimum Requirements for Each SecureSphere for AWS Instance
          Minimum AWS Instance Type M3 Large M3 Extra Large M3 Extra Large
          SecureSphere for AWS Technical Details
          AWS Service Integration EC2, CloudFormation, CloudWatch, VPC, Autoscale (WAF only)
          SecureSphere Operating System CentOS version 6.3
          Delivery Method 64-bit Amazon Machine Image (AMI)

          Learn More about SecureSphere for AWS

      • Protect Your Critical Web Applications and Data

        Microsoft Azure enables organizations to deploy mission-critical applications to the cloud that scale with your business, and avoid the time and expense of building an on-premise data center. Imperva delivers the industry leading SecureSphere security platform to protect your applications and data hosted in Microsoft Azure.

        SecureSphere Web Application Firewall (WAF) for Microsoft Azure analyzes user access to all your critical web applications and protects your applications from cyber-attacks. It dynamically learns your applications’ “normal” behavior and correlates this with Imperva ThreatRadar – a globally crowd-sourced threat intelligence service, to deliver superior protection for your web applications. A single SecureSphere Management Server can manage multiple virtual instances of SecureSphere WAF also hosted in Azure.

        SecureSphere data audit and protection solutions monitor and protect your sensitive data in the Azure cloud with the same market-leading audit and security capabilities as the on-premise solution. The hybrid Azure cloud and on-premise deployment model ensure a comprehensive coverage and uniform policy enforcement across your evolving database, file and Big Data environment.

        SecureSphere Web Application Firewall for Azure is available on Azure Marketplace for customers with a “bring your own licensing” (BYOL) model. In addition, the SecureSphere Deployment Kit is available for Azure Security Center, which enables customers to streamline provisioning of multiple SecureSphere WAFs, and ensure the overall security posture of applications in Azure.


        Azure-Diagramc

        Key Capabilities

        • Protect Applications on Azure with Enterprise-Class Web Application Firewalls

          As the market-leading web application firewall, more organizations rely on SecureSphere to protect their critical web applications than any other solution. SecureSphere for Azure is the only enterprise-class web application firewall that provides your business with a practical, highly secure solution to prevent web attacks without blocking your customers. SecureSphere incorporates patented technologies that boost web security accuracy and automate management.

        • Streamlines Web Application Security with Your Applications on Azure

          Extend the scalability benefits of Azure to your Web Application Firewall with SecureSphere. SecureSphere for Azure customers can take advantage of significant Azure features like Azure Resource Manager, Load Balancing, and Azure Application Insights.

          • Azure Resource Manager: streamlines SecureSphere WAF deployment, scaling, and elasticity.
          • Load Balancing: balances traffic load, detects unavailable instances, and routes around them.
          • Azure Application Insights: identifies critical issues like high CPU or bandwidth utilization, and automatically spawns new web application firewall instances on Azure.
          • Azure Security Center: SecureSphere Deployment Kit is available for Azure Security Center, to streamline provisioning of multiple SecureSphere WAFs.
        • Eliminate Downtime with Automatic Load Balancing and HA

          SecureSphere Web Application Firewall integrates with Azure Load Balancing to handle large traffic loads and boost uptime. Azure Load Balancing offers fault tolerance by detecting when instances are down, automatically rerouting traffic to available instances in one Availability Set or across multiple Availability Sets. SecureSphere MX Management Servers can also be deployed in high availability pairs, both within a single availability set or across availability sets, within a single Azure region.

        • Streamline Deployment with Azure Resource Manager

          With Azure Resource Manager (ARM), you can provision SecureSphere for Azure in minutes by using simple templates to define network configuration, Azure Application Insights monitoring and more. SecureSphere Web Application Firewall ARM templates can be further extended to configure Azure Load Balancing and auto-scaling to dynamically add and remove SecureSphere Web Application Firewall gateways as application traffic changes. SecureSphere for WAF can also be deployed using Azure Classic Mode.

        • Monitor SecureSphere Gateway Health

          With Azure Application Insights, you can track the status of SecureSphere gateway instances and view resource utilization and performance metrics. Azure Application Insights also detects problems like high CPU use and can launch new SecureSphere Web Application Firewall instances as needed. By supporting Azure Application Insights, SecureSphere for Azure helps deliver a single point of visibility for security, health and performance of your SecureSphere gateways in Azure.

        • Azure Security Center Integration

          The SecureSphere Deployment Kit for Azure Security Center is available to streamline provisioning and monitoring of multiple WAFs to secure a large application environment hosted on Azure. It makes it easy to deploy enterprise-grade SecureSphere solutions from Imperva to rapidly monitor and secure applications on Azure. The SecureSphere Deployment Kit:

          • Automates deployment of Imperva security solution on Azure
          • Provides centralized visibility into security alerts and makes it easy to respond to incidents
          • Monitors the health of Imperva security components along with the application elements on Azure