Accelerating Cloud-Native Data Security Deployments at Scale with Imperva's eDSF Kit

Today’s evolving digital landscape and the rapid expansion of cloud technologies have necessitated a shift in the approach of deploying and managing data security across multiple platforms. Traditional methods of manual deployment of data activity monitoring, risk analytics, and threat detection capabilities can be time-consuming, complex, and potentially prone to errors. In addition, these traditional approaches don’t align with the evolving trends, which leverage cloud services and DevOps tools for processes simplification and automation. This is especially true for organizations with large-scale deployments across multicloud environments.

Enterprise-scale, multicloud, hybrid data security

Imperva Data Security Fabric (DSF) is the first enterprise-scale, multicloud, hybrid solution to protect all data types in the organization with one platform, focusing in risk reduction and compliance management.

Elastic DSF (eDSF) is the vision of DSF. The first phase of this vision is creating automatic, click of a button processes to deploy and upgrade DSF with the introduction of Imperva eDSF Kit. eDSF Kit simplifies the product deployment, upgrades, and ongoing management, as well as makes DSF seamless to the cloud while leveraging cloud services. eDSF Kit currently supports these automatic processes for Amazon Web Services (AWS) and Microsoft Azure. Imperva will expand these capabilities to Google Cloud Platform (GCP), Oracle Cloud Infrastructure (OCI), and any hybrid multi-cloud environment over time, based on customer feedback.

Overcoming time-sensitive mandatory task performed by System Admins and DevOps teams

Constantly installing and upgrading security components can be challenging for system administrators and DevOps teams. Whether they are dealing with new deployments or upgrades across numerous cloud service provider platforms, they need to proceed via a transparent process with no impact to their security posture while maximizing productivity in minimal time.

What is Terraform?

Infrastructure as Code (IaC) is a key practice in DevOps that involves managing and provisioning computing infrastructure through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. IaC allows teams to build, change, and manage infrastructure in a safe, consistent, and repeatable way.

Terraform is an open-source IaC tool that allows engineers to define their infrastructure resources as code, using a declarative programming language called Hashicorp Configuration Language (HCL). Terraform enables teams to manage infrastructure provisioning, compliance, and management across various cloud providers, data centers, and services. Terraform is provider agnostic, meaning that it supports a large number of cloud providers – Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), Oracle Cloud Infrastructure (OCI), and many more – and the language in which you are writing the code doesn’t change from one provider to another.

If you want to be efficient as a DevOps Engineer then you’re going to need tools that can automate most of your tasks, and that is exactly what Terraform helps you achieve. When it comes to managing cloud resources, Terraform is the de facto standard.

What is Imperva’s eDSF Kit?

Imperva’s eDSF Kit is a fully automated open source tool designed to streamline and enhance your AWS and Microsoft Azure data security deployments. Built upon the principle of IaC, the eDSF Kit uses Terraform recipes to automate the deployment and upgrade processes of the Data Security Fabric (DSF) while covering the product components.

The flexibility and agility of the Imperva eDSF Kit enables full customization of the deployment. You can customize the environment size (e.g. number of different appliances), the architecture structure (e.g. type of Gateways) and the architecture environment characteristics (e.g. number of VPCs and number of accounts).

There are many variations of deployment options. Imperva provides several out-of-the-box Terraform recipes that are already configured to deploy common DSF environment examples. You can use the example as is, or customize it to accommodate your deployment specific requirements.

By using these Terraform code recipes, you can save time on deployments and upgrades of DSF, enhance efficiency and enjoy a deterministic process which reduces the likelihood of human errors that could impact productivity or even cause a system outage.

Why use eDSF Kit?

Working with global companies who maintain hundreds of cloud systems, Imperva understands the challenges and has developed the Imperva eDSF Kit. The eDSF Kit enables you to automatically deploy the full suite of the DSF sub-products – DSF Hub & Agentless Gateways, Data Activity Monitoring (DAM) MXs and Agent Gateways, and Data Risk Analytics (DRA) Admin and Analytics. eDSF Kit will handle all necessary configurations, ensuring seamless integration among all DSF components. In addition, it enables automatic upgrade of the DSF Hub & Agentless Gateways using the Kit.

Advantages of using the eDSF Kit

Infrastructure as Code tool: The eDSF kit is built with Terraform, the most widely used open-source software provisioning tool, which is adopted by many organizations.
Modular: The eDSF Kit incorporates diverse Terraform modules representing various types of DSF components, providing users with the flexibility to create any variant of DSF components to be implemented or upgraded.
Automation: By automating the deployment process, the eDSF Kit significantly reduces the time required for installation or upgrade of Imperva DSF components. This efficiency allows your team to focus on other critical tasks, boosting productivity. Automation enables organizations to implement robust CI/CD pipelines. CI/CD pipelines automate the build, test, and deployment processes.
Scalability: With the eDSF Kit, you can deploy Imperva DSF components across multiple AWS and Microsoft Azure platforms simultaneously. This scalability ensures that you can maintain consistent data security across all your platforms, regardless of their number or complexity.
Risk avoidance: The eDSF Kit minimizes the risk of system outages by reducing human errors in the deployment process. By ensuring a smooth, deterministic, and error-free deployment, the eDSF Kit helps maintain continuous operation of your AWS and Microsoft Azure platforms.
Compatibility: eDSF Kit works within your existing security ecosystem so you can then let the code do the heavy lifting, instead of your DevOps team.
Packaged configurations: The eDSF Kit provides pre-written Terraform example code recipes. These recipes define the infrastructure needed for deploying Imperva DSF components, eliminating the need for manual configuration and orchestration of multi-cloud environments.
Customization: It is very easy to write your own custom Terraform recipe or engage with Imperva Professional Services to assist you with building a custom Terraform-based recipe tailored to your organization’s unique cloud security architecture and deployment needs.

Dramatic deployment results that accelerate time-to-value

Hundreds of Imperva sales engineers, professional services consultants, partners, and customers use the eDSF Kit for rapid multicloud DSF deployments and experience significant reductions in their efforts (up to 97%) leading to faster time-to-value.

Specifically, a large Imperva North America enterprise customer experienced a 97.5% reduction in deployment of DSF using the eDSF Kit. Prior to the availability of the eDSF Kit, this customer manually deployed 2 DSF Hubs and 14 Agentless Gateways in two weeks. Using the eDSF Kit, they were able to deploy 2 DSF Hubs and 20 Agentless Gateways in just 2 hours.

In conclusion, the eDSF Kit is a powerful tool for any system administrator or DevOps team tasked with managing data security on multicloud environment. By leveraging the principles of IaC and the power of Terraform, the eDSF Kit accelerates cloud-native data security deployments at scale, ensuring quick, secure, and efficient installation or upgrade of Imperva DSF components. With the eDSF Kit, you can enhance your AWS and Microsoft Azure data security, boost productivity, and prevent system outages, all while saving valuable time and resources. Imperva is planning to expand the eDSF Kit to other cloud environments such as Google Cloud Platform, Oracle Cloud Infrastructure and any hybrid multi-cloud environment.

Stay tuned!

To learn more on Imperva eDSF Kit for Data Security Fabric, we have provided links to recommended resources: