Defend Business-Critical Data and Stop Ransomware with Industry-Leading File Security Technology
File Firewall Specifications
Hackers know what they want and where to find it. Critical data centers such as file servers are targets for your "crown jewels," like intellectual property, financial information, deal data, or PII. Cybercriminals have become increasingly sophisticated, leveraging multiple tactics and tools, all with one goal: getting in. Imperva SecureSphere File Firewall protects sensitive unstructured data where it resides, so that you can prevent breaches, along with their resulting exposure, costs and brand damage.
DETECT AND MITIGATE RANSOMWARE IN REAL-TIME
When it comes to ransomware, time is of the essence. SecureSphere File Firewall leverages deception technology to immediately detect ransomware before it does widespread damage. The solution quarantines infected users or devices based on file access behavior, and uses a combination of real-time capabilities to help security teams detect, block, investigate, and report on ransomware infections. Learn more about how to protect your organization from ransomware.
KNOW WHEN THERE'S TROUBLE-IMMEDIATELY
SecureSphere File Firewall continuously monitors all user access to enterprise file storage systems and keeps a detailed record of file access activities across the company, including the actions of privileged users. Show that you have file security under control by using predefined reports to demonstrate tight controls and blocked attacks.
Quickly Put a Stop to Suspicious Activity
Prevent your files from becoming an easy target for internal and external threats. With SecureSphere File Firewall, you can immediately respond to suspicious file access activity by generating notifications, or in certain situations, blocking access completely. With the industry's leading file security policy framework, you can trust that you have complete protection against unstructured data theft.
Incident Details at Your Fingertips
When it comes to incident response, the sooner the better. Begin file security investigations right away with immediate access to a record of all file activity across your organization. Uncover all the details in just a few clicks with interactive audit analytics that help you identify suspicious behavior, and document problems.
Identify Insider Threats
SecureSphere File Firewall integrates with Imperva CounterBreach to identify users that are abusing their access or attempting to steal to enterprise files. CounterBreach analyzes granular user-centric details (such as user name, user department, client IP, and file share IP) and data-centric details (such as file operation, file path, file type and operation response time) to establish a baseline of typical user access to unstructured data and then pinpoint anomalous activity. Learn more about CounterBreach machine learning technology.
Specification Description Operating Systems Supported
- Windows 2008, 2012, 2012R2 and 2016
- RedHat 5.X
- Solaris 10
File Systems Supported
- Windows file storage systems
- UNIX/Linux file storage systems
- NAS devices
Directory Services Supported
- Microsoft Active Directory users and groups
File System Activity Audit
- User name
- Object name
- Operation (add/remove/delete)
- Object type
- Source and Destination IP
- Metadata and content-based via integration with third party Data Loss Prevention (DLP) vendors such as RSA, Websense, McAfee, and Symantec
- Manual designation
Tamper-Proof Audit Trail
- Audit trail stored in a tamper-proof repository
- Optional encryption or digitally signing of audit data
- Role based access controls to view audit data (read-only)
- Real-time visibility of audit data
- Network: Non-inline sniffer, transparent bridge
- Host: Lightweight agents
- Web User Interface (HTTP/HTTPS)
- Command Line Interface (SSH/Console)
- MX Server for centralized management
Events and Reporting
- Integration with leading SIEM vendors
- Custom followed action
- SecureSphere task workflow
- Integrated graphical reporting
- Real-time dashboard