SecureSphere Database Audit and Protection
Monitor database activity, detect and stop unauthorized data access, and simplify compliance with data privacy and protection regulations.
Monitor and protect any data, anywhere
Define and enforce uniform security and compliance policy for data across the cloud and on-premises. SecureSphere supports databases in Amazon Web Services and Microsoft Azure. Get single pane of glass management across all types of data stores including big data, data warehouses, relational databases, mainframes, and files.
Identify suspicious activity
Get alerted to suspicious access activity. Dynamic profiling automatically builds a white list of the data objects regularly accessed by individual database accounts. Create policies that alert or block access when a profiled account attempts to access a data object that is not whitelisted. SecureSphere integrates with Imperva CounterBreach, which develops a full contextual baseline of typical user access to database tables using machine learning and peer group analysis.
Deploy your way
SecureSphere supports multiple deployment methods, including a local agent, a network transparent bridge option and a non-inline sniffer mode. By using a combination of deployment methods, you can meet a wide variety of enterprise needs without being locked into a one-size-fits-all deployment model.
Multi-tier architecture, highly efficient agents and big data logging techniques enable monitoring of more data sources with fewer appliances and resources. High-performance appliances manage heavy traffic loads with minimal impact to database, application or network performance. Automatic load balancing, clustering and automated health monitoring help ensure high availability and uninterrupted monitoring and logging.
Monitoring and auditing for all database activity
Get complete visibility into all database transactions, including local privileged user access and service accounts. SecureSphere continuously monitors and audits all logins/logouts, updates, privileged activities and more. Create a granular audit trail that pinpoints the “who, what, when, where and how” of each transaction.
Stop database threats with pre-defined security policies and blocking. SecureSphere looks for attacks on the protocol and OS level, as well as unauthorized SQL activity. Alerts, temporary quarantines, and if appropriate, blocking unauthorized activities protect data.
Leverage your existing investments with integrations to key security technologies. SecureSphere integrates with SIEM products such as Splunk, ArcSight and QRadar and IAM products such as CyberArk. Splunk customers can take advantage of the free Imperva Database Audit Analysis App for Splunk. Integration with Imperva CounterBreach reduces the noise sent to the SIEM.
Database Firewall and Database Activity Monitor Specifications1
|Supported Database Platforms||
* Agent Compatibility Package(ACP): SecureSphere now provides a dynamic mechanism for updating agents with protocol and other changes. These updates are automatically distributed using the Agent Compatibility Package (ACP) through Software Updates but can also be manually uploaded.
|Supported Big Data Platforms||
1 Note: Not all functionality is available in all configurations, for more information please contact an Imperva SecureSphere representative.