Products for this Rolling Review must be capable of monitoring, detecting and, when possible, preventing data extrusion from database servers. Imperva's SecureSphere claims to do it all, with advanced auditing and attack prevention.
Although most of its competitors focus on detection, SecureSphere sports an intrusion-prevention system, making it a good fit for enterprises with data that must not get into the wrong hands. Dynamic user profiling identifies normal user behavior and detects anomalies, letting IT allow, warn and/or halt actions to prevent data leakage..
SecureSphere is ideal for enterprises looking to prevent database extrusion and provide a separate platform for detailed user auditing--its results and performance are evident of a focus on compliance. The flexibility of inline and out-of-band modes makes it easy to drop into practically any environment.
Imperva SecureSphere Database Security Gateway, G4 Model, $45,000. MX Management Server, $15,000 $45,000 for Database Security Gateway (G4 model); $15,000 for MX Management Server; (650) 345-9000
Database IDS/IPSS have many of the same strengths and weaknesses of their network-focused kin: Protection schemes may be more like poodles than rottweilers and, for your own sanity, we recommend choosing an extrusion detection/prevention product that can self-learn normal usage patterns. Imperva's SecureSphere Database Security Gateway G4, tested with the optional MX Management Server, is a win on both counts. It did a fine job learning our user behavior, and numerous signatures let it handily block known attacks against both the database server and the underlying OS.
|This article is the second of a series and is part of NWC's Rolling Review of extrusion-prevention systems. Click on that link to go to the Rolling Reviews home page to read all the features and reviews now.|
Although the $45,000 DSG can be deployed and managed on its own, the MX Server provides a convenient single point of entry. We recommend springing for the extra $15,000 if you manage multiple SecureSphere appliances, including the DSG and Imperva's Database Monitoring Gateway and Web Application Firewall.