We tried several SQL injection attacks that were built into our e-commerce app. The signatures detected some, but not all of them. We also turned off the signatures to see if the Web user's profile would catch the change in behavior. It did. And, sticking with the IPS mindset, the DSG includes signatures that can block known attacks against both the database server and the underlying OS.
Another nice touch: Imperva includes an assessment piece for determining the security posture of a database server. It checks for general database security features, tests for actual database vulnerabilities and verifies the security of the underlying OS, in addition to protecting it from known attacks. We ran the assessment against default installs of Microsoft SQL Server 2000 and 2005 to see what it would tell us. As we had hoped, the scanner found all the vulnerabilities we expect to be in default installs of each product.
All management tasks are performed directly on the MX Management Server interface. Changes must be propagated to devices under management by clicking the "Activate Settings" button; once that happens, changes take place in near-real-time. For enterprises with many database servers spread out geographically or those looking to use other Imperva products, the MX Management Server is a smart choice for centralizing management and policies into one easy-to-use interface.
Imperva's DSG is a solid product, and we look forward to testing rivals to see how they stack up. Look for our comprehensive comparison chart and report card after we've completed testing.
John H. Sawyer is a senior IT security engineer at the University of Florida and a GIAC Certified Firewall Analyst, incident handler and forensic analyst. Write to him at [email protected].
