Imperva Data Security Fabric Reviews

Imperva SecureSphere Database Security has the most wide coverage range of database types, which is a significant advantage.

Access control is not the main feature in Imperva SecureSphere Database Security, but we have the role-based model of users and many integrations with other PAMs, IAMs, etc. The main aspect for all products of this type is to answer three main questions regarding who tried to reach the data.

Data is the most important asset in any organization and the primary target of hackers. Imperva SecureSphere Database Security provides one of the best solutions to analyze data, maintain GDPR compliance, and help investigate any incidents. It is user-friendly and can start with a small scope.

Unlike competitors such as IBM Guardium and Oracle, customers can start with a small scope and scale every year. This advantage allows them to invest less money initially while learning the solution. Year after year, they can add value scope and cover more databases in their organization with high quality.

We have been working with Imperva SecureSphere Database Security for about 10 years. I started working with this project about five years ago.

Imperva SecureSphere Database Security is the best solution available. I have worked with all ranges of Imperva solutions, including database security, application security, application security from cloud, and application security on-premises. Imperva was instrumental in saving the Ukrainian banking system at the beginning of the Great War.

My position is Business Development Manager, and while I work with several vendors, Imperva is the main vendor in my portfolio. Though I don't yet have a contract for Thales products, I can discuss data encryption and talent with customers.

Clients typically have both cloud and on-premises options available to them.

Overall rating: 10/10

The simplicity of Imperva SecureSphere Database Security comes out of the box.

I have utilized the detailed audit logs feature in the Imperva SecureSphere Database Security, and it has proven to be highly effective.

The Imperva SecureSphere Database Security has significantly aided my organization in forensic investigations and compliance audits.

The real-time alerts and remediation actions available in Imperva SecureSphere Database Security have helped me promptly address security incidents.

Their customizable security controls in Imperva SecureSphere Database Security have tailored the protection level for my organization's specific needs.

The automated monitoring and reporting features of the Imperva SecureSphere Database Security have contributed to simplifying compliance with regulatory standards for my organization.

There are specific missing features in the Imperva SecureSphere Database Security that I would like to see included or enhanced.

Positive

I would overall rate the Imperva SecureSphere Database Security as a product very positively with a score of 10 out of 10.

My thoughts on the stability and performance of the Imperva SecureSphere Database Security are very positive, and I find it stable.

We onboard databases with Imperva Data Security. I can put its policies around the environment I want to monitor. I can see it actually works if I want to prevent certain activities.

The blocking feature is valuable. I can set policies to block certain activities. If something malicious occurs, I can set a policy to block it, review the action, and decide whether to release it if it's found not to be malicious. Real-time data monitoring is also helpful, as it alerts me via email if activities like user creation are happening. This ensures I am always informed about real-time data changes.

The development mode on the platform needs improvement. For example, the archiving functionalities should be enhanced to allow easy conversion of archived logs into CSV or Excel formats for data analysis. When I need to investigate with archived data, the inability to export to these formats can be limiting. Making this process easier would be beneficial for reviews.

I have been using Imperva Data Security since 2020. That's about five years.

Imperva Data Security is stable as long as I do not overload the platform. It is important to manage it correctly by performing health checks with the vendor and ensuring that old log files are cleared up. Usually, it is stable if these maintenance actions are in place.

I would rate the scalability at eight. The solution works well for large organizations and enterprise levels if appropriately sized during the setup.

Support is dual-faceted. I have local vendors and OEM support. Local vendors provide on-ground support, and if issues cannot be resolved, a support ticket is raised to the OEM via a portal. I rate the customer service at seven out of ten.

Neutral

The initial setup is complex because it requires OEM involvement. As a proprietary platform, I can't set it up independently.

The price is high, but it is not as high as competitors like IBM, Guardian, and Oracle. It cannot be considered low-priced.

Overall, I would rate Imperva Data Security at eight out of ten. 

I recommend the product to other users.

The typical use case for our clients using Imperva Data Security is that data is almost the most important asset for any organization. In case they lose their customer data, their reputation will be at stake. So in order to protect the data, they use data security as a tool from Imperva Data Security.

The best features of Imperva Data Security are that it's a complete solution and it safeguards company reputation. The critical part of any organization is data, and if their data is at stake, no company can survive.

Areas of Imperva Data Security have room for improvement. I don't think every solution is perfect, but they need some kind of improvement in the future because if they have to survive in the market, they have to update themselves from time to time.

It relates to market stability. It depends on market scenarios, what kind of updates a particular company is looking for, because currently the major challenge companies are facing is AI, and in terms of AI security, they have to update themselves accordingly.

I've been working with Imperva Data Security for almost two years now.

The integration of Imperva Data Security can be smooth and seamless, but it actually depends on the network which company has. It's easy to integrate, nothing hard and fast. Every organization has its own challenges, so it depends from company to company.

Imperva Data Security is a stable solution.

Imperva Data Security is a scalable solution. Since it is a cloud-based solution, it can be scaled at any point in time.

In terms of technical support for Imperva Data Security, we are a system integrator providing technical services to the end user. For product support, we reach out to the Imperva team, which typically has a turnaround time of 18 hours.

We work with all these solutions, including Imperva Data Security, bot management, and API security.

As an integrator, pricing for Imperva Data Security depends from company to company based on their commercials. It's not in our hands to decide on the pricing part; it depends on the OEM, in this case, Imperva, and the company size. If the company is bigger, the pricing will be less, while if the company is small in size, the price is going to be different.

We provide technical services to the end users, including installation and implementation, not Imperva.

The experience with pricing, setup cost, and licensing of Imperva Data Security varies; it depends from company to company.

The experience with pricing, setup cost, and licensing of Imperva Data Security varies; it depends from company to company. On a scale of one to ten, I rate Imperva Data Security a seven out of ten.

Our organization is a financial institution that stores transactional data. If that data changes or if someone outside the bank attempts to access it, we should receive an alert. We have implemented use cases to monitor and alert us in these scenarios.

It is very effective, and we use four main features. The first feature is cluster management, which allows me to redirect an agent to another gateway if one goes down. This ensures continuous monitoring without any loss of logs or database monitoring. The second feature is the ability to receive alerts if anyone tries to tamper with our Database Activity Monitoring settings or the Database Security Monitoring agent on the target database, allowing me to identify who is attempting unauthorized changes. It has a large pool of automated policies that we can refer to and apply. This makes it much easier to implement these policies and ensure database security.

It would be more efficient if we could manage the consoles of management servers from a single location. Currently, if the management server for our DR environment is separate from the production management server, we have to log in to each server individually. 

For example, to check the status of production servers integrated with Infowa, I need to log in to the production management server. Similarly, I have to log in to the DR management server to check the status of the DR servers. Connecting both servers and managing them through a single console would make it easier to handle all alerts in one place.

I have been using Imperva SecureSphere Database Security for the past year.

It has glitchy configurations.

It is easy to scale. There are no limitations with scalability.

Technical support is satisfactory because whenever we raise any concerns or queries, they support us by providing priority support.

Positive

I have used only Oracle EOPD. The agent tampering and cluster management are not available on Oracle.

It is easy to install. We can also push updates from our management server to endpoints, and the Imperva gateway software, or all the packages are bundled in each package. That package is easy to install on VMware.

If all the requirements are met, one day is enough for the whole deployment, and then we can install that component.

It is time saving because we can get all the data with various types of reports. Whenever we want to check alerts, then we can easily download that report and check what is going on or what is in the monitoring. It's a little bit easy.

It is not cheaper, but based on the feature, it is okay.

There is one issue with maintenance. It would also be easy to manage it with the backup and archival policies. Depending on our scope, the number of servers we are taking, or what infra we use for our database Security, we require two or more people to manage this management if we use more than three to four management servers.

It is easy to integrate on any platform that Imperva supports. Imperva supports all the platforms. We can identify and provide versions based on OS configuration and database configuration.

My main use case for Imperva Data Security Fabric is to monitor database traffic. I use Imperva Data Security Fabric to monitor database traffic on a daily basis, and it is useful for audit purposes later.

The best features Imperva Data Security Fabric offers include the ability for all cloud databases to be integrated with Imperva Data Security Fabric, allowing me to monitor those. Integration with Imperva Data Security Fabric helps my team by reducing the time needed, and there is not much criticality in onboarding those databases.

Imperva Data Security Fabric has positively impacted my organization by helping to onboard all cloud databases; not only the on-premises databases, but all cloud databases are also onboarded, which helped significantly. Most of the time is saved while onboarding these databases with Imperva Data Security Fabric, and I can do it in one go.

Imperva Data Security Fabric can be improved by being more useful for creating security policies that help to convince customers.

I have been using Imperva Data Security Fabric for two years.

I chose a rating of eight because there is a bit of a delay in support from the support team.

I would add that the user interface of Imperva Data Security Fabric is very friendly and easy to understand, even for a beginner. The user interface of Imperva Data Security Fabric is pretty good. My advice to others looking into using Imperva Data Security Fabric is that it is user-friendly and a good purchase for the price, and it is a proper solution that works more efficiently to monitor databases. I would rate this product an eight overall.

The solution has a lot of use cases. I work in support. We support customers with issues they have with the system. We fine-tune the security policies and block the traffic according to the customers’ needs.

The gateway handles all database traffic. The solution is user-friendly. We use the data masking features to hide special information from the Imperva administrators. Imperva plays a key role in our security. We need to manage huge amounts of data for the enterprise, and Imperva enables us to do it. The AI helps us profile the traffic. It gives us statistics on the profiles that connect to the databases and run SQL queries. We can write policies based on the details.

Imperva’s agent is not suitable for container systems. The agent does not monitor databases in the containers. Imperva must improve it. The vendor provides Imperva DSF, but customers must pay a lot. It would be better if Imperva’s agents could monitor containers. In Turkey, we have a Linux-based operating system that is used extensively. Imperva’s agent does not fit the operating system.

I have been using the solution for more than five years.

Imperva is a stable system. I rate the stability a nine out of ten.

Imperva has the power of clustering systems. It automatically balances the traffic load. The scalability is really powerful. The product is suitable for enterprises. Small or medium businesses can use it, but it will be too expensive for them.

There are some issues with support. The level one engineers do nothing.

Neutral

I rate the ease of setup an eight out of ten. The setup takes a few hours, but the integration takes a day or two.

I rate the tool’s pricing a nine out of ten. The product is expensive.

Guardium’s data masking features are more powerful than Imperva’s.

I am a partner. I will recommend the solution to others. It is user-friendly. The technology is stable. If we know the system, it will really help us to secure and monitor our environment. Overall, I rate the product an eight out of ten.

We use Imperva SecureSphere Database Security to monitor user activities within databases. It includes detecting DDA activities, unauthorized queries, abnormal user behavior, and potential security breaches. It allows us to check and filter activities based on IP addresses, enabling us to track the sources of incoming requests. If any application uses SQL queries, SecureSphere can monitor these activities for unusual or unauthorized patterns. Additionally, we can set alerts for updates whenever a user profile is added to the database to ensure there is no malicious activity.

The product’s most valuable feature is real-time highlights. It helps with detecting natural weaknesses. The users can see the activity as soon as it is visible to administrators. It makes it easier to determine if some action has to be taken against malicious activity. The users can scan the data and check if it meets CIS standards.

Once we read the activity logs on the platform, we cannot open them anywhere else as they are stored in a proprietary format.

It is a stable platform.

The product’s on-premises version is not scalable. In contrast, it starts scaling once deployed on VMs.

We contact the technical support team while deploying resources. Sometimes, the team replies with the solutions already available online. It could be better.

Neutral

The product generates a return on investment for a large database capacity.

The product’s price is reasonable compared to IBM and other products.

I rate Imperva SecureSphere Database Security a five out of ten.

Banks need to know who is accessing their data for compliance reasons. The other use case is related to creating, managing, and auditing databases. Some organizations cannot audit their databases because it involves lots of heavy processing, so they would rather have a third party do the database monitoring. That's where Imperva comes in. My enterprise clients use Imperva on-premises, but some customers are using FlexProtect, which is a cloud-based solution. About 10 security engineers at my company use Imperva currently.

Imperva's most valuable features are ease of use and log correlation. I also like the ability to trace activity from the host machine to the server access, the user details, and the exact query that they executed. If a database administrator or application process executes a query on the database, people know exactly what was executed, including all the variables. 

For example, it will tell you how many rows they were trying to select on which table, and you get the OS information, network details, IPs, and the user. That fine-grained auditing available on the platform makes life easier and helps explain anything happening in your database.

Data encryption. Yeah, Imperva needs to pull up on data encryption and make it a standard feature to allow maybe for tokenization, encryption of data, and things like that.

I have been using Imperva for eight years now.

Imperva is a solid product. When I was CFO, I experienced downtime once, but in the four years that I have been running Imperva, I have seen zero downtime. The only challenge I had was when the database grew. We had to migrate to V6.50, and it became too heavy for the platform. 

In a perpetual licensing model, scalability is a challenge. I ended up arguing Imperva when migrating to V6.50, which is a higher capacity than V2.50. They wanted to sell me a license for V4.50 and then V6.50, so that was too expensive. Scalability under the licensing model was limited. Otherwise, the platform itself can scale to accommodate your needs.

I rate Imperva support eight out of 10. They're quite responsive.

Positive

Imperva is a highly technical solution to set up. It took about two weeks to set it up the first time, but I think nowadays, people could set up Imperva in a week. There has been some improvement. We don't have a lot of technically proficient people in our region, so I've been trying to drive up the competence and technical certification. 

More training in Africa would help increase those skills. If you're in Zambia, you need to hire someone from South Africa or the United Arab Emirates to come in and set it up, so you have to pay the cost of transporting that person. Having a network of locally certified partners would be lucrative for Imperva and better for the customers. 

The ROI is quite good. The total cost of ownership for Imperva is transparent. It pays for itself because you reduce your operational losses. You can weight the expense against what you would've lost if you didn't have Imperva.

Imperva is too expensive for small and medium-sized enterprises. They're missing out on technology that helps them manage their data security better. Data security is essential because even the strongest network may be attacked from the inside without it.

Databases host most of the structured data for organizations. Other unstructured data may be at risk, but it's not the same risk as a database. PII needs to be structured on your database, but most SMEs cannot afford the cost. You pay for a perpetual license plus maintenance and support. 

I tried Oracle Audit Vault, but the solution wasn't as mature in terms of core database security because it doesn't integrate well with other vendors. Vault works well with Oracle solutions, but there are limitations when you want to use other types of databases. It's a bit of a problem. 

Oracle's data encryption is far superior to Imperva's, but they are not very responsive, and pricing is through the roof. That requirement would cost close to a million dollars.

I rate Imperva nine out of 10. Many companies claim to understand database security, but they cannot compare to Imperva. 

The solution is very important for security. Some of our clients do not understand what they need to do and how to do it. We use Imperva’s PoV and demo platforms to explain it to the clients easily and see where it fits into the process.

It is easy to get the solution to the clients. The real-time monitoring capability makes it easy for our clients to get the tool. The tool meets our requirements. The time to detect vulnerabilities has gotten a lot quicker. We have a faster reaction time when something goes wrong within the data environment.

The deployment is not easy.

I have been using the solution for three months.

Imperva data centers are stable, and we can switch between any one of them. However, internet connections in South Africa are not always stable. A client that needs international connectivity will find the tool to be reasonably stable. As a partner, I consider the tool stable because I know how the data centers switch between each other. However, the network is not stable.

I rate the product’s scalability an eight out of ten. Our clients are usually medium and enterprise-level businesses.

The deployment is not difficult, but it is not easy because I am new to the product. I rate the ease of setup a six out of ten. I had to get help. The deployment took three days.

The pricing is reasonably good in South Africa. We can speak to our channel partner for the pricing.

I have good access to some consoles and live streams of threat analysis. I can warn the clients about things that are not yet happening within the environment to start taking mitigation actions. Users can be guided to start looking for the threats and configuring their security network. If there is a big vulnerability, we can start working on mitigation factors using Imperva. I understand how Large Language Models work. A quick analysis of models and behavior can be done. Globally, data can be shared much quicker with the analytics that can be done within the big data centers where Imperva is located. I will recommend the tool to others.

Many people do not know where their data is and how to protect it. With a little bit of experience, the product will help them understand that they can find and protect data a lot quicker, whether it is in a database or in someone's computer on a network that nobody knows about. If set up correctly, we can be more proactive in preventing security leaks or data leaks rather than only finding out about them three to four months after the breach has taken place.

Overall, I rate the product a nine out of ten.