Imperva Data Security Fabric Reviews

I use SecureSphere to monitor our core databases and privilege operations by administrators, and to provide compliance reports.

In terms of regulatory compliance, one of the key requirements is to ensure that our core databases are monitored. SecureSphere allows us to generate details to prove that we're compliant with all requirements.

The most valuable feature is the automatic reports on new databases, which gives us up-to-date inventory management.

Sometimes the reports are cumbersome, and you have to drill down to get more information. SecureSphere also sometimes needs a lot of maintenance to keep the agents running on the database. In the next release, Imperva should include a preventative solution that will stop an attack before it happens or read the behavior of particular accounts and act on it. They should also make SecureSphere available on mobile so that if an administrator isn't on-prem, he can access the solution via the internet wherever he may be.

I've been using this solution for almost three years.

SecureSphere has been very stable until recently, due to the addition of new source databases causing performance issues.

SecureSphere is very scalable.

Imperva's technical support has been good. In the past, it sometimes took a long time to resolve an issue, but more recently, the responsiveness has been very impressive.

Previously, we used Oracle Audit Vault, but its reports were a little complex, and their support was not so impressive.

The initial setup was straightforward, and the deployment took between one and two weeks.

Our deployment was done in-house.

SecureSphere has resulted in us receiving audit exceptions, especially from the final details, which is a big deal to my organization since we have to be compliant.

I would recommend SecureSphere to other users and advise making a dedicated team available to work on the solution and configure the correct set of policies so they can get value for their money. I'd give SecureSphere a rating of eight out of ten.

The use case is for database services, security purposes, and access capabilities. In DAM, we cannot use inline mode due to the blocking that is there. Details can be shared and accessed to see, for example, information about the DB, who's using it, its applications, et cetera. There are all kinds of reporting that can be accessed. We submit reports to the customer.

The audit feature is great. It is totally encrypted. Nobody can tamper with the details. For example, a DB admin can change the audit, however, if they are using the DAM product, that is totally different infrastructure so that the log, since it is an agent-based solution, whatever the activity will be done in the server regarding the database audit will be captured by the audit and that agent. The communication is totally encrypted and nobody can tamper with that data.

The initial setup is not overly complex.  

Some cloud versions are not supported by the agent. For example, we had a client that wanted to move to the cloud and wanted to use AWS, however, it was not possible. Imperva should have every kind of agent.

I've used the solution for around three years. I've used it for a while now. 

The solution is stable. It's very reliable and the performance is good.

It's a scalable solution. It's good. If we can just change the gateway or if it is a VM right now, we can upgrade the resources, or we can install many more agents in the server, in other servers, and we can take more servers behind it so that we can capture all the data for any of the server.

Technical support is good. Sometimes we have to raise a ticket and we get good, proper support. There's no issue.

The the setup itself is not too complex, it's conceptual. You have to understand at least the basics of the database. That's it. You don't have to be a DB admin, however, as a security engineer, you just need some small knowledge of a database, for example, what the database is, what the table is, et cetera.

We are partners. 

I'd recommend the solution. If a company has a plan for the Imperva DAM solution, it can, while still not using the Imperva WAF solution. The WAF solution is also good. We can use the WAF as well as DAM. We have a box, a gateway, or management that is used for both cases.

If an organization wants to do both the cases like I have a database, I have a web server, I want to secure both the infrastructures, I know I can strictly go for the Imperva, and Imperva will give management of two gateways for two different solutions, and that's it. It can be a complete package.

I'd rate the solution nine out of ten.

We use it for database activity monitoring. We use it to monitor all the traffic that comes to the database to know about the operations that are happening on the database. 

At the moment, it is on-premises, but we eventually would like to go to the cloud.

It serves as a way and means to see if any unauthorized person is trying to access the database. It helps to implement specific rules to ensure that only authenticated people have access to the database.

The beauty of it is that it provides segregation of duties. Typically, in the traditional environment, DBAs administer the database, and they have too much access. We are in the process of implementing other Oracle solutions, and it brings some kind of segregation. Just because someone is a DBA does not mean that he or she should have access to all of the data. Some of the data can be masked so that privacy and security are enhanced, especially when it is customer data for an institution like a bank.

It is quite expensive. I would prefer a lower price. 

In terms of features, I started using it this month. I need more time to explore it.

It has not been long. We implemented it this month. 

We are currently doing a PoC, and there are a few issues that we are trying to resolve. When all of those issues are sorted out, we can start measuring the stability of the solution.

We haven't scaled it yet.

We are working with their technical support. They have been good so far.

It is straightforward, but it depends on the organizational policies and rules in terms of the infrastructure. For example, when you deploy it in an environment like Oracle, it is probably fine, but in other environments like Cisco, there could be some issues that you have to troubleshoot. It is more of an infrastructural or environmental issue.

We started with the PoC. It was implemented within two days. We are now doing monitoring to ensure everything is still fine.

It is quite expensive. We wanted it in my former organization, but the price was very high. So, we couldn't purchase it. I moved to a different organization, and this organization has purchased it.

It is a fantastic solution. It is very good, but the only issue is that if you don't have enough money, you cannot use this solution.

I would rate it an eight out of 10 for now. After exploring it more, I might rate it higher.

We primarily use the solution for auditing purposes so collecting and archiving of logs.

The solution is very good for auditing purposes, including collecting and archiving logs. 

We appreciate that we can use it on the DB server without harming the performance of the database is fantastic. It doesn't feel like it's lagging.

The initial setup is very simple. 

Overall it's a solid product.

The pricing is okay.

The support could be improved.

The product needs to perform better in extremely busy databases. It does not do really well where the DB is extremely, extremely busy. 

The updates could be better.

The UI can be improved. 

The ability to narrow down to the right environment could be helpful. They need to allow users to find an easy way to drill down to what's important.

I've been using the solution for three years now. 

The solution is solid. The stability is good.

The scalability is okay. However, if you're going to set up a redundancy, it needs to be in the same data center, as the manager that manages the entire system needs to share the data, and therefore they need to basically work in the area where they have direct connectivity between the sites. In our case, we have multiple data centers, and we distribute the connectivity and we can't achieve that. 

The solution's scalability isn't based on users. Even if you have one person using it, you might have 300 databases. It's not about the number of users, it's the number of databases.

The support isn't as good as it could be. We are not quite satisfied with it.

We previously used Oracle.

The solution is very simple and straightforward. It's not too difficult or complex. 

The solution isn't crazy-expensive. It's reasonable. 

We pay for the solution on a monthly basis.

I'm a customer and an end-user.

I'd recommend the solution to others. It's a very solid product. 

I'd rate the solution at an eight out of ten.

We use jSonar for DBA activities like database activity monitoring and privileged database activity monitoring.

The centralization of the data is probably the most useful feature because we span multiple database technologies. We also find the GBDI portion of it very helpful. 

It would be better if it were more user-friendly. Right now, it's a little bit of a complicated product to use. Another problem that we have is with encrypted traffic on Oracle. This is because it requires a database outage. That's a pain in the butt because you're monitoring critical systems, and they don't like outages.

I have been dealing with jSonar for about two years.

jSonar has been very stable for us.

From a manageability and scalability perspective, supporting model databases and different databases in a cloud, on-prem, and so on just seems to be easier. It's a viable solution to move forward.

We did use their technical support through IBM. It's kind of weird, and they're just a reseller, but jSonar's support has been very good.

The initial setup was pretty complex. 

We had IBM Professional Services set it up just to get us started properly. We're still in the process of deploying it because it does take a while. It's not necessarily the tool's fault. We're very lean with staff, and that's probably a bigger problem.

I know it's not cheap.

When you compare jSonar and Guardium, they both look similar. They're collecting database activity, centralizing, reporting, and applying machine analytics and AI to it. I think jSonar is a little more mature as a product because it's been out a little longer. IBM is starting from scratch or relatively recently for the Insights product. We're going to look at it because we have to pick a direction, but we haven't done that yet.

On a scale from one to ten, I would give jSonar an eight.

Most of our clients are banks and insurance and financial institutions that want to achieve compliance. They want to achieve auditing for their regulatory compliances as well. On the database side, that includes being able to monitor DBS and to block certain activities on the DVF. On the application side, it also has to be preventative and that's also part of compliance. This solution enables clients to achieve data security, whether on cloud or on prem. We offer support services and we are a service provider for database security through Imperva and also application security through Imperva to our clients. I'm a cyber security engineer and we are gold partners of SecureSphere DS. 

I would say the discovery module is the most valuable feature as it provides good visibility of the database environment to particular sites. It scans the entire front of the environment to detect any new databases found just to make sure there are not any malicious things going on. I think it's a very powerful tool in that sense. It also helps that the solution is able to block queries that are able to be run by given database administrators on databases and manages user rights. 

I've been part of various projects and also interact with clients because I do pre-sales. Most of the feedback I receive relates to clients wanting to see an improvement in the reporting. They like the ability and functionality of the solution but they feel the reporting is lacking. The general feeling is also that the GUI has been the same for a very long time and there is room for improvement there. It could look a little better and then if the reports are also improved that would make a big difference all round. 

From a basic implementation point of view, there are some features that are very technical, clients want everything very granular and they always say Imperva bundles everything. You do a signature, and ABC updates and you trust what the ABC is doing. I think if it were a little more granular and detailed in terms of how, for example, a query stream is being detected or something like that, rather than just blocking something, it would give the administrator a better view and understanding of what's happening. 

I've been using this solution for almost a year. 

The physical appliances are always very stable. In terms of CPU usage, things like the gateway load, payway load, they come with a little bit more capacity on that front. I think the issue always comes with the virtual appliances where you may run out of space, or maybe there are new versions of whichever hypervisor you are running that could change and maybe affect the virtual machines running on top. On the physical side, there's never an issue, it's stable. 

Database security is highly scalable because depending on the number of sites available, you're able to assume that you have the running agent. You can then access the IP for the gateway, you can log in your logs which are managed by the NX, so it's all fine. It's highly scalable for the database. I think even if you have branches all over the country, you can manage them centrally where you have agents monitoring whichever database is allocated to whichever site. We have deployed over 60 projects all over East Africa. I currently handle four, which are two application and two database.

Their technical support is good and the response is guaranteed until the problem is solved. I think when it comes to response time, it's always very quick. Maybe just one simple criticism would be that it's very hard to get a remote station with them and everything is always email and sending logs. I'd like to see more hands-on and direct contact with the environment. 

Complexity really depends on the client's environment, but I would say the initial set up for basic deployment of the components should take roughly six working days. It has to be integrated with everything. Installing links to all the other databases could take maybe another 10 work days, so around two weeks. I do the deployment. 

Customers are very, very satisfied with the licensing costs and there's not really anyone that competes with Imperva so the clients are very happy. Their requirements are covered. 

I would definitely recommend Imperva. I swear on it and try to pitch Imperva every time. I know its abilities, I know what you're going to get. I know how user friendly it is. It's easy to create policies. Reports are very okay. It's got various compatibilities, desk deployment, so Imperva is what I would recommend. 

I would rate this solution a nine out of 10. 

We primarily use the product for data security.  

The feature that I have found the most valuable is the firewall component.  

What I would like to see improved is Imperva making further development in terms of them going to the Cloud. Our business is moving to the cloud, so we want to have cloud availability as an option. Imperva can do the cloud database, but they are still working at building it out and it does not seem to me to be fully operational.  

We have been using Imperva for a little bit more than six years.  

We are experiencing good stability with this product. We have not had any crashes and no major problems navigating its management.  

I think that SecureSphere is very scalable. Across our whole company, everyone is using it. We are 50 people. Right now at this size, we only require two people for maintenance.   

The technical support for Imperva is super, super, super. They have a very experienced support team. They can diagnose all of our issues and are always very fast. They have very good documentation and knowledgebase resources that add to the depth of their support.  

I have previously used McAfee as a similar solution. We decided to switch because McAfee is a little bit tricky to get to work the way it should work. I had experience with their version 6.4 solution and it used a lot of resources and had too much overhead.  

The initial setup is moderately difficult. You have to understand the database and how the database communicates and also some knowledge about the platform. For example, if you have got the Unix environment you have got to understand how to work with that together with the product.  

Initially, SecureSphere was expensive but they have incentives on their packages now. They have introduced new price models, which makes the product more affordable now. It is now at a pricing level in the range where most people are looking for this type of solution.  

Before choosing Imperva, we did evaluate other options including IBM Guardian Data Protect and also Oracle Audit Vault. In the end, we finally made the choice to go with Imperva first of all because they are a company that is very much into digital security. Security is the central focus of their business, so that is one of their strong areas. Then their product support is one of the best. The solution is very advanced in terms of comparing their available resources and training to other companies. These resources make it a very complete solution.  

Imperva Security Sphere is something that I recommend any day, anytime because they are very much focused on security as a passion. So you find it has tons of capacity for scalability. It is focused on security. Even the solution's usability is very good.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate this product as a nine scored out of ten possible points.  

Features that I would like to see to make it to ten-out-of-ten means that they will need to add a few things. First, they need to onboard database encryption features. Then they need to add some of the other features which they do not have that other competitors already have. They can do more to offer a broader range of features and be more feature-rich.  

We primarily use the solution for monitoring database activities.

Currently, we have audit features for auditing databases, for example, granular auditing, which we really enjoy. We've been using it to check what users do. 

Apart from the WAF, which we've had issues with, every other feature we've been able to use very well. We use it for scanning databases, which is perfect. We need to run vulnerabilities counts as well, and this solution is great for that.

The feature right now that we have not been able to use successfully is the firewall aspect, the WAF.

In terms of the WAF, we tried their blocking functionality at some point, and our entire company came to a halt due to the fact that it was blocking even database connections. It was hanging our databases. Until now, we've not been able to fully use their database blocking functionality very well. That is the only aspect that I wish could be improved tomorrow.

The entire system is not user-friendly for me, and definitely not as user-friendly as Oracle Vault. It should be more user-friendly, to make it much more competitive in the space. 

The technical support is not offered by the company itself. Rather, you can only get technical support via partners. It isn't that good and because of this, we want to leave the product.

The solution is expensive.

If we can look at a system that can do 360 annual. There is an app call bridge that is something they've introduced, however, we don't have that yet. I don't know if that is able to do application monitoring as well, but I wish they had a feature that could do both the database and application monitoring.

I've been using the solution for about four to five years now.

The stability is okay. I don't recall any kind of bug or glitch. It doesn't freeze or crash. Aside from issues with WAF, it's good.

The scalability is fine for our purposes. We are able to modify the product, and we are able to do things to suit what we need, so it's okay for us. If I were to rate them out of ten on scalability, I'd give them a six.

One of the reasons we want to leave this solution is the fact that we don't have any technical support whatsoever. If there was some on offer, it might convince us to stay. Technical support is typically handled by partners, and they do not do a good job. We've been trying to reach the parent company directly because we are unsatisfied with the level of service we've received and we've had no luck. Therefore, we'll probably leave the service altogether.

The solution is pretty pricey. It's not the least expensive option. An organization will have to ensure they have the budget to cover the cost or having the product. I'd say that the amount of money they charge is unreasonable sometimes. If I were to rate them out of ten on pricing, I would give them a one.

We're currently looking to move away from Imperva. We're considering Audit Vault.

The solution is okay, however, there is a lot to be improved upon. For that reason, I'd rate them five out of ten overall.

It's not a bad tool. It's a good tool. I tend to recommend it to others, however, if you're a small company, it may not make sense due to the fact that it is quite expensive.

We use this product to monitor database administrator events and activities on all services. We also use it for preventive measures. Some sensitive queries can be blocked in line before transactions occur.

It's great that we're able to send light event monitoring and administrative activities. SecureSephere has a robust recording system.

We have a lot of lost communication between the clients and the management server. This is a client-on-server solution and sometimes the agent stops communicating and it can take a lot of troubleshooting to solve the issue. It would also be helpful if they'd improve artificial intelligence. 

We've been using this solution for six years. 

The stability is pretty good. 

The scalability is good. 

The customer support is not very good. 

I don't recall the name of the previous solution but we switched to Imperva because it was less complex. 

The initial setup was reasonably straightforward. The deployment took about three months and we had some external assistance. 

This is an expensive solution. We pay an additional amount for support. 

Staff need training prior to using this product. 

I rate this solution nine out of 10.

I'm the product manager for Imperva in Africa for a distributor. I manage it every day, but I don't personally use it. We sell Imperva to customers in 17 countries. 

Its deployment depends on the customer. Some customers have their databases in the cloud, and if they have them in the cloud, we give them the cloud database security of Imperva. If their database is on-premises, then we deploy it on-premises, and the reseller implements the solution on-premises.

There are three major main use cases of this solution. The first one is to fulfill compliance regulations. Customers—especially the banks, health sector, and manufacturing—need to comply with the regulations in different countries. They have to fulfill compliance regulations around the privacy of data. In order to fulfill those requirements, they're using Imperva. It helps them to fulfill these requirements, and they are not fined by the regulators. That is the first use case why people buy Imperva.

The second one is for security itself. They don't want a cybercriminal to have access to the data. Imperva is a security solution, and you can use it to block unauthorized access to your data. 

The third one is related to rightful access to the data. They want to know:

• Who has access to the data internally?
• What queries were being issued on the database?
• What time did they log in?
• What is going on within the environment?
• Who is touching the data?
• What are they doing with the data internally? 

Customers or organizations want to have access or have visibility into all these.

They can maybe look at its pricing model. Its pricing could be cheaper for the African countries or developing economies.

I have been using this solution for three years.

It is very scalable. If a customer wants it for five database servers, he gets licenses for five database servers. Tomorrow, if they want licenses for two extra databases, they can just buy the extra two licenses. It is very scalable and very straightforward.

Their support is fantastic. It is 24/7. You raise a ticket, and you get someone assigned to you immediately.

I would rate them a five out of five. In a worst-case scenario, it would be a four, but it's always very straightforward. We get a very quick response.

It is very easy and very straightforward. There are no complications.

Its pricing could be cheaper for the African countries or developing economies. The British pound is valued way more than the currency of most African countries. A better or cheaper pricing model for Nigerian and African customers would be better.

It has a per-year subscription model. You pay exactly for what you need. That's all. You don't have to buy what you don't need.

It is very straightforward. It is probably the best solution out there in terms of data security. About 90% to 95% of the banks in Nigeria use Imperva. When you have such a success story in Nigeria, Ghana, and of course, many other African countries, you can be sure that you are getting a very good solution. 

I would rate it a nine out of 10.