Imperva Data Security Fabric Reviews

We are system integrators, so we mostly work on implementing projects. We don't handle maintenance or administration. Our focus is on implementation.

We use it for database security, vulnerability analysis, discovery, and handling requests from applications and users.

It's not just one feature because the whole process is important, starting from discovery to protection and prevention. If we use agent-based functionality instead of a gateway, the solution becomes more feature-rich.

Mostly in areas like data masking since they previously had a product called "camouflage," but it was dropped. It would be better to have something similar to that. 

Additionally, improvements can be made in data enrichment, aggregation of data from different perspectives, and enhancing the GUI (Graphical User Interface) for a better user experience.

We have experience in implementing the solution. It has been almost four years.

I would rate the stability of this solution a seven out of ten. There's some room for improvement in terms of stability.

I would rate the scalability of this solution as seven out of ten. It's scalable, but further implementation and development would make it even better.

We have been able to handle everything on our own. As partners, we are technical savvy.

The initial setup is actually quite easy. It's not something hard to do, but having some experience with the product is helpful.

If it's only the deployment, it takes around two to three days. But if we consider tuning and ongoing processes, the time for deployment varies.

ROI depends on the use case. Most companies use it for security and compliance. So, it varies based on the specific use cases.

It's not a cheap solution.

I would recommend considering Imperva. It's important to conduct a proof of concept (POC), include a list of potential different vendors or products, and make an informed decision.

Overall, I would rate the solution an eight out of ten. 

Reporting is the most valuable aspect. It's very fast, even versus IBM. IBM could take three, or four days to get a report. In Imperva, everything is online, and you get the reports very fast. 

It is very easy to configure the new dashboards, and reporting is easy to do. It takes maybe an hour to do it. 

The solution is very stable. 

We'd like better compliance with cyber security and legal as well as other areas. 

I'd like to see some sort of solution for storage. For example, if someone in the company is doing some backup, I cannot reach that information in the discovery and in the protection. I only can protect the information, the databases that I use that are in developer or Q&A, and not those databases that are in the backups. It's a limitation.

I've been using the solution for three years. 

This is a stable, reliable product. It never fails. There are no bugs or glitches. 

There are six areas that are using the solution, and each area has maybe three or four users, at least. Risk, compliance, operations, and internal security, for example, are some areas that use it and get reports. 

I'm not sure if we have plans to increase usage. I am covering all the databases right now. I have no other space to do it. Of course, if we are going to grow and use more databases, I'm going to use this solution. That said, right now, all the databases are covered.

We pay for the solution on a yearly basis. There are no additional costs or extra fees beyond the license itself. 

Have compared the solution to IBM. Previously, I was an IBM customer, and IBM would take maybe a week to have a good configuration. 

With Imperva, it's very easy to configure. It's very easy to get the reports. The reports are coming fast, and you are saving a lot of money if you send the logs to Splunk since Splunk charges per alert. In the Imperva solution, instead of sending tons of alerts, it is consolidating everything. It helps me save money with Splunk. 

I am a consultant. 

I have been working with the previous version of the product. Right now, the latest one is the Data Security Fabric.

It is very easy to use, and it helps us to discover the databases. In some cases, the shadow IP or the business areas are not reporting that they are using other databases. With the Imperva solution, I can find the other databases that are not reported to IT, and it's very easy to know where they are, where the information is, and what kind of information it is, if we are talking about the personal data or if we are talking about a financial data, et cetera. It's very easy to find the databases, and to know what kind of information is in each one of those databases. It's so helpful.

It helps a lot to have a consultant as they have the knowledge and experience a company can use. Even if a solution is very easy to implement, it helps to have the knowledge and experience of partners. 

I'd rate the solution ten out of ten.

We primarily use the solution  just to monitor database activity on all the in-house databases.

I like almost everything about the solution. That includes sensitive data scanning, which is what is the most important. The data discovery is great as well. 

I like the activity monitoring. That was the main reason we purchased the tool.

The integration is great.

They do quite a lot of feature updates. 

The solution needs local support.

They need to do a little bit more knowledge-sharing with the tool. Knowledge-sharing is not what you normally get with Microsoft, Symantec, or any other tools that are leaders in their respective spaces. This is more of a closed-group type of solution only, whereby the information is only accessible to certain groups, or maybe in certain countries. It needs a broader, more accessible knowledge base. 

There could be more on the monitoring side of things. They need more monitoring tools within the tool itself. Although it does a good job monitoring databases, in terms of the health of its agent gateways to verify communication and all that, there are basically no utilities available within the tool.

I've used the solution for a little over three years. 

The stability is average. I'd rate it three and a half out of five in terms of stability. It's not too bad. 

This is a highly scalable product. I'd rate it four out of five in terms of its ability to scale. 

We have 15 people using the solution.

Local companies have limited exposure to the tool There's professional support and support from the providers, however, if they don't know too much about it, they cannot provide adequate help. 

Positive

While I didn't handle the initial deployment myself, from the training I have done, it is my understanding that the implementation process would not be that hard. 

I'm not sure how many people were involved in the deployment. 

I handle any maintenance myself with the sales provider. There might be six people available to maintain the product. There would be about three from the customer side and two from the service provider's side.

We did have a third party assist with the initial setup. They were from the vendor. 

I am not sure how much the licensing is exactly. that said, my understanding is that it is expensive. 

We're customers and end-users.

We are using the latest version of the solution. 

It's pretty good in terms of capabilities. I'd rate it eight out of ten. 

Our customers are using Imperva SecureSphere Database Security for GDP compliance.

Using Imperva SecureSphere Database Security has improved our organization by providing us with safety from vulnerabilities. We have better rules and rights management for our sensitive database.

The most valuable features of Imperva SecureSphere Database Security are the user-friendliness, easy-to-use interface compared to competitors, database operations do not need a specialist, and simple to manage for our security team. Additionally, the solution can show all the databases and the level of sensitivity. It can show what is more sensitive or less sensitive.

Imperva SecureSphere Database Security could improve the database defense feature called camouflage. This feature was responsible for the data mask but now it does not work well and we need another solution. All our banks have teams that are regarded with care and they need to mask sensitive data in order to provide testing to developers.

I have been using Imperva SecureSphere Database Security for approximately two months.

Imperva SecureSphere Database Security is stable.

The scalability of Imperva SecureSphere Database Security is easy, and it scales well.

We have approximately 10 to 15 users using the solution. There are administrators and team leaders using the solution.

I have not used another solution previously.

Imperva SecureSphere Database Security was simple for our engineers to implement. It is easier than other similar solutions. The full deployment took a few weeks.

Our engineering team did he implementation Imperva SecureSphere Database Security with the help of some partners. We require a lot of people for the deployment of the solution. We typically require one IT administrator, engineer, and partner engineers.

It is too early to tell if we have received a return on investment.

Imperva SecureSphere Database Security was quite expensive several years ago, but now they provide a subscription plan for licensing. It is available now for smaller and medium-sized companies, not only large enterprises.

There are many licensing options available, such as monthly and annually. Additionally, The hardware can be available on a perpetual license. There are not any additional costs other than deployment fees if you use a partner or integrator.

I rate Imperva SecureSphere Database Security a nine out of ten.

I use SecureSphere to monitor our core databases and privilege operations by administrators, and to provide compliance reports.

In terms of regulatory compliance, one of the key requirements is to ensure that our core databases are monitored. SecureSphere allows us to generate details to prove that we're compliant with all requirements.

The most valuable feature is the automatic reports on new databases, which gives us up-to-date inventory management.

Sometimes the reports are cumbersome, and you have to drill down to get more information. SecureSphere also sometimes needs a lot of maintenance to keep the agents running on the database. In the next release, Imperva should include a preventative solution that will stop an attack before it happens or read the behavior of particular accounts and act on it. They should also make SecureSphere available on mobile so that if an administrator isn't on-prem, he can access the solution via the internet wherever he may be.

I've been using this solution for almost three years.

SecureSphere has been very stable until recently, due to the addition of new source databases causing performance issues.

SecureSphere is very scalable.

Imperva's technical support has been good. In the past, it sometimes took a long time to resolve an issue, but more recently, the responsiveness has been very impressive.

Neutral

Previously, we used Oracle Audit Vault, but its reports were a little complex, and their support was not so impressive.

The initial setup was straightforward, and the deployment took between one and two weeks.

Our deployment was done in-house.

SecureSphere has resulted in us receiving audit exceptions, especially from the final details, which is a big deal to my organization since we have to be compliant.

I would recommend SecureSphere to other users and advise making a dedicated team available to work on the solution and configure the correct set of policies so they can get value for their money. I'd give SecureSphere a rating of eight out of ten.

I'm the product manager for Imperva in Africa for a distributor. I manage it every day, but I don't personally use it. We sell Imperva to customers in 17 countries. 

Its deployment depends on the customer. Some customers have their databases in the cloud, and if they have them in the cloud, we give them the cloud database security of Imperva. If their database is on-premises, then we deploy it on-premises, and the reseller implements the solution on-premises.

There are three major main use cases of this solution. The first one is to fulfill compliance regulations. Customers—especially the banks, health sector, and manufacturing—need to comply with the regulations in different countries. They have to fulfill compliance regulations around the privacy of data. In order to fulfill those requirements, they're using Imperva. It helps them to fulfill these requirements, and they are not fined by the regulators. That is the first use case why people buy Imperva.

The second one is for security itself. They don't want a cybercriminal to have access to the data. Imperva is a security solution, and you can use it to block unauthorized access to your data. 

The third one is related to rightful access to the data. They want to know:

• Who has access to the data internally?
• What queries were being issued on the database?
• What time did they log in?
• What is going on within the environment?
• Who is touching the data?
• What are they doing with the data internally? 

Customers or organizations want to have access or have visibility into all these.

They can maybe look at its pricing model. Its pricing could be cheaper for the African countries or developing economies.

I have been using this solution for three years.

It is very scalable. If a customer wants it for five database servers, he gets licenses for five database servers. Tomorrow, if they want licenses for two extra databases, they can just buy the extra two licenses. It is very scalable and very straightforward.

Their support is fantastic. It is 24/7. You raise a ticket, and you get someone assigned to you immediately.

I would rate them a five out of five. In a worst-case scenario, it would be a four, but it's always very straightforward. We get a very quick response.

It is very easy and very straightforward. There are no complications.

Its pricing could be cheaper for the African countries or developing economies. The British pound is valued way more than the currency of most African countries. A better or cheaper pricing model for Nigerian and African customers would be better.

It has a per-year subscription model. You pay exactly for what you need. That's all. You don't have to buy what you don't need.

It is very straightforward. It is probably the best solution out there in terms of data security. About 90% to 95% of the banks in Nigeria use Imperva. When you have such a success story in Nigeria, Ghana, and of course, many other African countries, you can be sure that you are getting a very good solution. 

I would rate it a nine out of 10.

We use jSonar for DBA activities like database activity monitoring and privileged database activity monitoring.

The centralization of the data is probably the most useful feature because we span multiple database technologies. We also find the GBDI portion of it very helpful. 

It would be better if it were more user-friendly. Right now, it's a little bit of a complicated product to use. Another problem that we have is with encrypted traffic on Oracle. This is because it requires a database outage. That's a pain in the butt because you're monitoring critical systems, and they don't like outages.

I have been dealing with jSonar for about two years.

jSonar has been very stable for us.

From a manageability and scalability perspective, supporting model databases and different databases in a cloud, on-prem, and so on just seems to be easier. It's a viable solution to move forward.

We did use their technical support through IBM. It's kind of weird, and they're just a reseller, but jSonar's support has been very good.

The initial setup was pretty complex. 

We had IBM Professional Services set it up just to get us started properly. We're still in the process of deploying it because it does take a while. It's not necessarily the tool's fault. We're very lean with staff, and that's probably a bigger problem.

I know it's not cheap.

When you compare jSonar and Guardium, they both look similar. They're collecting database activity, centralizing, reporting, and applying machine analytics and AI to it. I think jSonar is a little more mature as a product because it's been out a little longer. IBM is starting from scratch or relatively recently for the Insights product. We're going to look at it because we have to pick a direction, but we haven't done that yet.

On a scale from one to ten, I would give jSonar an eight.

We primarily use the product for data security.  

The feature that I have found the most valuable is the firewall component.  

What I would like to see improved is Imperva making further development in terms of them going to the Cloud. Our business is moving to the cloud, so we want to have cloud availability as an option. Imperva can do the cloud database, but they are still working at building it out and it does not seem to me to be fully operational.  

We have been using Imperva for a little bit more than six years.  

We are experiencing good stability with this product. We have not had any crashes and no major problems navigating its management.  

I think that SecureSphere is very scalable. Across our whole company, everyone is using it. We are 50 people. Right now at this size, we only require two people for maintenance.   

The technical support for Imperva is super, super, super. They have a very experienced support team. They can diagnose all of our issues and are always very fast. They have very good documentation and knowledgebase resources that add to the depth of their support.  

I have previously used McAfee as a similar solution. We decided to switch because McAfee is a little bit tricky to get to work the way it should work. I had experience with their version 6.4 solution and it used a lot of resources and had too much overhead.  

The initial setup is moderately difficult. You have to understand the database and how the database communicates and also some knowledge about the platform. For example, if you have got the Unix environment you have got to understand how to work with that together with the product.  

Initially, SecureSphere was expensive but they have incentives on their packages now. They have introduced new price models, which makes the product more affordable now. It is now at a pricing level in the range where most people are looking for this type of solution.  

Before choosing Imperva, we did evaluate other options including IBM Guardian Data Protect and also Oracle Audit Vault. In the end, we finally made the choice to go with Imperva first of all because they are a company that is very much into digital security. Security is the central focus of their business, so that is one of their strong areas. Then their product support is one of the best. The solution is very advanced in terms of comparing their available resources and training to other companies. These resources make it a very complete solution.  

Imperva Security Sphere is something that I recommend any day, anytime because they are very much focused on security as a passion. So you find it has tons of capacity for scalability. It is focused on security. Even the solution's usability is very good.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate this product as a nine scored out of ten possible points.  

Features that I would like to see to make it to ten-out-of-ten means that they will need to add a few things. First, they need to onboard database encryption features. Then they need to add some of the other features which they do not have that other competitors already have. They can do more to offer a broader range of features and be more feature-rich.