SecureSphere for Data
Offering flexible multiple deployment options, and available on premise, hybrid, and in the cloud, this product is available for legacy, traditional, Amazon Web Services and Microsoft Azure environments. SecureSphere is also offered as a managed service. SecureSphere for Data offers a centralized console for management to enable global command and control capabilities, automation of data related tasks, and rapid deployment of policies. Deployment and configuration is seamless for data discovery, software and policy distribution and configuration updates. Vulnerabilities are identified and compliance is measured through the SecureSphere Database Assessment tool. Dual Channel monitoring offers security and compliance auditing simultaneously, and prior to policy violations. This solution is proactive, with detailed auditing trails for each transaction.
User rights are automatically reviewed in order to eliminate dormant accounts or excessive user rights, lowering error risk and labor costs. Excellent for handling thousands of databases, the centralized management handles pre-defined policies, Big Data nodes, and workflow remediation without the need for advanced skills or scripting. This offers an excellent solution for separation of duties. User access control is handled through Imperva’s Dynamic Learning Method and Adaptive Normal Behavior Profile technology, which builds a profile for each account and related white listing. Temporary quarantines are available in order to protect data from unauthorized user activity.
Protection is real-time, including blocking. Insider threats can be logged with Imperva CounterBreach, which uses peer group analytics and machine learning to develop full contextual baselines. Integrates well with SIEM (ArcSight, QRadar, and Splunk), third party solutions, and ticketing. Imperva offers a dedicated Splunk App for database security in order to customize feeds to their Splunk dashboard. No Splunk development experience is required.
SecureSphere Database Assessment
Database assets are assessed for risks, in combination with database sensitivity and vulnerability views through the SecureSphere Database Assessment tool. The dashboard offers drill down capabilities in order to prioritize mitigation and reporting. Sensitive data is highlighted with location, including database object, row, and column in order to develop granular policies to streamline auditing, protection, and reporting. Offering over 1500 vulnerability and misconfiguration tests, including industry assessment policies based on CIS, STIG, and DISA. SecureSphere offers policy uses test tags and database groups to reduce the need for customized tests and vulnerability scanning. Known vulnerabilities are updated through Imperva’s Advance Center. Continual protection even when patching is not available, automated quarterly password updates, and an automation API saves time and money, lowering the risk for error.
SecureSphere Agents for Big Data
With lightweight agents and excellent scalability, non-intrusive network monitoring, or a hybrid of both, Imperva SecureSphere offers a large reduction in the costs of competing tools in one package. This solution is available for cloud and on-premise policy enforcement. In addition to protecting legacy systems, this highly scalable SecureSphere solution automates processes, offers customizable reports, and handles audit analysis, forensic investigation, and incident response. This best in class security solution by Imperva applies unified security policies across multiple data repositories in an easy to use interface. Capabilities include optimized data collection and storage, backward compatibility, in-service updates, automated deployment and configuration updates, centralized management and administration, data leak identification, permanent log collection, fraud identification, local server access monitoring, and dual channel monitoring. All types of data stores are monitored, including RDBMS, SharePoint, mainframe, Big Data, files, and Data Warehouses. Distributions supported include MongoDB, Impala, Cloudera, Hortonworks, IBM BigInsights, NoSQL, HDFS, Hadoop Hive, Hbase, and more. Operating Systems supported include Windows, Linux, and Unix, with specialized agents available for DB2, IMS, DB2/400, and z/OS. File coverage includes NAS, Windows, Linux, Unix, and local or global mode. Sharepoint content and database is also covered.
Imperva Camouflage Data Masking
Replacing your sensitive data with realistic fictional data is the goal of Imperva’s Camouflage Masking. Masking is primarily used in non-production systems, data warehouses, testing systems, and deployment systems. Data can leave company control or go out of the country to off-shore or outsourced teams while maintaining protections against theft and compliance requirements.
Phases include Discover, Assess and Classify, Set Policy, Deploy, and Manage and Report. Utilizing an automated process, Discover identifies which data needs to be masked without compromising data utility, including documentation, for sensitive data. Assess and Classify establishes what criteria must be used for data masking, inter-database dependencies, and transformation requirements. Set Policy uses easy-to-use data masking software that is scalable and flexible to handle requirements with varying complexity in order to develop masking schedules and establish change management processes and integrate data masking configurations into the overall data refresh process. Deploy integrates the data masking in non-production environments for executing configurations that were set in the Policy phase. Related options include report automation, pre- and post-run script options, ancillary processes and requirements Manage and Report includes job maintenance, change management, compliance reporting regarding masking techniques and masked database structures, and configuration updating.
User Rights Management
User Rights Management for Databases (URMD) offers an automated access rights review process. This process will help eliminate risks stemming from excessive user rights, and will demonstrate SOX, and PCI compliance with lower labor costs than traditional management solutions. The process is automatic and repeatable, including a workflow framework that supports authorization processes and user rights reviews. User right information is correlated with data sensitivity and relationship information. Dormant accounts are also managed to lower or eliminate breaches.
Application Defense Center Insights
Streamlining security and compliance for SAP, Oracle E-Business Suite, and PeopleSoft is simple through the Application Defense Center Insights solution by Imperva. Separation of duties, rules and reports come out-of-the-box, saving considerable time. 250 templates are provided for reporting for SOX, PCI, HIPAA, and other compliance needs. Designed for ease of use, this product includes automated user behavior profiling, detection of behavioral changes, and customizable policy definitions.