OVERVIEW

 

Unrivaled database protection

database firewall unrivaled database protectionYou can’t keep your organization secure if you don’t have control over what’s happening in your database. SecureSphere Database Firewall keeps your organization out of the news with data center security that can see all traffic, reduce exposure of unpatched database servers, and stop advanced targeted attacks. Database Firewall helps you avoid expensive breaches by effectively protecting databases from attacks, data loss, and theft.

SPECIFICATIONS

Database Firewall Specifications

SPECIFICATION DESCRIPTION
Supported Database Platforms
  • Oracle
  • Oracle Exadata
  • Microsoft SQL Server
  • IBM DB2 (on LUW, z/OS and DB2/400)
  • IBM IMS on z/OS
  • IBM Informix
  • IBM Netezza
  • SAP Sybase
  • Teradata
  • Oracle MySQL
  • PostgreSQL
  • Progress OpenEdge
Deployment Modes
  • Network: Non-inline sniffer, transparent bridge
  • Host: Light-weight agents (local or global mode)
  • Agentless collection of 3rd party database audit logs
Performance Overhead
  • Network monitoring – Zero impact on monitored servers
  • Agent based monitoring – 1-3% CPU resources
Centralized Management
  • Web User Interface (HTTP/HTTPS)
  • Command Line Interface (SSH/Console)
Centralized Administration
  • MX Server for centralized management
  • Integrated management option
  • Hierarchical management
Database Audit Details
  • SQL operation (raw or parsed)
  • SQL response (raw or parsed)
  • Database, Schema and Object
  • User name
  • Timestamp
  • Source IP, OS, application
  • Parameters used
  • Stored Procedures
Privileged Activities
  • All privileged activity, DDL and DCL
  • Schema Changes (CREATE, DROP, ALTER)
  • Creation, modification of accounts, roles and privileges (GRANT, REVOKE)
Access to Sensitive Data
  • Successful and Failed SELECTs
  • All data changes
Security Exceptions
  • Failed Logins, Connection Errors, SQL errors
Data Modification
  • INSERTs, UPDATEs, DELETEs (DML activity)
Stored Procedures
  • Creation, Modification, Execution
Triggers
  • Creation and Modification
Tamper-Proof Audit Trail
  • Audit trail stored in a tamper-proof repository
  • Optional encryption or digitally signing of audit data
  • Role based access controls to view audit data (read-only)
  • Real-time visibility of audit data
Fraud Identification
  • Unauthorized activity on sensitive data
  • Abnormal activity hours and source
  • Unexpected user activity
Data Leak Identification
  • Requests for classified data
  • Unauthorized/abnormal data extraction
Database Security
  • Dynamic Profile (White List security)
  • Protocol Validation (SQL and protocol validation)
  • Real-time alerts
Platform Security
  • Operating system intrusion signatures
  • Known and zero-day worm security
Network Security
  • Stateful firewall
  • DoS prevention
Policy Updates
  • Regular Application Defense Center security and compliance updates
Real-Time Event Management and Report distribution
  • SNMP
  • Syslog
  • Email
  • Incident management ticketing integration
  • Custom followed action
  • SecureSphere task workflow
  • Integrated graphical reporting
  • Real-time dashboard
Server Discovery
  • Automated discovery of database servers
Data Discovery and Classification
  • Database servers
  • Financial Information
  • Credit Card Numbers
  • System and Application Credentials
  • Personal Identification Information
  • Custom data types
User Rights Management (add-on option)
  • Audit user rights over database objects
  • Validate excessive rights over sensitive data
  • Identify dormant accounts
  • Track changes to user rights
Vulnerability Assessment
  • Operating System vulnerabilities
  • Database vulnerabilities
  • Configuration flaws
  • Risk scoring and mitigation steps

Key Capabilities

 

REDUCE SECURITY RISK BY SEEING ALL TRAFFIC

You can confidently identify suspicious behavior and perform forensic investigations with SecureSphere, knowing that you have the all the facts. Even with a high volume of database traffic, SecureSphere Database Security solutions operate like a video camera, seeing all relevant activity in real-time. Products that take periodic samples create something more like a snapshot than a video, resulting in security and evidence gaps.


STOP ADVANCED TARGETED ATTACKS

SecureSphere provides a powerful defense against advanced targeted attacks. Conventional defenses like intrusion prevention systems (IPS) and anti-virus (AV) are ineffective against these advanced attacks. Imperva integrates with leading anti-malware solutions to isolate malware-infected devices and prevent them from accessing sensitive data and applications.


PROTECT IN REAL-TIME

Stopping attacks in real-time is the only effective way to prevent hackers from getting to your data. SecureSphere monitors database activity in real-time and analyzes database traffic, looking for attacks at the protocol and OS level, as well as unauthorized SQL activity. For added protection against sophisticated application attacks, SecureSphere offers an integrated Web Application Firewall.


REDUCE YOUR WINDOW OF EXPOSURE TO ATTACKS

Typically, months elapse between when a database vulnerability is discovered and when it can be patched. SecureSphere Database Firewall virtual patching provides immediate protection, preventing vulnerabilities from being exploited. SecureSphere Database Assessment and Database Firewall work together to identify vulnerabilities and automatically build policies that thwart them. Virtual patching buys you time so you can apply actual patches on their own schedule.


REDUCE SECURITY OPERATIONS COSTS

SecureSphere Database Security Dynamic Profiling saves you time by automating user behavior profiling. SecureSphere establishes a baseline of all user activity including: DML, DDL, DCL, read-only activity (SELECTs), and usage of stored procedures. SecureSphere identifies when users perform unexpected queries or violate access policies, and it alerts or blocks the access.