In your effort to collect data access information from your data repositories in order to apply security controls, you don’t have to make the black and white choice to go with agents or an agentless approach. It is important, however, that the tool you choose is right for the job you are doing. In this post, we’ll explain where agents and agentless data collection fit into achieving your data security objectives and why it makes sense to use both, depending on the circumstances.
Start by stating your ultimate goal and work backward from there. You need to be able to collect data access information with as little friction and performance impact as possible. If your organization is like most, your data repositories feature a mix of modern and legacy systems, yet have the same reporting, compliance, and security requirements across all of the systems. You need the ongoing ability to collect data with the least impact on business processes.
Where agents make sense
Where your data repository’s logging facility impacts performance to an unacceptable level – mostly older on-premises, DB2 z/OS and other data repositories, agents offer an alternative native logging process. While this approach does require software installation and maintenance, the impact on the performance of collecting data access logs will be negligible. In these instances, using agents works well.
Where agentless makes sense
In a recent study, 61% of IT professionals surveyed claimed they were either already fully migrated or working to complete their full database migration to the cloud. In dynamic cloud environments, agentless auditing is critical to reduce costs, unlock visibility, and to accelerate the speed of deployment.
Agentless auditing leverages the database’s native auditing functions and (over the years) has evolved to deliver very detailed information to meet audit and security requirements with very low CPU overhead. In cloud-native architectures, the cloud vendor has an API that enables the audit specification and for users to retrieve the log groups from the cloud object stores. When using Imperva agentless auditing, no additional configuration is necessary, it is ready to accept and process all the incoming data.
You should consider agentless in instances where you can natively collect data access logs while making a negligible impact on a data repository’s performance. The advantages are manifold; agentless requires no appliances, no software management and no installation on the database and enables organizations to gain full visibility into their cloud-native data repositories and extend their compliance requirements and database security into cloud-native environments. Agentless auditing also features underlying big data architecture with flexible parsers for diverse and large workloads.
Have agents and agentless in a single solution
Imperva’s flexible options of agent and agentless provide the right tool at the right place regardless of an organization’s mix of new vs. old data repositories and offers the best of both worlds. To learn more, contact an Imperva Solutions Representative.
Try Imperva for Free
Protect your business for 30 days on Imperva.