New Imperva Product Line Secures Databases with Zero Impact on Performance, Stability, and Administration
FOSTER CITY, Calif., Oct. 11, 2005 – Imperva, the leader in data layer security, today announced the SecureSphere™ Database Security Gateway, which monitors and audits database usage in real-time to prevent security breaches. SecureSphere dynamically profiles legitimate user and application activity to automate the creation of database security policies. All database activity is then compared against these policies to identify unauthorized database usage, even sophisticated attacks that elude traditional database, network, and cryptographic security technologies. Unlike host-based solutions, the SecureSphere appliance has zero impact on database performance, stability, and administration.
FFF Enterprises Inc., a leading distributor of plasma products, vaccines, clinical trial drugs and other biopharmaceuticals, is using SecureSphere to secure the databases associated with its Verified Electronic Pedigree™ (VEP) program. VEP’s web-based system allows FFF customers to securely track their products from the manufacturer to FFF to the customer. “The VEP database contains sensitive data and proprietary business information, documenting the integrity of the supply chain,” said Bob Coates, vice president of technology for FFF Enterprises. “SecureSphere enables us to proactively meet current and emerging governmental drug pedigree requirements, protect the database against security breaches, and do so without the operational burden of manually creating and maintaining security policies.”
Automated Security Policy Creation
To eliminate manual security policy creation, SecureSphere examines live database traffic and creates a comprehensive profile of all legitimate database activity. Based on this profile, SecureSphere automatically creates and continually updates role-based security policies for individual users and applications accessing the database. By monitoring database activity for policy violations, SecureSphere can distinguish between normal database transactions and suspicious activity indicative of an attack.
For example, SecureSphere would issue an alert if a sales person, who typically accesses the database for information on his/her accounts, tries to steal data on all the accounts. Similarly, SecureSphere would issue an alert if a database login and password normally used by the ERP application (i.e. SAP) to access the database is stolen and used to extract sensitive customer data.
“Recent breaches at financial, retail, and healthcare institutions demonstrate that traditional database, network, and cryptographic security technologies are insufficient to protect confidential information,” said Shlomo Kramer, CEO of Imperva. “By identifying database usage violations, SecureSphere can defend against any form of internal or external attack, while providing a complete audit trail of all database activity.”
Comprehensive Auditing for Compliance
For organizations that need to comply with regulatory legislation including Sarbanes-Oxley, HIPAA, GLBA, and California’s SB-1386, SecureSphere maintains a complete log of all database activity. Both pre-configured and customized reporting is supported via a pre-installed version of Crystal Reports™ or any ODBC compliant application. SecureSphere maintains and provides comprehensive audit records that range from global trend analysis to individual user behavior tracking.
Advanced Database Protection
The primary drawback to native database security is its reliance on complex table and row level access control. Manually maintaining these policies is untenable as a business grows and the relationships between users, accounts, and roles evolve. The primary drawback to existing 3rd party database security products is their inability to provide insight into the mountain of data they generate. As a result, most 3rd party solutions can only log database activity for audit purposes. Meanwhile, encryption-based technologies are limited to protecting stored, or at rest, data. By comparing database queries to established usage patterns for each user and application, SecureSphere is able to automatically distinguish between harmless variations in normal activity and significant deviations that indicate attack behavior.
Zero Impact on Database
Unlike native database security or 3rd party host-based products, SecureSphere separates security processing from the database and therefore has zero impact on database performance. To meet the needs of the largest organizations, the new SecureSphere G16 appliance delivers 2Gbps of throughput, maintains sub-millisecond packet latency, and protects up to 100 database servers. As a network device, SecureSphere deployment does not require any changes to the database application, database server, or network. In addition, changes or upgrades to database server software require no corresponding changes to SecureSphere.
Pricing and Availability
The SecureSphere™ Database Security Gateway supports Oracle, MS-SQL, Sybase, and IBM DB2 (including DB2 on the mainframe). It will be available on October 24 from Imperva and its business partners worldwide. Pricing starts at $30,000 USD.
About Imperva
Imperva is the leader in application data security and compliance. Leading enterprise and government organizations worldwide rely on Imperva to prevent data theft and abuse, and ensure data integrity. The company’s SecureSphere products provide data governance and protection solutions that monitor, audit and secure business applications and databases. For more information, visit www.imperva.com
# # #
Imperva and SecureSphere are trademarks of Imperva, Inc. All other brand or product names are trademarks or registered trademarks of their respective holders.
Editorial Contact
Marc Gendron
(781) 237-0341
marc@mqpr.net