Overview

One of the largest computer technology companies in the world replaced their IBM Guardium deployment with Imperva SecureSphere, to audit and protect their database environment. Switching to SecureSphere reduced operational costs by over 70%, saving the company $1.9M a year in recurring labor and support costs.

This level of ongoing cost savings was a huge win for the company that operates with razor-thin margins, in a price-competitive industry. In addition to operating margin pressure, this Fortune 500 company had to address SOX and PCI-DSS regulations, on a global scale. The company’s over 100,000 employees developed, manufactured, and serviced the company’s products worldwide.

Business Problem

For years, the company tried to expand their IBM Guardium deployment beyond the 500 databases it covered, but was hindered by the overwhelming amount of labor required. This meant that some critical databases could not be monitored, which introduced compliance and security risks the company deemed unacceptable.

The high labor cost was mainly due to Guardium’s architecture deficiencies, which required a large number of virtual appliances, to cover the company’s 500 databases. The volume of virtual appliances made the deployment complicated and costly to operate. Furthermore, Guardium’s integration with the company’s Remedy change ticketing and workflow system was cumbersome, and presented many challenges.

A huge amount of manual labor was associated with vetting false positives around Remedy change tickets; copying and pasting ticket events into emails to database administrators; and reconciling administrator responses with the events in question. The Guardium deficiencies ultimately required the company to employ a large number of full time staff, to manage the Guardium virtual server farm, and to compensate for the awkward Remedy integration. These factors, combined with Guardium’s support renewal costs, forced the company to evaluate other vendors.

Reducing Operational Costs by Over 70%

The biggest operational cost component with Guardium was the support renewal price. In fact, by eliminating the IBM Guardium renewal fee alone, the company saved enough to justify the switch to SecureSphere. After making the switch, the company realized that their labor cost dropped by over 50% compared with the Guardium deployment. A huge component of this savings was the reduction in the number of virtual appliances used by the auditing solution. Guardium required 135 virtual appliances to monitor 500 of the company’s databases.

SecureSphere can monitor 1,050 of the company’s databases with just 65 virtual appliances. This reduction in virtual appliances translated into half as much database auditing infrastructure for the company to manage. Furthermore, with SecureSphere, this company was able to convert a primarily manual change ticketing process into a streamlined automated workflow, by integrating with their remedy ticketing system. Due to the increased operational efficiency with SecureSphere over Guardim, the original team of five full time employees audits twice as many databases.

Because SecureSphere is easy to deploy, the company replaced the Guardium installation with SecureSphere very quickly. It took just 60 days to roll out SecureSphere to the 500 databases that Guardium had been monitoring. Following the success of the initial deployment, the company decided to expand the SecureSphere roll out to a total of 1,050 databases. Cost Saving Analysis The table below compares the operational cost of Guardium and SecureSphere on a yearly basis. The annual operational cost per database with Guardium was $2,710. SecureSphere cut the annual cost by 72%, to $744 per database. Yearly operational cost savings for this company was approximately $1.9M for the 1,050 database environment. The operational cost savings enabled the company to compete much more effectively in their industry, which hsas very thin profit margins.