Call a Specialist Today! 800-886-5369

Big Data Security

 

Overview:

Unequaled adaptability and efficiency

database security agents

With Imperva SecureSphere, you don’t have to worry about “agent versus network” deployment choices. Competing solutions force you to choose between the two. However, IT environments often require both options because of network or server constraints. SecureSphere offers non-intrusive network monitoring appliances, lightweight agents, or a hybrid mix of the two. SecureSphere dramatically reduces the hidden hardware and software costs associated with competing products and built-in auditing tools because SecureSphere agents are highly efficient and easy to deploy and manage.

Imperva SecureSphere Agent for Big Data is the industry solution for Big Data. Imperva best practice for Big Data helps you complete your audits faster with fewer violations. Big Data deployments are difficult for legacy solutions to protect because of the security challenges associated with the highly distributed architectures. Most Big Data auditing solutions were not built to scale with the high volume, velocity and variety of sensitive data stored within Big Data environments. This is where the uniquely scalable and cost-efficient SecureSphere can help you efficiently demonstrate protection and compliance through automated processes, audit analysis, and customizable reports across Big Data deployments. In addition, SecureSphere Agent for Big Data accelerates security and compliance incident response and forensic investigation with centralized management and advanced drill-through analytics.

SecureSphere Agent for Big Data is an integral part of the unique Imperva cyber security vision of protecting applications, as well as data across all repositories, including structured, semi-structured, unstructured, and cloud. Unified policies can be applied across different data repositories, with a common easy-to-use interface.

Big data security product

Features:

Best in Class Protection and Audit

  • Monitor all types of data stores: Big Data, Data Warehouses, Files, RDBMS, and SharePoint
  • Dual channel monitoring for compliance and security purposes
  • Monitor local server access
  • Fraud identification
  • Data leak identification
  • Permanently collect and log only activities needed for governance and compliance
  • Optimized data collection
  • Centralized management and administration
  • Automate deployment and configuration updates
  • Regular in-service updates
  • Backward compatibility

Enterprise Scale Benefits

  • Protect more, audit more: consistent policy enforcement across multiple data store types
  • Faster deployment: centralized management with API for automation
  • Predictable planning: consistent database/gateway sizing
  • Better performance: unmatched scalability through highly efficient monitoring and audit logging technology
  • Less down time: in-service updates and upgrades reduce the number of restarts and audit gaps
  • Enterprise friendly: backward compatibility eliminates requirement for “mass upgrade”
  • Reduced time and resource requirements: automation and built in subject matter expertise, reduce requirements for DBA’s, professional services, and manual or custom built processes

Coverage Across Critical Systems

  • SecureSphere supports leading distributions from Cloudera, Hortonworks, IBM BigInsights and MongoDB. With service support for NoSQL; Hadoop Hive, HDFS and Hbase with more agents being added, check with your Imperva representative for a complete list
  • Monitor all major databases on Unix, Linux and Windows systems
  • Specialized agents are available for monitoring DB2 and IMS on z/OS mainframes and for DB2/400 on iSeries platforms
  • File Coverage: local or global mode, Unix, Linux, NAS, and Windows systems
  • SharePoint content and database

Database Firewall and Database Activity Monitor Specifications:

Specification Description
Supported Database Platforms
  • Oracle
  • Oracle Exadata
  • Microsoft SQL Server
  • IBM DB2 (on LUW, z/OS and >DB2/400)
  • IBM IMS on z/OS
  • IBM Informix
  • IBM Netezza
  • SAP Sybase
  • Teradata
  • Oracle MySQL
  • PostgreSQL
  • Progress OpenEdge
Deployment Modes
  • Network: Non-inline sniffer , transparent bridge
  • Host: Optional light-weight agents (local or global mode)
  • Agentless collection of database audit logs
Performance Overhead
  • Network monitoring – Zero impact on monitored servers
  • Agent based monitoring – 1-3% CPU resources
Centralized Management
  • MX Server for centralized management
  • Integrated management option
  • Hierarchical management
Database Audit
  • SQL operation (raw or parsed)
  • SQL response (raw or parsed)
  • Database, Schema and Object
  • User name
  • Timestamp
  • Source IP, OS, application
  • Parameters used
  • Stored Procedures
Privileged Activities
  • All privileged activity, DDL and DCL:
  • Schema Changes (CREATE, DROP, ALTER)
  • Creation, modification of accounts, roles and privileges (GRANT, REVOKE)
Access to Sensitive
  • Successful and Failed SELECTs
  • All data changes
Security Exceptions
  • Failed Logins, Connection Errors, SQL errors
Data Modification
  • INSERTs, UPDATEs, DELETEs (DML activity)
Stored Procedures
  • Creation, Modification, Execution
Triggers
  • Creation and Modification
Tamper-Proof Audit Trail
  • Audit trail stored in a tamper-proof repository
  • Optional encryption or digitally signing of audit data
  • Role based access controls to view audit data (read-only)
  • Real-time visibility of audit data
Fraud Identification
  • Unauthorized activity on sensitive data
  • Abnormal activity hours and source
  • Unexpected user activity
Data Leak Identification
  • Requests for classified data
  • Unauthorized/abnormal data extraction
Database Security
  • Dynamic Profile (White List security)
  • Protocol Validation (SQL and protocol validation)
  • Real-time alerts
Platform Security
  • Operating system intrusion signatures
  • Known and zero-day worm security
Network Security
  • Stateful firewall
  • DoS prevention
Policy Updates
  • Regular Application Defense Center security and compliance updates
Real-Time Event Management and Report distribution
  • SNMP
  • Syslog
  • Email
  • Incident management ticketing integration
  • Custom followed action
  • SecureSphere task workflow
  • Integrated graphical reporting
  • Real-time dashboard
Server Discovery
  • Automated discovery of database servers
Data Discovery and Classification
  • Database servers
  • Financial Information
  • Credit Card Numbers
  • System and Application Credentials
  • Personal Identification Information
  • Custom data types
User Rights Management
(add-on option)
  • Audit user rights over database objects
  • Validate excessive rights over sensitive data
  • Identify dormant accounts
  • Track changes to user rights
Vulnerability Assessment
  • Operating System vulnerabilities
  • Database vulnerabilities
  • Configuration flaws
  • Risk scoring and mitigation steps

Documentation:

Download the SecureSphere Data Security Datasheet (PDF).