This content is part of the Buyer's Guide: Database security products: A buyer's guide
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Imperva SecureSphere: Database security tool overview

Expert Ed Tittel examines Imperva SecureSphere Database Activity Monitoring and Database Assessment, products that are deployed as an inline bridge or as a lightweight agent to assess and monitor local database access.

Imperva Inc. specializes in cybersecurity products for data centers located on-premises or in the cloud. The Imperva SecureSphere platform includes database activity monitoring and a database firewall, database assessments and big data security products designed to protect databases, files and Web applications in physical and virtual environments.

Although they are two separate products, Imperva SecureSphere Database Activity Monitoring and Database Assessment can be to include database activity monitoring (DAM) functionality to act as a single product.

SecureSphere Database Activity Monitoring product features

Imperva SecureSphere Database Activity Monitoring is a combination appliance and software product that can be deployed non-inline, as an inline bridge, or as a lightweight agent to monitor local database access.

SecureSphere comes with predefined security policies that work with the monitoring system to alert administrators of possible malicious activity in real time. Dynamic Profiling technology (patent pending) creates a baseline of normal user access patterns to data and issues alerts when deviations are detected. Users who don't follow access policies or who perform unauthorized requests are blocked or quarantined.

Predefined audit policies are configured for PCI DSS, Health Insurance Portability and Accountability Act and Sarbanes-Oxley Act.

The Web-based interface is highly user friendly. Imperva does a great job displaying information concisely as well as making most frequently used commands available in one or two clicks. For example, the security alerts screen shows a table of violations that include time, date, database user, query, database response and a description of the violation -- all in one screen.

Imperva SecureSphere supports a wide range of databases, including Oracle, Microsoft SQL Server, MySQL, Sybase, IBM DB2, IBM IMS, IBM Informix, IBM Netezza, MongoDB, PostgreSQL, Progress OpenEdge and Teradata.

SecureSphere Database Assessment product features

Imperva SecureSphere Database Assessment includes database discovery, vulnerability assessment, configuration management and data classification. The assessment scans for over 1,000 vulnerabilities and flaws using DISA STIGs and CIS standards as benchmarks. The resulting reports include details on vulnerabilities as well as remediation recommendations, and flags configurations that don't conform to standards.

The user rights management feature lets an administrator see at a glance which users have excessive privileges, who has access to sensitive data, and when a user last used an object.

Pricing and licensing

Imperva licenses SecureSphere Database Activity Monitoring by database transaction volume, so price varies based on the environment. In this licensing model, a single license can audit and monitor an unlimited number of database servers and databases.

The platform requires a virtual or hardware appliance and management server. Lower-end hardware appliances cost about $30,000, and the price climbs to over $85,000 for higher-end appliances.

Prospective customers must contact an Imperva sales representative for specific pricing and licensing for SecureSphere products.


Imperva offers Standard, Enhanced and Premium support packages. All support plans include access to the Imperva self-service support portal, software updates (major and minor) and hardware warranties.

The Standard package includes phone support during business hours; support engineers are available by phone 24x7x365 in the Enhanced and Premium plans. Customers can engage a Designated Support Engineer for an additional cost.

Imperva supports its software products for two major versions, at a minimum. Customers are encouraged to upgrade to a supported version before support is no longer available. Equipment support extends for several years from date of initial hardware released.

Next Steps

Part one of this series examines the basics of database security in the enterprise

Part two of this series looks at enterprise deployment scenarios for database security tools

Part three of this series offers nine steps for purchasing database security software

Part four of this series compares the top database security tools in the industry

This was last published in October 2015

Dig Deeper on Database Security Management-Enterprise Data Protection

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Has your company ever used or tested Imperva SecureSphere for database security?
Yes my company is using Imperva product for DB audit but we are facing many issues on this we have configure and implement imperva agents as per the guided by imperva supports.
Facing issue :
1- Impacting DB performance and instance performance.
2-Audit reports are every time failed with out error and some time configured schedule job completed with out attachments. its not showing any  error or warning.
3- its not clear where we can check why this job is failed what is cause for this.

Please advice if you have any solution on this at our environments we implements imperva for 170 production hosts including all hosts (Oracle ,SQL,Sybase).

I need to urgently fix this issue few of the host job are getting failed regularly.