We changed our name from IT Central Station: Here's why

Imperva SecureSphere Database Security OverviewUNIXBusinessApplication

Imperva SecureSphere Database Security is #2 ranked solution in top Database Security tools. PeerSpot users give Imperva SecureSphere Database Security an average rating of 8 out of 10. Imperva SecureSphere Database Security is most commonly compared to IBM Guardium Data Protection: Imperva SecureSphere Database Security vs IBM Guardium Data Protection. The top industry researching this solution are professionals from a computer software company, accounting for 27% of all views.
What is Imperva SecureSphere Database Security?

Imperva SecureSphere Database Security:

  • Audits all access to sensitive data.
  • Alerts or blocks database attacks and unauthorized activities, in real time.
  • Detects and virtually patches database vulnerabilities.
  • Identifies excessive user rights and dormant users, and enables a complete rights review cycle.
  • Accelerates incident response and forensics investigations with advanced analytics.
Imperva SecureSphere Database Security Buyer's Guide

Download the Imperva SecureSphere Database Security Buyer's Guide including reviews and more. Updated: January 2022

Imperva SecureSphere Database Security Customers

BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens

Imperva SecureSphere Database Security Video

Imperva SecureSphere Database Security Pricing Advice

What users are saying about Imperva SecureSphere Database Security pricing:
  • "They have introduced new price models, which makes the product more affordable now."
  • "It is quite expensive. We wanted it in my former organization, but the price was very high. So, we couldn't purchase it. I moved to a different organization, and this organization has purchased it."
  • "This is an expensive solution and the price should be reduced."
  • "The price is very high but compared to the price of the overall solution, then I think it's a good deal because the solution itself is great."
  • Imperva SecureSphere Database Security Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Derrick Akankwasa
    Cyber Security Engineer at Isolutions Associates Ltd (ISOLS)
    Real User
    Top 20
    Great discovery module feature; scans and blocks whatever is necessary
    Pros and Cons
    • "The discovery module provides good visibility."
    • "Reporting could be improved."

    What is our primary use case?

    Most of our clients are banks and insurance and financial institutions that want to achieve compliance. They want to achieve auditing for their regulatory compliances as well. On the database side, that includes being able to monitor DBS and to block certain activities on the DVF. On the application side, it also has to be preventative and that's also part of compliance. This solution enables clients to achieve data security, whether on cloud or on prem. We offer support services and we are a service provider for database security through Imperva and also application security through Imperva to our clients. I'm a cyber security engineer and we are gold partners of SecureSphere DS. 

    What is most valuable?

    I would say the discovery module is the most valuable feature as it provides good visibility of the database environment to particular sites. It scans the entire front of the environment to detect any new databases found just to make sure there are not any malicious things going on. I think it's a very powerful tool in that sense. It also helps that the solution is able to block queries that are able to be run by given database administrators on databases and manages user rights. 

    What needs improvement?

    I've been part of various projects and also interact with clients because I do pre-sales. Most of the feedback I receive relates to clients wanting to see an improvement in the reporting. They like the ability and functionality of the solution but they feel the reporting is lacking. The general feeling is also that the GUI has been the same for a very long time and there is room for improvement there. It could look a little better and then if the reports are also improved that would make a big difference all round. 

    From a basic implementation point of view, there are some features that are very technical, clients want everything very granular and they always say Imperva bundles everything. You do a signature, and ABC updates and you trust what the ABC is doing. I think if it were a little more granular and detailed in terms of how, for example, a query stream is being detected or something like that, rather than just blocking something, it would give the administrator a better view and understanding of what's happening. 

    For how long have I used the solution?

    I've been using this solution for almost a year. 

    What do I think about the stability of the solution?

    The physical appliances are always very stable. In terms of CPU usage, things like the gateway load, payway load, they come with a little bit more capacity on that front. I think the issue always comes with the virtual appliances where you may run out of space, or maybe there are new versions of whichever hypervisor you are running that could change and maybe affect the virtual machines running on top. On the physical side, there's never an issue, it's stable. 

    What do I think about the scalability of the solution?

    Database security is highly scalable because depending on the number of sites available, you're able to assume that you have the running agent. You can then access the IP for the gateway, you can log in your logs which are managed by the NX, so it's all fine. It's highly scalable for the database. I think even if you have branches all over the country, you can manage them centrally where you have agents monitoring whichever database is allocated to whichever site. We have deployed over 60 projects all over East Africa. I currently handle four, which are two application and two database.

    How are customer service and technical support?

    Their technical support is good and the response is guaranteed until the problem is solved. I think when it comes to response time, it's always very quick. Maybe just one simple criticism would be that it's very hard to get a remote station with them and everything is always email and sending logs. I'd like to see more hands-on and direct contact with the environment. 

    How was the initial setup?

    Complexity really depends on the client's environment, but I would say the initial set up for basic deployment of the components should take roughly six working days. It has to be integrated with everything. Installing links to all the other databases could take maybe another 10 work days, so around two weeks. I do the deployment. 

    What's my experience with pricing, setup cost, and licensing?

    Customers are very, very satisfied with the licensing costs and there's not really anyone that competes with Imperva so the clients are very happy. Their requirements are covered. 

    What other advice do I have?

    I would definitely recommend Imperva. I swear on it and try to pitch Imperva every time. I know its abilities, I know what you're going to get. I know how user friendly it is. It's easy to create policies. Reports are very okay. It's got various compatibilities, desk deployment, so Imperva is what I would recommend. 

    I would rate this solution a nine out of 10. 

    Disclosure: My company has a business relationship with this vendor other than being a customer: partner
    Core Banking Application Support at a financial services firm with 10,001+ employees
    Real User
    Top 20
    Good granular auditing, but have had issues with the WAF and do not find it user friendly
    Pros and Cons
    • "Currently, we have audit features for auditing databases, for example, granular auditing, which we really enjoy. We've been using it to check what users do."
    • "The solution is expensive."

    What is our primary use case?

    We primarily use the solution for monitoring database activities.

    What is most valuable?

    Currently, we have audit features for auditing databases, for example, granular auditing, which we really enjoy. We've been using it to check what users do. 

    Apart from the WAF, which we've had issues with, every other feature we've been able to use very well. We use it for scanning databases, which is perfect. We need to run vulnerabilities counts as well, and this solution is great for that.

    What needs improvement?

    The feature right now that we have not been able to use successfully is the firewall aspect, the WAF.

    In terms of the WAF, we tried their blocking functionality at some point, and our entire company came to a halt due to the fact that it was blocking even database connections. It was hanging our databases. Until now, we've not been able to fully use their database blocking functionality very well. That is the only aspect that I wish could be improved tomorrow.

    The entire system is not user-friendly for me, and definitely not as user-friendly as Oracle Vault. It should be more user-friendly, to make it much more competitive in the space. 

    The technical support is not offered by the company itself. Rather, you can only get technical support via partners. It isn't that good and because of this, we want to leave the product.

    The solution is expensive.

    If we can look at a system that can do 360 annual. There is an app call bridge that is something they've introduced, however, we don't have that yet. I don't know if that is able to do application monitoring as well, but I wish they had a feature that could do both the database and application monitoring.

    For how long have I used the solution?

    I've been using the solution for about four to five years now.

    What do I think about the stability of the solution?

    The stability is okay. I don't recall any kind of bug or glitch. It doesn't freeze or crash. Aside from issues with WAF, it's good.

    What do I think about the scalability of the solution?

    The scalability is fine for our purposes. We are able to modify the product, and we are able to do things to suit what we need, so it's okay for us. If I were to rate them out of ten on scalability, I'd give them a six.

    How are customer service and technical support?

    One of the reasons we want to leave this solution is the fact that we don't have any technical support whatsoever. If there was some on offer, it might convince us to stay. Technical support is typically handled by partners, and they do not do a good job. We've been trying to reach the parent company directly because we are unsatisfied with the level of service we've received and we've had no luck. Therefore, we'll probably leave the service altogether.

    What's my experience with pricing, setup cost, and licensing?

    The solution is pretty pricey. It's not the least expensive option. An organization will have to ensure they have the budget to cover the cost or having the product. I'd say that the amount of money they charge is unreasonable sometimes. If I were to rate them out of ten on pricing, I would give them a one.

    Which other solutions did I evaluate?

    We're currently looking to move away from Imperva. We're considering Audit Vault.

    What other advice do I have?

    The solution is okay, however, there is a lot to be improved upon. For that reason, I'd rate them five out of ten overall.

    It's not a bad tool. It's a good tool. I tend to recommend it to others, however, if you're a small company, it may not make sense due to the fact that it is quite expensive.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: partner
    Learn what your peers think about Imperva SecureSphere Database Security. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
    563,208 professionals have used our research since 2012.
    Technical Account Manager at a tech services company with 201-500 employees
    Reseller
    Top 5Leaderboard
    The company's focus on their market sector makes them stand out from the competition
    Pros and Cons
    • "The technical support for Imperva is super, super, super."
    • "They have very good documentation and knowledgebase resources that add to the depth of their support."
    • "The company focuses on and has a passion for security."
    • "Imperva needs to improve their cloud capabilities."

    What is our primary use case?

    We primarily use the product for data security.  

    What is most valuable?

    The feature that I have found the most valuable is the firewall component.  

    What needs improvement?

    What I would like to see improved is Imperva making further development in terms of them going to the Cloud. Our business is moving to the cloud, so we want to have cloud availability as an option. Imperva can do the cloud database, but they are still working at building it out and it does not seem to me to be fully operational.  

    For how long have I used the solution?

    We have been using Imperva for a little bit more than six years.  

    What do I think about the stability of the solution?

    We are experiencing good stability with this product. We have not had any crashes and no major problems navigating its management.  

    What do I think about the scalability of the solution?

    I think that SecureSphere is very scalable. Across our whole company, everyone is using it. We are 50 people. Right now at this size, we only require two people for maintenance.   

    How are customer service and technical support?

    The technical support for Imperva is super, super, super. They have a very experienced support team. They can diagnose all of our issues and are always very fast. They have very good documentation and knowledgebase resources that add to the depth of their support.  

    Which solution did I use previously and why did I switch?

    I have previously used McAfee as a similar solution. We decided to switch because McAfee is a little bit tricky to get to work the way it should work. I had experience with their version 6.4 solution and it used a lot of resources and had too much overhead.  

    How was the initial setup?

    The initial setup is moderately difficult. You have to understand the database and how the database communicates and also some knowledge about the platform. For example, if you have got the Unix environment you have got to understand how to work with that together with the product.  

    What's my experience with pricing, setup cost, and licensing?

    Initially, SecureSphere was expensive but they have incentives on their packages now. They have introduced new price models, which makes the product more affordable now. It is now at a pricing level in the range where most people are looking for this type of solution.  

    Which other solutions did I evaluate?

    Before choosing Imperva, we did evaluate other options including IBM Guardian Data Protect and also Oracle Audit Vault. In the end, we finally made the choice to go with Imperva first of all because they are a company that is very much into digital security. Security is the central focus of their business, so that is one of their strong areas. Then their product support is one of the best. The solution is very advanced in terms of comparing their available resources and training to other companies. These resources make it a very complete solution.  

    What other advice do I have?

    Imperva Security Sphere is something that I recommend any day, anytime because they are very much focused on security as a passion. So you find it has tons of capacity for scalability. It is focused on security. Even the solution's usability is very good.  

    On a scale from one to ten (where one is the worst and ten is the best), I would rate this product as a nine scored out of ten possible points.  

    Features that I would like to see to make it to ten-out-of-ten means that they will need to add a few things. First, they need to onboard database encryption features. Then they need to add some of the other features which they do not have that other competitors already have. They can do more to offer a broader range of features and be more feature-rich.  

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: partner
    Senior Database Administrator at a financial services firm with 1,001-5,000 employees
    Real User
    Top 20
    Brings segregation of duties, provides continuous monitoring, and is easy to deploy
    Pros and Cons
    • "The beauty of it is that it provides segregation of duties. Typically, in the traditional environment, DBAs administer the database, and they have too much access. We are in the process of implementing other Oracle solutions, and it brings some kind of segregation. Just because someone is a DBA does not mean that he or she should have access to all of the data. Some of the data can be masked so that privacy and security are enhanced, especially when it is customer data for an institution like a bank."
    • "It is quite expensive. I would prefer a lower price."

    What is our primary use case?

    We use it for database activity monitoring. We use it to monitor all the traffic that comes to the database to know about the operations that are happening on the database. 

    At the moment, it is on-premises, but we eventually would like to go to the cloud.

    How has it helped my organization?

    It serves as a way and means to see if any unauthorized person is trying to access the database. It helps to implement specific rules to ensure that only authenticated people have access to the database.

    What is most valuable?

    The beauty of it is that it provides segregation of duties. Typically, in the traditional environment, DBAs administer the database, and they have too much access. We are in the process of implementing other Oracle solutions, and it brings some kind of segregation. Just because someone is a DBA does not mean that he or she should have access to all of the data. Some of the data can be masked so that privacy and security are enhanced, especially when it is customer data for an institution like a bank.

    What needs improvement?

    It is quite expensive. I would prefer a lower price. 

    In terms of features, I started using it this month. I need more time to explore it.

    For how long have I used the solution?

    It has not been long. We implemented it this month. 

    What do I think about the stability of the solution?

    We are currently doing a PoC, and there are a few issues that we are trying to resolve. When all of those issues are sorted out, we can start measuring the stability of the solution.

    What do I think about the scalability of the solution?

    We haven't scaled it yet.

    How are customer service and support?

    We are working with their technical support. They have been good so far.

    How was the initial setup?

    It is straightforward, but it depends on the organizational policies and rules in terms of the infrastructure. For example, when you deploy it in an environment like Oracle, it is probably fine, but in other environments like Cisco, there could be some issues that you have to troubleshoot. It is more of an infrastructural or environmental issue.

    We started with the PoC. It was implemented within two days. We are now doing monitoring to ensure everything is still fine.

    What's my experience with pricing, setup cost, and licensing?

    It is quite expensive. We wanted it in my former organization, but the price was very high. So, we couldn't purchase it. I moved to a different organization, and this organization has purchased it.

    What other advice do I have?

    It is a fantastic solution. It is very good, but the only issue is that if you don't have enough money, you cannot use this solution.

    I would rate it an eight out of 10 for now. After exploring it more, I might rate it higher.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Security Engineer at a comms service provider with 5,001-10,000 employees
    Real User
    Top 20
    A solid product with good pricing and a simple initial setup
    Pros and Cons
    • "The initial setup is very simple."
    • "The updates could be better."

    What is our primary use case?

    We primarily use the solution for auditing purposes so collecting and archiving of logs.

    What is most valuable?

    The solution is very good for auditing purposes, including collecting and archiving logs. 

    We appreciate that we can use it on the DB server without harming the performance of the database is fantastic. It doesn't feel like it's lagging.

    The initial setup is very simple. 

    Overall it's a solid product.

    The pricing is okay.

    What needs improvement?

    The support could be improved.

    The product needs to perform better in extremely busy databases. It does not do really well where the DB is extremely, extremely busy. 

    The updates could be better.

    The UI can be improved. 

    The ability to narrow down to the right environment could be helpful. They need to allow users to find an easy way to drill down to what's important.

    For how long have I used the solution?

    I've been using the solution for three years now. 

    What do I think about the stability of the solution?

    The solution is solid. The stability is good.

    What do I think about the scalability of the solution?

    The scalability is okay. However, if you're going to set up a redundancy, it needs to be in the same data center, as the manager that manages the entire system needs to share the data, and therefore they need to basically work in the area where they have direct connectivity between the sites. In our case, we have multiple data centers, and we distribute the connectivity and we can't achieve that. 

    The solution's scalability isn't based on users. Even if you have one person using it, you might have 300 databases. It's not about the number of users, it's the number of databases.

    How are customer service and support?

    The support isn't as good as it could be. We are not quite satisfied with it.

    Which solution did I use previously and why did I switch?

    We previously used Oracle.

    How was the initial setup?

    The solution is very simple and straightforward. It's not too difficult or complex. 

    What's my experience with pricing, setup cost, and licensing?

    The solution isn't crazy-expensive. It's reasonable. 

    We pay for the solution on a monthly basis.

    What other advice do I have?

    I'm a customer and an end-user.

    I'd recommend the solution to others. It's a very solid product. 

    I'd rate the solution at an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Information Security Analyst at a financial services firm with 501-1,000 employees
    Real User
    CounterBreach detection feature is a key benefit for us; management of the solution can be a challenge
    Pros and Cons
    • "The integration with CounterBreach is great."
    • "Database security from the access management perspective could be better."

    What is our primary use case?

    Our use case for the solution is for monitoring, reporting and access management as well as looking for alerts in anomalies of behavior. I'm an information security analyst and we're a customer of Imperva. 

    What is most valuable?

    The integration with CounterBreach, which is the anomalous behavior detection feature, is the coolest thing and it's quite user friendly as far as the console goes. 

    What needs improvement?

    I think the biggest challenge with their product is the management of it. Not that it needs a lot of engineering, but it requires a lot of upkeep and deployment of a lot of servers that require regular updating. If you want to make any changes it's a lot of work to get things moving. I personally find it quite difficult to work with in that regard.

    The product would be better with improvement to the database security from the access management perspective. A lot of it falls into content on the database and is difficult to retrieve. Also, looking into databases themselves, table sets and data sets and being able to retrieve that information.

    For how long have I used the solution?

    I've been using this solution for a couple of months. 

    What do I think about the stability of the solution?

    I think it's a pretty stable product, but there's a lot you need to know about it. It's not like most fast products that you can just log in and get a feel for. You have to really get an understanding of how it was set up and the policies that are in place on it. 

    How are customer service and technical support?

    The technical support is all right. They're not great, they're not terrible.

    What other advice do I have?

    I would recommend including the entire team on the initial implementation because it's something that's not easy to pass along down the road. There's a lot to understand initially, and to upkeep it you have to know all that information.

    I would rate this solution a seven out of 10. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Deputy Director/IT Infrastructure & Security at a educational organization with 1,001-5,000 employees
    Real User
    Top 20
    Good in terms of stability, but it is expensive and would benefit from better integration with other environments
    Pros and Cons
    • "This is a stable product."
    • "I would like to see integration such that there is support for different kinds of environments, such as on-premises versus cloud."

    What is our primary use case?

    Our primary use for this product is as an application firewall.

    What needs improvement?

    The system reports vulnerabilities in my vulnerability assessment, but I need something to generate warning messages.

    I would like to see integration such that there is support for different kinds of environments, such as on-premises versus cloud.

    For how long have I used the solution?

    We have been using Imperva SecureSphere Database Security for more than five years.

    What do I think about the stability of the solution?

    This is a stable product.

    What do I think about the scalability of the solution?

    We are not concerned with scalability because we do not have the need.

    How are customer service and technical support?

    We don't speak directly with the vendor. We only call the managed solution provider.

    Which solution did I use previously and why did I switch?

    We did not use another similar product prior to this one.

    What about the implementation team?

    This is a managed service, so I did not handle the installation.

    What's my experience with pricing, setup cost, and licensing?

    This is an expensive solution and the price should be reduced.

    What other advice do I have?

    We may or may not continue using this product in the future, and I may recommend it to others, depending on their environment.

    I would rate this solution a six out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Presales Engineer at gwc networks
    Real User
    A comprehensive monitoring and auditing solution
    Pros and Cons
    • "It has a very user-friendly interface that's very detailed."
    • "Overall, it's a very good product but they could do with some modifications log-wise."

    What is most valuable?

    It has a very user-friendly interface that's very detailed. 

    What needs improvement?

    Overall, it's a very good product but they could do with some modifications log-wise — it should be more comprehensive. Otherwise, 95% of the product is very good.

    The interface could be more user-friendly.

    For how long have I used the solution?

    We have been using this solution for roughly two to three years.

    What do I think about the scalability of the solution?

    Imperva SecureSphere Database Security is both completely scalable and stable.

    How are customer service and technical support?

    I don't have much experience with technical support, but when I have spoken with them, they have been helpful.

    How was the initial setup?

    The initial setup was very straightforward; not complex at all.

    Deployment time varies, but in terms of implementation, it's a very good product. There is no hectic environment during the implementation. It is a very straightforward implementation.

    What's my experience with pricing, setup cost, and licensing?

    The price is very high but compared to the price of the overall solution, then I think it's a good deal because the solution itself is great.

    What other advice do I have?

    I would highly recommend this solution. It's a very expensive solution, but if you have the budget for it, I would definitely recommend Imperva Database Security.

    On a scale from one to ten, I would give Imperva Database Security a rating of nine.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Product Categories
    Database Security
    Buyer's Guide
    Download our free Imperva SecureSphere Database Security Report and get advice and tips from experienced pros sharing their opinions.