Protecting Enterprises From Ever-Changing Data Threats3:00 PM EST Fri. Nov. 11, 2005
IT security is quickly becoming more specialized. Solution providers are finding that protecting the enterprise reaches beyond general practices and all-in-one security solutions; effective protection now comes in the form of a specialized layered approach.
This layered approach is growing increasingly more crucial when it comes to protecting database engines, namely Microsoft SQL Server, Oracle, Sybase and IBM’s DB2. These databases house many types of critical and proprietary company data and are targets for constant attack—whether it is from identity theft, credit fraud or legislative requirements.
Foster City, Calif.-based Imperva aims to help solution providers protect critical databases with SecureSphere Database Security Gateway, an appliance designed to prevent theft and attacks on data. Security professionals are encountering new attacks on a daily basis, which turn out to be multitiered threats that the typical firewall or security appliance is not able to combat.
The SecureSphere appliance accomplishes several lofty goals. The primary focus of the unit is to provide assessment, auditing and protection of enterprise databases from the all-too-common SQL injection attacks (a process where a hacker attempts to force SQL code into a logon session to trick a database into revealing secure information, such as user passwords, credit-card numbers or even Social Security numbers). Second, the product normalizes traffic to validate attachments to databases. In other words, the system learns who should be doing what from where and enforces policies when the access falls out of norms. Most importantly, the product has little or no impact on network throughput, allowing high-speed access to databases to continue without introducing any latency.
All of the technology is in a rack-mounted device that houses the processing and detection capabilities of Imperva’s product. Installers can choose to place the unit inline (directly in the path of network traffic) or offline as a network sniffer. Regardless of the deployment chosen, no changes in infrastructure are required. The SecureSphere appliance appears transparent to the network and boasts throughput speeds of 2 Gbps and latency of under 1 millisecond. That speed roughly translates to over 16,000 SQL requests per second.
At any point in time, administrators can access the unit’s management console to tweak any settings or modify the included or automatically created policies. The management console is browser-based and offers a concise view of all features. A dashboard component reports realtime statistics, while integrated reporting offers historical and access reports. Those reports can be a key factor for determining compliance, ROI and overall effectiveness of the unit. An opportunity exists for solution providers to offer clients report generation and analysis as an option, available at an extra charge.
Solution providers will find the unit’s security prowess extends beyond databases—an integrated intrusion-prevention system offers broad protection across multiple protocols against both known infrastructure attacks and zero-day attacks. SecureSphere DSG also employs an SPI firewall that applies network-layer access control to traffic flowing in and out of protected data center network segments.
At first, Imperva’s channel program seems rather flat, limited to a single tier. Imperva bundles all of its partners into a partnership level referred to as Top Tier. Partners can expect margins ranging from 15 percent to 30 percent but must meet some minimum training requirements. Imperva offers free training to interested partners, but does recommend the purchase of discounted demo units. Partners are entitled to lead-generation programs, along with pre- and post-sales support. Imperva’s channel program covers the company’s complete product line, which is broken down into the SecureSphere Database Security Gateway and the SecureSphere Web Application Firewall. Both families are targeted at solving a specific customer problem, but they are fully technology-compatible and can be seamlessly managed via the SecureSphere MX Management Server.
Solution providers will find Imperva’s technology impressive and a viable path to profits. Although the company’s channel program is a little on the light side, the quality of the products far outweigh any of the negatives of the channel program. Solution providers will be well-served by the unique qualities of the SecureSphere DSG, a product that is easy to install and manage, offers exceptional protection and has no negative impact on network throughput.