Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Imperva adds firewall for SQL

Gateway identifies database users and blocks data thieves.

Article comments

Application security outfit Imperva says its security gateway can now log and block user access to databases by pulling user identity information out of an SQL connection.

According to Imperva, the SecureSphere Database Monitoring/Security Gateway acts as a kind of UTM or firewall for databases. It can already control access via web applications - for example, to block SQL-injection attacks - and now it can also control access via packaged applications that use SQL, such as Oracle and SAP.

Security standards such as PCI require data users to be individually identified. Imperva claimed that pulling identity data out of SQL means this can be done transparently, even where users share a pooled connection to the database.

The gateway does two things, claimed Imperva boss and co-founder Shlomo Kramer. First, it stops people stealing data from the database by profiling "normal" behaviour, then flagging and blocking attempts to pull out information that they are not entitled to, and second, it tracks database access for compliance purposes.

The latter reflects the changing picture of security, he said. It is not enough now to protect against hackers and crackers - you must also defend yourself against auditors and regulators.

"The basic compliance question is 'Who did what to my data?', and we are now able to provide that information for auditing," said Kramer. "It will be very relevant if you have to reveal a data loss or breach."

Imperva's first step is to locate your databases and automatically classify them for sensitivity, for example by spotting credit card numbers. Then, a scanning program looks for vulnerabilities such as shared accounts, weak passwords, missing software patches and so on - called Scuba, this scanner is available for free download, Kramer said.

After that, the administrator is ready to start setting controls, audit trails and alerting, he said.

"We sit on the network and monitor traffic to build a profile of how people access and use data - we call it Dynamic Profiling," he explained. "The aim is to identify where your access deviates from the norm, for example if you decide to steal information, you'll access different areas of the database and different information.

"The concepts are the same as those behind the web application firewall, but where those companies see themselves as protecting the web, we see ourselves protecting the database."

The SecureSphere gateway typically costs between $30,000 and $180,000, depending on the size of the network to be protected, Imperva said.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *