Imperva appliance tracks database

Web application firewall vendor Imperva this month introduced an appliance to help businesses meet strict auditing requirements by figuring out who accesses database information that must be kept confidential.

Called SecureSphere Database Monitoring Gateway, the device logs which users have accessed sensitive data.

This is a step up from monitoring devices that track which applications pull data from databases rather than the individuals who put in the requests, according to Andrew Jaquith, an analyst with the Yankee Group.

To improve performance of applications that tap databases, typically user requests are pooled, so the record of where database queries come from specifies only the application, says Rich Mogull, an analyst with Gartner.

There are no regulations that require more specific tracking, but Imperva’s approach could be helpful to auditors assessing how well businesses protect their data, Mogull says. Other vendors, including Lumigent and Embarcadero, monitor which applications access data but not which users, he says, adding that he has heard others are working on it.

Imperva’s gateway monitors user interactions with Web applications and the Web applications interactions with databases. Correlating data about which users were logged on to applications at specific times, comparing that with what queries the applications generated and when, the Imperva gateway can determine which users generated specific requests.

The devices can deduce 80 per cent to 90 per cent of the time which user accessed particular data, the company says. Other devices can figure out which application has accessed data but not the user who generated the request via the applications. In cases with many users logged on accessing the same data, it may be impossible to figure out which users generated which queries.

Applications could be written to require identification of users gaining access via pooled connections, but that is not standard practice, Mogull says.

The gateways are attached to span ports on switches that handle traffic in and out of data centers, so they do not disrupt the flow of traffic.

This configuration also lets a single network group control the device, so if a company has a compliance department, the device could have its own compliance administrator take care of it without involving, say, the network or security groups. The devices can be set to monitor specified fields within databases that contain sensitive data such as Social Security numbers and credit card information.

The monitoring gateway also is available as software that can be loaded on multifunction security devices made by Crossbeam.

SecureSphere Database Monitoring Gateway comes in three versions, the G4 with 0.5Gbps throughput for US$35,000; the G8 with 1Gbps throughput for $70,000; and the G16 with 2Gbps throughput for $140,000.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now