.
Typical data control solutions didn’t furnish univocal identification through user name cause can’t trace, in specific, those users that try to access data log access. Conventional DB auditing procedures can’t trace DB activity with a particular user when connection is already established.
Imperva is the unique solution able to furnish holistic solutions both for Web and Data Base. The Imperva SecureSphere solution were developed in order to furnish an excellent Database Monitoring about activity performed on Database with ability to correlate nominal users to single SQL transaction, essential for Auditing activity, with Alert generation for suspect or unusual activity or recognized from the behavior learned among time from the appliance itself. SecureSphere Universal technology permit single users monitoring that log data managed from Standard applications, like Oracle E-Business Suite, SAP, PeopleSoft, J.D. Edwards and Siebel or Web custom applications. Other Imperva peculiarity is to furnish a Web Application Firewall service, able to apply network granular and effective policies and furnishing a wide number of signatures and attack recognizing rules, with feature to identify single web page’s objects and possibility to obfuscate sensible data.
img 1
.
The SecureSphere peculiarity resides in the possibility to trace single user connections by univocal credentials assigned to each user without limit on application that try to accede.
The user trace different user univocal credential identification mechanism for any transaction established with Data Base, even when connection is already active.
img 2
.
Different tracing methods (authenticated user tracking by Web applications, user application toward Data Base tracking, SDL connections tracking, direct tracking) permit SecureSphere to control final users regardless from Data Base connection modality, permitting a complete account.
Thanks to final users monitoring functionality is possible to display user’s ID in the Data Base generated to manage security advice, audit logs and reports. Additionally, on security policy Data Base can be implemented specific ACL in order to limit access only to some user ID.
Finally, “super user” tracking permit a better visibility on Data Base activity, security controls with an upper granularity level and respect for actual existing legislations.
