Database Security Solutions — New Reviews 2017

What are real users in the enterprise tech community saying about database security in 2017? This week’s blog post looks at new database security reviews from 2017 on IT Central Station.

Users discuss which features they’ve found most valuable, and where they hope to see improvements.

Imperva SecureSphere Database Security

Features Users Find Most Valuable

  • Vulnerability Management

“The most valuable feature of this product is vulnerability management since you don’t need to run different scans by logging into different databases. Everything can be done and monitored through the centralized console by a few clicks and without any hassle.”

— Senior Analyst at a financial services firm 

  • Report Generation

“The report generation option on a daily/weekly/monthly basis comes in very handy to the top management.”

— Senior Analyst at a financial services firm 

  • Database Auditing

Database auditing has become simple and easy, releasing storage previously used for native database audit processes. We found new patterns of database users’ behavior and corrected some user authorizations.”

— Senior System Engineer

Where Users Hope for Improvements

  • Stability and Ease of Use

“The stability and the ease of use of this product can be improved. I believe the product can be made more flexible and stable.”

— Senior Analyst at a financial services firm

  • More Video Tutorials for Newer Versions

“Additionally, it is very unlikely for a new professional to easily use this tool to its full potential. For this purpose, I believe a few more video tutorials can be uploaded for the newer versions.”

— Senior Analyst at a financial services firm

  • Mainframe Optimization

Mainframe mappings/agents/optimization for CPU usage are areas with room for improvement.”

— Senior System Engineer

IBM Guardium

Features Users Find Most Valuable

 

  • Data Activity Monitoring

Heterogeneous support for data activity monitoring. I have not been able to find any other product that can monitor as many platforms from one application.

Guardium can monitor Windows servers, Linux, Unix, mainframe, and big data environments from one policy. Guardium captures data access activity across networks and local connections.”

— Jody Hair

Security Software Presales Specialist

  • Faster Route to Compliance

“We now have one go-to application for all data monitoring. This has decreased the number of skills needed and enabled a faster route to compliance. Reporting is automated and activity alerts are routed to the appropriate responders.”

— Jody Hair

 

  • Database Logging and Audit Functions

 

Database logging and audit functions are the most valuable features. In some fields like banking, it’s very important to be aware of the actions of database users, and ensure that those without the permission to access information do not access it.”

— Khalil Sarsri

Senior Middleware Engineer

Where Users Hope for Improvements

  • File Activity Monitoring

“While Guardium is great at structured monitoring (DAM), the product is lacking features on the file activity side (FAM).”

— Jody Hair

  • Active Directory and Exchange Monitoring

“We would also like to see tighter integration with Active Directory and Exchange monitoring.

— Jody Hair

  • Appliance Upgrades

“I would like to be able to upgrade appliances within major versions without needing to rebuild the appliance. Once, I tried to upgrade a Guardium Appliance from v9.5 to v10 and there was no available patch for that. Therefore, the solution was to back up the appliance data, rebuild the appliance with the v10 image and then restore the data.

This procedure is highly risky because you can lose all the data if the restoration does not succeed. Installing a patch is much easier and there is no data loss risk!”

— Khalil Sarsri

  • Blocking and Dynamic Data Masking

“The blocking and dynamic data masking features need improvement.”

— Adem Celtik

Database Security Specialist

Oracle Audit Vault

Features Users Find Most Valuable

  • Audit Reporting

Audit reporting and its user-friendliness that is required by auditors are valuable features.

It provides reports that are directly related to the compliance issues, i.e., for example, SOX Compliance.”

— Kosala Sandaruwan

Manager – Oracle Specialist

“I like the audit report. This product has a lot of report templates and you can customize them.”

— Indra Kurnia

Database & Middleware

  • Activity Report

“One of the useful reports is the activity report. Our customer is an insurance company. They want to log every detail regarding financial transaction activities (insert, update and delete). If something happens with the data, they can trace it to the person who performed the activity, and where and when they did it.”

— Indra Kurnia

  • Easy to Configure Users on a Database

“It is very easy to configure users and their appropriate roles and permissions on a database. The product allows us to set rules and restrictions at very minute levels.”

— Ammar Ashraf

Oracle Technical Engineer

Where Users Hope for Improvements

  • Policy Defining

Policy defining should be more user-friendly. It still should be implemented and handed over to the end users. This policy defining cannot be done by an end user.

It should be implemented initially, by a person who knows the Audit Vault along with the implementing business organization and their audit requirements. There should be a system analysis carried out and then this should be implemented.”

— Kosala Sandaruwan

  • AV Server and Database Firewall Deployment

“According to Oracle, the best practice is that Audit Vault Server and DB Firewall should be deployed on different boxes (servers). There is no option to co-locate them together.

If you wish to deploy AV server and Database Firewall, you will need two servers; one dedicated to Database Firewall and the other dedicated to AV Server.”

— Ammar Ashraf

 

  • DB Firewall Documentation

“I would like to see better DB firewall documentation. We still don’t understand how to configure the DB firewall.”

— Indra Kurnia

CA ACF2

Features Users Find Most Valuable

  • Mainframe Environment Security

“This product provides excellent quality for security in the mainframe environment.”

…Basically, it ensures that data is handled only by those who should be handling it and only in the way that they should be handling it.

This product provides visibility and security as to how the data is being used.”

— Reg Harbeck

Chief Strategist at Mainframe Analytics

Where Users Hope for Improvements

  • Simplicity in Programmable Access

“If possible, I would recommend having an Eclipse interface which can provide simplicity in programmable access. This will help in putting together more flexible solutions that interact with the mainframe.”

— Reg Harbeck

Read More Database Security Reviews by IT Central Station users.

Face-off in Database Security Reviews: Imperva SecureSphere vs. Oracle Audit Vault

In the IT Central Station Database Security community, Imperva SecureSphere and Oracle Audit Vault rank as the #1 and #3 solutions, respectively.

Imperva SecureSphere and Oracle Audit Vault have each been reviewed by enterprise tech professionals from a range of roles and seniority levels: Operations Consultants, Financial Analysts, System Engineers, Senior IT Security Consultants, Senior DBAs, and others.

But what in particular do users choose to discuss about these top Database Security solutions? Which features are most notable, and finally, which experiences have users had that other users in our community would benefit from knowing?

Below are excerpts from the top user reviews of Imperva SecureSphere and of Oracle Audit Vault, where members of the IT Central Station community share how their organizations have benefited from the solutions and what they see as the most valuable features.

Imperva SecureSphere Database Security

 

‘What are Imperva Secure Sphere’s Most Valuable Features?’

Vulnerability management since you don’t need to run different scans by logging into different databases. Everything can be done and monitored through the centralized console by a few clicks and without any hassle.

Also, the report generation option on a daily/weekly/monthly basis comes in very handy to the top management.”

SeniorAnb381, Senior Analyst at a financial services firm

 

‘How Has Using Imperva SecureSphere Improved your Organization?’

“Database auditing has become simple and easy, releasing storage previously used for native database audit processes. We found new patterns of database users’ behaviour and corrected some user authorisations.”

Reviewer579513, Senior System Engineer at a financial services firm

 

Oracle Audit Vault

 

‘What are Oracle Audit Vault’s Most Valuable Features?’

I like the audit report. This product has a lot of report templates and you can customize them.

One of the useful reports is the activity report. Our customer is an insurance company. They want to log every detail regarding financial transaction activities (insert, update and delete). If something happens with the data, they can trace it to the person who performed the activity, and where and when they did it.

Indra Kurnia, Database & Middleware at a tech services company.

 

‘How Has Using Oracle Audit Vault Improved your Organization?’

Using the features provided by this product, we have implemented restrictions on data access for individual users accessing the application to perform activities on the database. Restrictions/monitoring can be configured for column/row level as well. With Oracle Audit Vault and Database Firewall, you can create alerts for suspicious activity, create changes to privileged users, create historical reports on schema changes and data-level access. Audit Vault also can audit OS and network events. It can also be used to audit other databases (such as MYSQL, IBM, etc.) and databases in the cloud.

Ammar Ashraf, Oracle Technical Engineer at a tech services company

 

Based on our user feedback, Imperva SecureSphere seems to stand out in Database Security for valuable features such as vulnerability management, and report generation. On an organizational level, improvements are made possible by the simple database auditing.

With Oracle Audit Vault, users are especially grateful for features like the audit reports and activity reports, as well as for data access features that allow them to secure their databases and to audit databases that are both on-premise or in the cloud.
Read more about valuable features and organizational improvements in Database Security Solutions, as told by the IT Central Station community.