Title: The Leader in Application Data Security and Compliance
1The Leader in Application Data Security and
Compliance
2Recent Letter to Ameritrade Customers 9/14/07
- While investigating client reports about the
industry-wide issue of investment-related SPAM,
we recently discovered and eliminated
unauthorized code from our systems. This code
allowed certain information stored in one of our
databases, including e-mail addresses, to be
retrieved by an external source. - Please be assured that UserIDs and passwords are
not included in this database, and we can confirm
that your assets remain secure at TD AMERITRADE. - While Social Security numbers are stored in this
particular database, we have no evidence to
establish they were retrieved or used to commit
identity theft.
3Security and Compliance Requirements
- Full Visibility
- Who is accessing your data?
- Who has accessed your data?
- Granular Controls
- Who is attacking your data and how?
- Is your data leaking outside the organization?
- How do you protect your data?
Imperva delivers the industrys most robust and
widely deployed solution for addressing the
entire application data security and compliance
lifecycle.
4Monitoring Protecting Data
5Imperva Overview
- Founded in 2002
- The leader in Application Data Security and
Compliance - Global company with intl revenue consisting of
40 - North American HQ in California International HQ
in Israel - Local presence in all major markets (EMEA, APAC,
Japan) - Customers in 30 countries
- Strong global network of channel partners
- 600 customers and over 4500 organizations
protected - Shlomo Kramer, CEO President
- One of 3 founders of Check Point
6SecureSphere Dominates Awards
- Imperva Wins eWEEK Excellence Award
- Imperva SecureSpheres in-line protection for
both Web applications and communications with
back-end databases is simply unmatched.
- Editors Choice for Database Extrusion Prevention
- Right from the start, the Imperva SecureSphere
Database Security Gateway impressed us with its
plethora of featuresdynamic user profiling is
almost reason enough to choose it.
- Editors Choice for Web Application Firewalls
- From beginning to end, Imperva SecureSphere is
our kind of WAF.
- Imperva's SecureSphere Database Security Gateway
is a win on both counts. It did a fine job
learning our user behavior, and numerous
signatures let it handily block known attacks.
Imperva Wins 2007 Readers Choice Award from
Security Magazine SecureSphere scored well in
every criteria granularity of access controls
and integration with existing infrastructure,
scalability and management
7Achieving Data Security Compliance
IMPERVA ADDRESSES THE ENTIRE LIFE CYCLE
8Application Layer FirewallA Better Solution than
Code Reviews (PCI 6)
User
User
Hacker
- End-to-End Web Application Protection
- Knows application acceptable behavior
- Stops application attacks
- Brute force login, XSS scripting, session
hijacking, encoding, worms - Inspects HTTP and HTTPS traffic
- Continuous Security
- Ensures that applications are always safe, unlike
periodic scanning and re-coding - Offers full monitoring, alerting and forensics
- Low Total Cost of Ownership
- One-time purchase
- Low maintenance overhead
Web App Firewall
Web Servers
9Database MonitoringTrack and monitor all access
to cardholder data (PCI 10)
- Monitoring
- Detects security events in real time
- Monitors changes to the database
- Auditing
- Records user ID, type of event, time, source IP
and data accessed - Audits all activity including the DBA
- Reporting
- Custom pre-defined graphical reports
Applications
DBA
User
Database Security
Database Servers
71 of assessed merchants failed this requirement
- VeriSign, Lessons Learned Top Reasons
for PCI Audit Failure
10Database Access ControlA compensating control
for database encryption (PCI 3.4)
For companies that cannot make cardholder data
unreadable due to a legitimate technological or
documented business constraint
- Assessment
- Examines database configuration
- Identifies bad business practices
- Access Control
- Restricts database access by IP
address,application, user name and data type - Protection
- Blocks data theft, policy violations attacks
Applications
User
DBA
Database Security
Database Servers
11Protection Approaches (WAF)
- Postive Security
- Protection from unknown threats and
vulnerabilities - PROFILING of Applications
- Negative Security
- Protection from known threats and vulnerabilities
- Protocol Validation
- Signatures
12Custom Correlation Rules
Suspicious Activity Evasion Technique (Request
Smuggling) Attack
SecureSphere Correlation Engine
Profile Violation
Redundant HTTP Header
Operating System
Web Server Software
Web Applications
Custom correlation rules provide granular access
control
13Efficient Deployment and OperationsNo Impact
to IT, Easily Managed, Low TCO
14Imperva SecureSphere Product Line
Database
Web
Internet
- CONFIDENTIAL -
14
15Flexible Deployment Options
- Transparent Inline Bridge
- Supports full enforcement
- High performance, low latency
- Fail-open interfaces
- Transparent Reverse Proxy
- High performance for content modification
- URL rewriting, cookie signing, SSL termination
- Non-inline Deployment
- Primarily for monitoring, zero network latency
Data Center
SecureSphere
Switch
SecureSphere
16Unified, Scalable Management
- Centralized administration
- Manages all devices from a single console
- Integrated auditing and reporting
- Easy deployment of new appliances
- Appliances auto-configured by MX server
- Task-oriented workflows
- Hierarchical policy management
- Granular role-based access control
- Web browser interface
BrowserInterface
MX Management Server
SecureSphere Appliances
17Risks originate from external and internal
sourcesWho is using the system and how?
- It is quite easy to find out about the Gun
- The Application User (e.g. OraFinEMEA) is
easily identified - but this is usually insufficient
- SecureSphere builds complete end user profiles
- SecureSphere can tell you about the Shooter
- Whos fingers were on the keyboard?
- ANY application (friendly or unfriendly)
- No re-writing of application or database code
18Introducing SecureSphere
- Only complete solution for enterprise data that
includes - Data activity monitoring
- Real-time data protection
- Full visibility and granular control of data
usage - From end user through application and into
database - Full stack protection
- Unmatched ease-of-use and ease-of-deployment
19SecureSphere Product Line
Gateway Models G4 G8/Crossbeam G16 FTL
Throughput 500MB/Sec 1GB/Sec 2GB/Sec
Max TPS (HTTP/SQL) 16k/50k 24k/100k 36k/200k
Recommended Web Servers 50 100 200
Form Factor 1U FTL Model 2U 1U FTL Model 2U 2U
Deployment mode Bridge, Router, Proxyor Monitor Bridge, Router, Proxyor Monitor Bridge, Router, Proxyor Monitor
Max Inline Bridge Segments 2 2 2
Max Routing Interfaces 5 5 5
Management Interfaces 1 1 1
High Availability Fail Open, IMPVHA, VRRP Fail Open, IMPVHA, VRRP Fail Open, IMPVHA, VRRP
Fault Tolerance Available Available Yes
20Demo
Imperva, Inc. 950 Tower Lane, Suite 1550, Foster
City, CA 94404 Sales 1-866-926-4678
www.imperva.com
21Demo-Setup
SuperVeda (IIS MS-SQL)
SecureSphere (single-box)
mgmt
DB-Agent
data
Browser SQL-Tools