The Leader in Application Data Security and Compliance
Download
Report
Transcript The Leader in Application Data Security and Compliance
Application Data Security
Stallion Winter Seminar 2009
Otepää, March 06th 2009
Agenda
Corporate Overview
Application Data Security
Introduction to Imperva Solutions
Why Customers Select Imperva
2
- CONFIDENTIAL -
Why Should You Care?
85% of organizations have
experienced a data breach
Theft, Abuse, Misuse & Leakage
Happen Even in Leading Organizations
Sources: Privacy Rights Clearinghouse & Ponemon Institute Survey, “The Business Impact of Data Breach”
3
- CONFIDENTIAL -
Why Should You Care?
Governing your data is not optional
PCI – Required to process credit card transaction
SOX – Required to report financial results
HIPAA – Required to store Patient Health Data
4
- CONFIDENTIAL -
Security and Compliance Requirements
Full Visibility
Who is accessing your data?
Who has accessed your data?
Granular Controls
Who is attacking your data and how?
Is your data leaking outside the organization?
How do you protect your data?
Imperva delivers the industry’s most robust and
widely deployed solution for addressing the entire
application data security lifecycle.
5
- CONFIDENTIAL -
Imperva Overview
Founded in 2002
The leader in Application Data Security
Global company with int’l revenue consisting of 40%+
North American HQ in California; International HQ in Israel
Local presence in all major markets (EMEA, APAC, Japan)
Customers in 35 countries
Strong global network of channel partners
Over 700 customers and 4500+ organizations protected
Shlomo Kramer, CEO & President
SC Magazine 2008 CEO of the Year
One of three founders of Check Point
6
- CONFIDENTIAL -
Imperva Application Defense Center
Application Data Security experts
Research the latest threats and compliance best practices
Applications (SAP, Oracle EBS, PHP, Perl, OWA & others)
Databases (Oracle, DB2, SQL-Server & others)
Compliance mandates (SOX, PCI, HIPAA & others)
Deliver actionable, up-to-date content to Imperva customers
7
- CONFIDENTIAL -
What is …
Application Data Security
Users
Business
Applications
Structured
Application
Data
Database systems are often very
complex, combining the core database
with a collection of applications…It is
not sufficient to protect the database
alone, all the associated applications
need to be secured.
--SANS Top 20 Internet Security Risks of 2007- a
consensus list of vulnerabilities that require immediate
remediation. It is the result of a process that brought
48 leading security experts.
Data Center
8
- CONFIDENTIAL -
Monitoring & Protecting Data
Thick Client
2 Tier App
DBA
Thin Client
3 Tier App
Application
Interface
Data
SQL
Applications
Web/Web services
9
- CONFIDENTIAL -
Browser
Customer Challenges
DATA ACTIVITY
MONITORING
10
REAL-TIME
DATA PROTECTION
DATABASE
AUDITING
PCI
COMPLIANCE
DATABASE
SECURITY
COMPLIANCE
REPORTING
ENTERPRISE
APPLICATION
SECURITY
WEB APPLICATION
SECURITY
- CONFIDENTIAL -
Introducing SecureSphere
Only complete solution for
enterprise data that includes:
Data activity monitoring
Real-time data protection
Full visibility and granular control of data usage
From end user through application and into database
Full stack protection
Unmatched ease-of-use and ease-of-deployment
11
- CONFIDENTIAL -
Protection Approaches (WAF)
„Postive“ Security
Protection from unknown
threats and vulnerabilities
PROFILING of Applications
„Negative“ Security
Protection from known
threats and vulnerabilities
Protocol Validation
Signatures
12
- CONFIDENTIAL -
Flexible Deployment Options
Transparent Inline Bridge
Supports full enforcement
High performance, low latency
Fail-open interfaces
Data Center
SecureSphere
Transparent & Reverse Proxy
Switch
High performance for
content modification
URL rewriting, cookie signing,
SecureSphere
INTERNET
SSL termination
Non-inline Deployment
Reverse
Proxy
Deployment
Inline
Non-Inline
Bridge
Deployment
Deployment
Primarily for monitoring, zero network latency
Imperva SecureSphere Product Line
Database Monitor
Agent
Management
Server (MX)
Database
ADC Insights
Database
Security Gateway
Web Application
Firewall
Web
Database Monitoring
Gateway
Internet
14
- CONFIDENTIAL -
Imperva SecureSphere Product Line
Gateway Models
G4
G8/Crossbeam
G16 FTL
500MB/Sec
1GB/Sec
2GB/Sec
16K/50K
24K/100
36K/200K
Recommended Web Servers
50
100
200
Form Factor
1U
1U
2U
FTL Model: 2U
FTL Model: 2U
Bridge, Router, Proxy
or Monitor
Bridge, Router, Proxy
or Monitor
Bridge, Router, Proxy
or Monitor
Max Inline Bridge Segments
2
2
2
Max Routing Interfaces
5
5
5
Management Interfaces
1
1
1
High Availability
Fail Open, IMPVHA,
VRRP
Fail Open, IMPVHA,
VRRP
Fail Open, IMPVHA,
VRRP
Fault Tolerance
Available
Available
Yes
Throughput
Max TPS (HTTP/SQL)
Deployment mode
Graphical Reports
Pre-defined reports
Custom reports
Reports created
on demand or emailed
daily, weekly or
monthly
PDF and CSV (Excel)
format
Integration with
3rd party reporting
and SIEM tools
Data Leakage Reports
SecureSphere detects
credit card and SSNs
in Web applications
Reports show:
Data leakage over time
Data leakage by URL
Data leakage by user
accessing the data
Real Time Dashboard
Achieving Security & Compliance
Assess
Set Policies/Controls
• Discover servers and data
• Test configuration
• Evaluate inherent risks
• Assess who uses the data
and applications and how
• Set policies automatically and
quickly
• Keep up with changes
• Configurable policies and controls
based on situation
Measure
IMPERVA
ADDRESSES
THE
ENTIRE LIFE
CYCLE
• Ensure separation of duties
• Ensure end user accountability
• Capture full details
• Provide security at all layers
• Alert/block in real-time
• Built in & custom reports
• Roll-up & drill down of data
• Security event analysis
• Compliance workflow
20
Monitor and Enforce
- CONFIDENTIAL -
Why Customers Choose Imperva
Integrated
End-to-end
Coverage
Automation
& Accuracy
Business
Relevant
Reporting
Performance
& Scalability
World Class
Customer
Service
21
Full coverage for all paths to the data. A unified view of access that simplifies
management and provides full information to satisfy auditors and forensic
investigators
Ability to model change to applications, usage patterns and data structures over
time.
Highly customizable reporting for specific business applications &
regulatory mandates.
Capacity, availability and ease of management that meets the deployment
requirements of complex global companies
Imperva customers enjoy 24 X 7 X 365 access to a global team of engineers
with deep technical expertise and real-world deployment experience.
- CONFIDENTIAL -
Thank You
Imperva
3400 Bridge Parkway, Suite 101, Redwood Shores, CA 94065
Sales: +1-866-926-4678 www.imperva.com
22
- CONFIDENTIAL -