- BlackBerry Storm vs. the iPhone
- Digg's Kevin Rose: "We have to do better"
- Blogger warns: "Nortel doesn't make it out alive"
- Financial quagmire bringing out the scammers
- Verizon plays with the wrong e-mail addresses
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Test your Web Filter | Value of WDS
Imperva is upgrading its SecureSphere appliances to automate security audits on Web applications and databases.
The new software supports automatic discovery of application servers and database servers on networks, including those that are unauthorized. SecureSphere also detect sensitive data, such as Social Security and credit card numbers, within databases, so that appropriate security policies can be applied to accessing them.
SecureSphere software runs on three hardware platforms: the Imperva Web Application Firewall, Database Security Gateway and Database Monitoring Gateway. All three can be managed by the Management Server.
The new software introduces a Web proxy that presents a simplified set of public URLs to Web applications and connects them to more complex back-end URL environments. The company could proxy these URLs before, but this capability has been moved to the kernel of the software, making it faster.
The software also natively supports database encryption, so it can inspect encrypted traffic as it flows by in order to apply security policies to all traffic that isn’t unencrypted.
Imperva gear now supports compliance frameworks for key regulatory requirements imposed by the PCI standard, Sarbanes-Oxley and HIPAA. These frameworks take audit data about who is accessing what resources and when and presents it in formats that fit these regulatory mandates. The company says it plans to develop more such frameworks for other regulations.
These reports can also be customized for individual audit requirements that businesses may impose on themselves or to comply with audit agreements they have entered into with business partners. This functionality is similar to capabilities of software from Imperva competitor IPLocks.
To facilitate these audits, SecureSphere management software can map audit activities to individual sites, business units, departments and the like. So audits of activities and given locations or activities by departments can be automated. The software can also create user accounts based on roles that are defined by unique sets of access privileges. So a user group could be allowed access to a particular set of sites, but not others.
The new SecureSphere upgrades are available.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment