Imperva Cyber Community

Expand all | Collapse all

Data Security: Ask Me Anything (AMA) - Stump the Experts!

  • 1.  Data Security: Ask Me Anything (AMA) - Stump the Experts!

    Community Manager
    Posted 06-02-2021 11:44

    Hello Imperva Community
     

    Did you know we are having an Ask Me Anything (AMA) session on all thing Imperva Data Security? It's happening on Jun 29, 2021 from 4:00 PM to 5:00 PM (BST) and features @Mariah West, Product Marketing Director, Data Security, Imperva; @Marc Gamache, Sales Engineer, Data Security, Imperva and Chris Brown, Senior Director, Data Security GTM, Imperva.

    Our experts will be answering any and all of your questions around our Imperva Data Security products including Sonar.

    Event Instructions:

    1. If you are able to attend the event live, RSVP here and join our webinar session!
    2. Reply directly to this thread with your questions and an expert will reply to all questions received, during the session.
    3. Use @mentions when responding to a specific expert.

    Please reach out to me, your community manager, with questions or for help at communitymanager@imperva.com.

    If you are unable to make it during the time of the event, post your question to this thread and we will be sure it receives an expert response! Make sure to check back here following the session to see all of the amazing questions asked by your peers and the responses from our experts.​​


    #CloudDataSecurity
    #DatabaseActivityMonitoring
    #AllImperva
    #jSonar

    ------------------------------
    Sarah Lamont
    Digital Community Manager
    ------------------------------


  • 2.  RE: Data Security: Ask Me Anything (AMA) - Stump the Experts!

    Community Manager
    Posted 06-25-2021 04:38
    Hi All,

    Have you seen there's a chance to bag yourself some swag when you pre-submit a question?? Check out the detail here:

    * SWAG ALERT! * Want to win some summer swag? | Imperva Cyber Community

    Can't wait to see you there!!

    ------------------------------
    Sarah Lamont
    Digital Community Manager
    ------------------------------



  • 3.  RE: Data Security: Ask Me Anything (AMA) - Stump the Experts!

    Posted 06-29-2021 00:47
    The following questions all pertain to Sonar -
    1. What are the high availability deployment options for Sonar?
    2. Can Sonar be deployed in AWS?
    3. Is clustering feature available with Sonar similar to DAM gateway clustering? If not how do you recover seamlessly/automatically if you have lots of agentless databases registered to a Sonar gateway and the gateway fails?
    4. Is the DAM MX/GW necessary in a Sonar deployment using all agentless monitoring?
    5. Can agents be registered with Sonar gateways? Can agentless be registered to DAM gateways?
    6. with agentless that relies on native database audit events, do you guys have any benchmark on performance impact on the host database with
    7. Does Sonar store sensitive data?
    8. Can Sonar be integrated with IAM tools for user access recertification?
    9. Can a playbook be used to fine-tune or reduce false positives of security alerts sent by securesphere?
    10. Does Sonar have out-of-box pre-defined security and audit policies like securesphere?
    11. We leverage DRA for user entity and behavior analysis, if we deploy Sonar would we still need DRA? What's the roadmap of DRA?


    ------------------------------
    Walter Ma
    Vice President, Enterprise Information Security
    Los Angeles CA
    ------------------------------



  • 4.  RE: Data Security: Ask Me Anything (AMA) - Stump the Experts!

    Posted 06-28-2021 15:48
    For cloud-based database monitoring such as AWS RDS (Oracle RDS or Postgres RDS) using SecureSphere, we are required to rotate the AWS access keys periodically. Currently rotation of the access keys is done manually; ie 1) AWS team rotates the access keys, 2) we update the access keys in the log collects in SecureSphere. This process requires tight coordination between our team and our AWS team. The biggest downside with this process aside from not being scalable as we increase the number of databases on RDS is the gap between when the access key is rotated to when we update the key in the log collectors. Until Imperva supports AWS IAM role-based access for monitoring, is there another method that's more efficient or perhaps automated way for us to update the access keys?

    Thanks!

    ------------------------------
    Walter Ma
    Vice President, Enterprise Information Security
    Los Angeles CA
    ------------------------------



  • 5.  RE: Data Security: Ask Me Anything (AMA) - Stump the Experts!

    Posted 06-29-2021 05:05
    Hi there,

    Planning to install DAM on Azure.   Using Azure MarketPlace image (Is the later Version 14.3?)   One Mgmt server and 2 Gateway servers.   To keep the minimum number of servers and get maximum availability, the two gateways are in a cluster, Logs from gateways sending to SIEM directly, hence mgmt server is only for config and dashborading.   Downtime of mgmt server is okay. (correct me if I am wrong).  Sizing for 2 gateways.  If capacity is an issue, horizontal scale more gateways.    Monitoring a MS SQL on a Azure VM, agent will be install there.    Also using the same DAM to monitor a couple of Azure SQL (SaaS solution on Azure Cloud).  Main question:  no DAM agent can be installed on Azure SQL, DAM only can read from the Azure Event Hub.   Is this a polling method from the Event Hub?   Poll every 5min or every 1min?   Is there a path to the Azure SQL to stop any malicious Database activities in real time?   If not, what is the alternative here?   

    Please also point out any improvement or incorrectness of any of my statements above.  Thank you.   

    Thanks!

    ------------------------------
    CK Mok
    Singapore
    ------------------------------

    ------------------------------
    CHI KIN MOK
    Consultant
    Singapore
    ------------------------------



  • 6.  RE: Data Security: Ask Me Anything (AMA) - Stump the Experts!

    Posted 06-29-2021 10:22

    Regarding DAM on premise, cluster of gateways. Can a cluster have multiple listener networks. If yes , that means that it can have total of [total device interfaces] -  ([gw mgmt interface] + [gw sniffing interface] +  [gw blocking interface] = 3 gateway interfaces ) . Correct?
    Regarding the DAM on Azure. Can you explain in more detail the architecture? Why do we need the load balancer? Why in the architecture set in the docs do you make it seem like the gateway is working as a proxy? Do the gateways have one interface? 
    Can Imperva DAM on Azure and on the cloud in general work with SaaS? Is this what it means when we filter  with "Azure SQL Server" in Data Coverage Tool and we get "None - Gateway Log Collector" under agent version? If yes, where is this functionality documented?

    Thank you
     


     



    ------------------------------
    George Gkiouzelis
    System & Network Security Engineer
    Nicosia
    ------------------------------



  • 7.  RE: Data Security: Ask Me Anything (AMA) - Stump the Experts!

    Community Manager
    Posted 07-21-2021 13:01

    Hi there,

    We're looking for volunteers for some Sonar end-user usability test participants.

    See the post below for details or contact me if you are interested.

    Calling all SONAR users... | Imperva Cyber Community



    ------------------------------
    Sarah Lamont
    Digital Community Manager
    ------------------------------



  • 8.  RE: Data Security: Ask Me Anything (AMA) - Stump the Experts!

    Posted 07-27-2021 07:06
    When Imperva DAM VM Appliance will support VMWare ESXi 7.0 u1d and later version?


    As of now the latest version 14.5 support max vmware esxi 6.x.

    ------------------------------
    Shanti Lal
    Cyber Security Engineer
    CyberGate Defense LLC
    Abu dhabi
    ------------------------------