Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  Imperva DAM - Server Group Hierarchy Best Practices

    Posted 03-13-2023 06:13
    Edited by Mitesh Mehta 03-13-2023 06:20

    Hi Team,

    My question is about creating server groups during agent installation.

    Can I separate server groups based on the same DB service like MSSQL, ORACLE, etc. Or can I define server groups with different DB services?

    Please suggest best practices for defining server groups in Imperva Database Activity Monitor.

    Regards,

    Mitesh


    #DatabaseActivityMonitoring

    ------------------------------
    Mitesh Mehta
    Senior Security Consultant



  • 2.  RE: Imperva DAM - Server Group Hierarchy Best Practices

    Posted 03-14-2023 11:00

    Whatever works best for you. Look at what your needs are for activity/audit monitoring since policies are applied at a service level.

    What you mentioned goes but also consider:

    1. separating STAGING/DEV/PROD environments.
    2. Separating config for databases that may contain PHI or PCI related data so you can setup more stringent rules.



    ------------------------------
    Sarvesh Lad
    Tech Lead @ On-Prem Managed Services (WAF, DAM, DRA & Sonar)
    ------------------------------



  • 3.  RE: Imperva DAM - Server Group Hierarchy Best Practices

    Posted 03-15-2023 16:03

    Mitesh,

    Server groups can be, and have been, done in many different ways.  The first step would be to define the sites.  These will depend on what your ultimate goal is.  In working with customers in the past, I found that it was important for them to think through defining their sites first.  They can be broken into geographic locations, business units, or even to dev/stage/production.  Within the site, as you mentioned, you have your server groups.  Again, with customers I have worked with in the past, server groups can be used to break down your database servers by type (MS, Oracle, DB2, etc), business units, applications, database owners, and any way else that can help you manage them.  One customer I worked with broke their server groups down to four levels of required monitoring.  A level 4 server only had to have logins and logouts monitored.  Where as a level 1 server required complete monitoring of all interactions.  I hope this helps with your questions.



    ------------------------------
    Craig Burlingame
    Senior Security Engineer
    St Paul MN
    ------------------------------



  • 4.  RE: Imperva DAM - Server Group Hierarchy Best Practices

    Posted 03-17-2023 08:31
    Edited by Mitesh Mehta 03-17-2023 08:32

    Hi Craig Burlingame,

    Yes, it is helpful. Thank you for your valuable reply.

    Regards,

    Mitesh



    ------------------------------
    Mitesh Mehta
    Senior Security Consultant
    ------------------------------