45
Back to Top

SecureSphere VM150 Management Server Virtual Appliance - license - 1 licens

Mfg. Part: SS-VM15-V1 | CDW Part: 2538816 | UNSPSC: 43233204
$15,359.99Advertised Price
Lease Option ($420.71 /month) Lease Availability
Close

Have leasing questions? Let us know how can we help.

Note: Leasing is available to businesses only. Leasing is not available to individuals.
800.800.4239
Mon-Fri 7am-7:30pm CT
Availability:In Stock
Ships today if ordered within 1 hrs 7 mins
  • License
View More

Recommended Warranty

Product Overview
Main Features
  • License
SecureSphere Virtual Appliance delivers the full SecureSphere web application, database, and file security feature set in a cost effective, simple, and easy to install virtual appliance. IT organizations can now choose between a physical or virtual appliance deployment of SecureSphere to align with their data center virtualization strategy.

With SecureSphere Virtual Appliance, customers can leverage existing hardware for appliance consolidation, maximize the utilization of their servers and network infrastructure and cut power, cooling and support costs. The simplicity and flexibility of SecureSphere Virtual Appliance enables organizations of any size to quickly provision and configure security services as requirements change.

Within a VMware ESX server environment, SecureSphere Virtual Appliance offers better inspection of inter-VM traffic and support of VMotion for addressing disaster recovery and workload migration requirements.

Technical Specifications
Specifications are provided by the manufacturer. Refer to the manufacturer for an explanation of the print speed and other ratings.
Software
License Category: License
License Qty: 1 license
License Type: License

Header
Brand: Imperva
Compatibility: PC
Manufacturer: Imperva
Model: VM150 Management Server Virtual Appliance
Packaged Quantity: 1
Product Line: SecureSphere

General
Category: Online & appliance based services
Subcategory: Online & appliance based services - appliance software

Product Reviews
SecureSphere VM150 Management Server Virtual Appliance - license is rated 4.0 out of 5 by 9.
Rated 4 out of 5 by from Allows people to secure data, while seamlessly allowing the distribution of that data in an effortless manner. Valuable Features:I like Imperva SecureSphere platform forms. Imperva SecureSphere is the foundation for SecureSphere data, file and web application solutions. Imperva SecureSphere is designed to work together, however can be independently deployed.Improvements to My Organization:Imperva SecureSphere allows people to secure data, while seamlessly allowing the distribution of that data in an effortless manner.Room for Improvement:SecureSphere activity log can be used with Imperva CounterBreach in an effort to protect enterprise data from theft and loss caused. Since such is core to its function, I would like to see future versions to integrate such options.Use of Solution:Imperva SecureSphere allows the company to adhere to data compliance requirements, and at the same time to effectively protect data from theft.Deployment Issues:No.Stability Issues:No. After using Imperva SecureSphere the first few days, implementing it was second nature.Scalability Issues:No.Customer Service:Very good customer service was responsive to needs to get Imperva SecureSphere operational.Technical Support:Imperva SecureSphere did not require very much tech support, but with the few issues we had, they were cured very quickly by tech support.Previous Solutions:No.Initial Setup:Setting up Imperva SecureSphere was very simple, and configuration was easy.Implementation Team:We used in-house.ROI:It was well worth implementing Imperva SecureSphere and found the rate of productivity increased by using it.Pricing, Setup Cost and Licensing:Compare other similar products and definitely use the free trial. I truly enjoyed using it, and recommend Imperva SecureSphere to any one who has similar needs.Other Solutions Considered:No we did not.Other Advice:Imperva SecureSphere provides great options to secure data and would not hesitate to use it.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-08-16
Rated 4 out of 5 by from Monitors and protects internet banking applications. Provides the option of deployment architectures. Valuable Features:* Flexibility* Provides the option of deployment architecturesImprovements to My Organization:* Easy monitoring* Protection of internet banking applicationsI was working for Crescendo International, which is a small company in Romania. My primary role was in network solution integration. I was the only person in the country with experience of three deployments of Imperva products at two major banks.Room for Improvement:* The upgrade procedure is not clear* There is no easy rollback* There is no possibility to select different ways for two different types of cipher suit negotiation in two arm deployments. Most of the banks now use ECDHE for PFSC.* No SNI supportUse of Solution:We have been using the solution for two years.Stability Issues:There were many stability issues with the upgrade procedure. The technical support team didn't know how to handle them.Scalability Issues:We encountered some stability issues.Technical Support:The level of technical support is bad.Previous Solutions:We did not use a previous solution.Initial Setup:The initial setup was straightforward.Cost and Licensing Advice:Please be more transparent about licensing on subscriptions such as for ThreatRadar.Other Solutions Considered:We evaluated F5 Networks.Other Advice:We recommend implementing it.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-03-03
Rated 4 out of 5 by from Facilities data enrichment and process automation. It manages cluster capacity. Valuable Features:The most valuable features are:* DAM Module* Third-party data source integration: Feeds automation* Data enrichment: Provides better data quality and session handling* API: Used for process automationImprovements to My Organization:The solution has improved our organization as follows:* Better agent performance compared to v9.5* Gateways are much more stable* Gateway cluster improves resource utilization and provides better resiliency* Offers the option to manage cluster capacity without touching the agent configurationRoom for Improvement:BUGs, BUGs, BUGs. The product is under high development and the amount of bugs is bit disappointing. The product has lots of limitations which are not clearly documented. You can only find out the limitations by engaging the supportThere is no ability to change the date and time format. This is a significant issue for someone who not familiar with US date and time format.Use of Solution:We have been used this solution for over three years.Stability Issues:There were stability issues in v9.5. There are no major stability issues in v10.5.Stability is dependent on the infrastructure. If you use hypervisor, then you need to make sure to use resources and I/O settings that are optimal for SecureSphere. Otherwise, you will end up with stability and performance issues.Scalability Issues:There are some scalability issues. There was a hardcoded limitation in the number of MXs you can connect to SOM. In addition, the bigger the infrastructure, the bigger challenge there is to create a single audit report file.Technical Support:The technical support is OK. But they have big potential to do things better.Previous Solutions:We had a previous solution. We switched because the new requirements couldn’t be accomplished with the old solution.Initial Setup:The installation was quite complex. We had to integrated lots of external systems in order to make it work right.Other Advice:Give it a try. Write down your requirements as detailed as possible, and perform a PoC using this list. If you find gaps that require additional development, it could take some time until you actually get it.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-02-27
Rated 4 out of 5 by from It covers the legal obligations for Turkish banks and fulfills requirements for our clients. Valuable Features:* Easy agent setup* Big data* SIEM tool integrationImprovements to My Organization:SecureSphere covers the legal obligations for Turkish banks. According to Turkish banking regulations, database activities (especially admins' activities) should be monitored and alerted.Room for Improvement:Syslog size for transferring data should be increased.Use of Solution:I used it from September 2015-May 2016.Deployment Issues:I remember that SecureSphere stores limited data according to the number of the data structure type that is defined in the server configuration files. If a customer does not realize this, data taken with the policy that has a max data structure type is interrupted.Technical Support:The vendor’s local partners, NGN Company and Bulent Daldal, were very supportive whenever my company needed their help.Initial Setup:I supported NGN when SecureSphere was set up. Although I only experienced this setup process once, I can now setup SecureSphere DAM and agents on my own. I mean, it was easy and feasible with guidance.Implementation Team:A vendor team implemented it.Other Solutions Considered:I did not evaluate other solutions, but I have heard from my clients (Deloitte clients) who have used Guardium before that SecureSphere is better.Other Advice:SecureSphere fulfills so many requirements for our clients. Additionally, if they want to evaluate and correlate data more comprehensively, they can use this product with SIEM tools such as ArcSight or Splunk.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2016-10-23
Rated 4 out of 5 by from With the audit log system, it can secure an audit trail from privileged users with user logs on a physical server, but the UX is not great and sometimes confusing. Valuable Features:There are many features that are valuable, it depends on the purpose. If the purpose is compliance or auditing, the most valuable feature are the audit log system, as it helps you to secure an audit trail and from user to action even if the user are privileged and even if the user logs in on the physical server. If the purpose is security the most valuable feature are the way it can drop and prevent the access of sensitive table/data set by rules and policies. Lastly, if the purpose is availability, the most valuable feature is the way it can drop connections set by rules and policies.Improvements to My Organization:If the purpose is compliance or auditing, ex PCI-DSS you need a system like this to pass part of the compliance. As I help customers with compliance, this is a great tool to make it all "simple" and the report part makes the lives easier for the users/auditors.If it's used for security, this, or systems like this, are the last line of defence, and you will prevent incursions, or at least know what happened, and what was stolen.If it is to be used to monitor availability, you will only know the real ROI if you are a victim of a large attack, then you can pat yourself on the back and say "Yay! We prevented that". This cannot be achieved solely on the Imperva system and you need the full suite of WAF.Room for Improvement:This product needs a good team of UX people, because it's not always that understandable, and sometimes it's straight up confusing.Deployment Issues:They did have some issues with HA and Clustered environments, but it is supposed to be fixed in v12, which I have not tested.Stability Issues:No issues encountered.Scalability Issues:There are issues, but it is supposed to be fixed in v12, which I have not tested.Customer Service:It's good, but it's a big company, so you need to know the paths to get the most out of it.Technical Support:It's very good.Initial Setup:This is a complex system, and all other in the same league are just as complex. There are no workarounds to simplify it.Cost and Licensing Advice:It's expensive, and their licensing is kind of strange, but it is what it is.Other Solutions Considered:We also looked at IBM InfoSphere Guardium.Disclaimer: My company has a business relationship with this vendor other than being a customer:We are a partner/vendor.
Date published: 2016-10-21
Rated 4 out of 5 by from It relies on signature-based policies, as well as on a web correlation engine. Valuable Features:WAF is a great security layer to protect an organization from a wide spectrum of application attacks residing in OSI layer 7. The Imperva device relies on signature-based policies, as well as on a web correlation engine. In addition, the packet inspection can be enhanced with the aid of stream signature policies, which are policy items focused on the stream rather than the HTTP/HTTPS protocol. Imperva can easily match a web user to the requests launched from his client. While the default policy subset is very rich and covers different regulations (e.g., PCI, SOX), there is always an option to create custom policies addressing specific needs. Security alerts are comprehensive of all the necessary details for the analysis, such as connection details, signature triggered, alert type (e.g., Protocol, Profile), severity and followed action (e.g., syslog forward, IP monitoring).DAM also provides great value to audits and again, the data monitoring policies by default are very rich.If you don't know exactly what kind of data you store in-house, SecureSphere allows you to actively scan and classify your information, automatically providing you detailed status of the data, which can be further reviewed and finalised by analysts or DBAs. This is also valid for user rights on the data, understanding the level of privileges granted to users and suggesting countermeasures in detailed aggregated charts and reports.Once under monitoring, the data can be reviewed with an intuitive interface that allows the analyst to drill down, quickly narrowing the scope in a few clicks and focusing the attention only on the relevant queries. Once the pattern is identified, it is even possible to quickly report a detailed status of the findings, as well as generate a report template for future uses. This is on the hot data, what we have available in the management database. The time span can be increased indeterminately with a good retention configuration, combined with a SAN that stores the cold data, partitioned in daily slices and ready to be loaded into a separate database space for archives.This is brilliant if you think about scalability, for you can obtain a very big archive while preserving system resources and performance. However, to get this configuration, in-depth tuning is needed for several weeks in order to get all relevant metrics (e.g. data stored per day, data spikes, backup speed, link transfer capacity, etc.) and adopt the appropriate customizations.Audit data can also be correlated with application users by obtaining a detailed match of the database queries executed according to a particular web user’s HTTP requests.The FAM module allows organizations to continuously audit storages and network shares and keep a detailed record of every file operation across the company. Scans are available also in this context, providing user rights as well as access to the monitored files. A data classification is also possible with the FAM.All of Imperva’s features are extremely powerful, while a certain degree of knowledge is required to have a solid understanding of the product.Improvements to My Organization:Imperva helps you comply with data regulations such as SOX or PCI. It helps SOC analysts to enlarge the scope analysis, significantly providing great procedures to drill down into the audit or a customizable enrichment fed by several types of input, e.g. Active Directory or other external platforms, and even a layer 7 inspection. When fully integrated, the application user requests are bound with the queries executed, giving a comprehensive picture of how your web application interacts with the data layer highlighting all possible security flaws in the data management, code bugs or server misconfigurations. All this logical data collection is effectively arranged into detailed profiles from where it is possible to spot the unusual deviations or to create advanced conditions to trigger upon this baseline. Think about access to PCI data from users different to the ones allowed, such as DBAs, only from a certain subnet, let's say the external network, out of the business hours, like nights or weekends. This is one possibility of what Imperva can achieve in your organization to protect the data from unauthorised users.Room for Improvement:To have the mind at ease with a security solution has been always a chimera. Even SecureSphere suffers from some limitations, which I believe will be handled in the near future. I see two main things to improve at this point:* SSL tunnel support for z/OS agents* Capability to retain live audit policy data for several months; sometimes, on certain installations, this is not feasible due to the big data streams involved in the scope.Use of Solution:I've been supporting the Imperva technology since version 8.x. I have a company that provides consultancy services and I support Imperva.Stability Issues:From versions 9.5 and later, the Imperva solution has reached an optimum level of stability. On every unusual state reported, I was always able to relate it to misconfigurations or other hardware limitations and never to major bugs or software problems.Scalability Issues:Again, Imperva works great when you need to increase managed devices, add new gateways or even change the operational modes of the latter.Technical Support:On a scale from 1-10 (1=worst, 10=best) I would say technical support is 9. Support is always guaranteed and every internal SE has been always competent and ready to assist.Previous Solutions:I tested different audit and WAF solutions and the one I was always more comfortable with is Imperva.Initial Setup:Setup is actually complex due to the nature of the product and needs deep knowledge of the solution to get things working with minor effort. If you don't know exactly what kind of solution are you deploying or even the installation steps to get the environment fully working, you won't be able to install it easily.Cost and Licensing Advice:I am a technician, so I am not very confident discussing this topic.Other Advice:Doing the initial Imperva training before putting your hands on the product helps a lot. Getting assistance from Imperva during the initial stage of your new environment is highly recommended.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2016-10-05
Rated 4 out of 5 by from With the audit log system, it can secure an audit trail from privileged users with user logs on a physical server, but the UX is not great and sometimes confusing. Valuable Features:There are many features that are valuable, it depends on the purpose. If the purpose is compliance or auditing, the most valuable feature are the audit log system, as it helps you to secure an audit trail and from user to action even if the user are privileged and even if the user logs in on the physical server. If the purpose is security the most valuable feature are the way it can drop and prevent the access of sensitive table/data set by rules and policies. Lastly, if the purpose is availability, the most valuable feature is the way it can drop connections set by rules and policies.Improvements to My Organization:If the purpose is compliance or auditing, ex PCI-DSS you need a system like this to pass part of the compliance. As I help customers with compliance, this is a great tool to make it all "simple" and the report part makes the lives easier for the users/auditors.If it's used for security, this, or systems like this, are the last line of defence, and you will prevent incursions, or at least know what happened, and what was stolen.If it is to be used to monitor availability, you will only know the real ROI if you are a victim of a large attack, then you can pat yourself on the back and say "Yay! We prevented that". This cannot be achieved solely on the Imperva system and you need the full suite of WAF.Room for Improvement:This product needs a good team of UX people, because it's not always that understandable, and sometimes it's straight up confusing.Deployment Issues:They did have some issues with HA and Clustered environments, but it is supposed to be fixed in v12, which I have not tested.Stability Issues:No issues encountered.Scalability Issues:There are issues, but it is supposed to be fixed in v12, which I have not tested.Customer Service:It's good, but it's a big company, so you need to know the paths to get the most out of it.Technical Support:It's very good.Initial Setup:This is a complex system, and all other in the same league are just as complex. There are no workarounds to simplify it.Cost and Licensing Advice:It's expensive, and their licensing is kind of strange, but it is what it is.Other Solutions Considered:We also looked at IBM InfoSphere Guardium.Disclaimer: My company has a business relationship with this vendor other than being a customer:We are a partner/vendor.
Date published: 2015-12-30
Rated 4 out of 5 by from It provides you with audit logs for changes to the database. Valuable Features:* Database activity monitoring* Web application firewallImprovements to My Organization:This product has limited attacks to the core tax collection application. It also provides audit logs for changes to the database and gives user account details.Room for Improvement:None so far.Use of Solution:I've used it for over two years.Deployment Issues:I was not around during the implementation, but reports do not show any issues noted.Stability Issues:None so far.Scalability Issues:None so far. Our solution has not had bottlenecks so farCustomer Service:Customer service has always been available.Technical Support:Technical support is rated highly.Previous Solutions:Only a firewall was in place before. WAF was needed for web application specific protection as firewalls are not the best solution.Initial Setup:No issues noted in the implementation reports.Implementation Team:A third party vendor was used to implement the product and to get the IT security staff trained.ROI:We have had a high ROI with this product.Cost and Licensing Advice:Budget for licenses in synch with your financial years, and it's best to have licenses covering over a year so that planning for procurement of new licenses is done earlier. Of course, if you operate in AWS cloud, its much easier to justify as you can pay for three or more years at once.Other Solutions Considered:I am not privy to procurement details, but we use Gartner as a source. Imperva is the sole leader in its field.Other Advice:Implement this product across all systems running applications as access to one unprotected system can be elevated to a protected one. Also, have reports produced frequently using the tools available in the system and analyze them to know and investigate the sources of attacks the WAF has blocked. That's because they could be internal indicating a compromise or a malicious user within. Ensure that your SharePoint environment is also protected as though it may be internal, attacks can be directed at it.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2015-06-16
  • y_2017, m_11, d_20, h_20
  • bvseo_bulk, prod_bvrr, vn_bulk_2.0.3
  • cp_1, bvpage1
  • co_hasreviews, tv_0, tr_9
  • loc_en_US, sid_2538816, prod, sort_[SortEntry(order=SUBMISSION_TIME, direction=DESCENDING), SortEntry(order=FEATURED, direction=DESCENDING)]
  • clientName_cdw
 
Adding to Cart...
11/22/2017 2:53:33 PM
^ Back to Top

Maximum 300 characters
An account manager will email you within one business day to confirm your request.

Your Quote has been submitted

What Happens Next? A confirmation email is on its way. Within one business day, you will be contacted by an Account Manager to finalize your quote.

Error!

Something went wrong.

Please try again later.