Imperva Announces Mainframe Database Monitoring Solution

Imperva, a provider of application data security, has announced a solution that provides monitoring, auditing, and protection for DB2 databases running on z/OS mainframes. SecureSphere Database Gateway for z/OS (DGZ) monitors local and network activity by privileged users, non-privileged users, and applications to prevent data loss, fraud, and automate regulatory compliance reporting.

"We have had a lot of demand from our customer base for the ability to integrate audit and activity monitoring information for databases from mainframe environments—namely DB2 on the z/OS platform—with audit and activity monitoring information from all of the other platforms in their environments," Mark Kraynak, vice president of marketing at Imperva, tells 5 Minute Briefing. Until now, Imperva's database activity monitoring has been focused mainly on distributed platforms. With this release, he notes, "We are able to connect that mainframe world to the rest of the activity monitoring infrastructure."

According to Imperva, traditional approaches for monitoring and auditing activity on mainframe databases, especially by privileged users, often require installing agents that can impact performance and availability. Database Gateway for z/OS combines native IBM technology to capture local activity with Imperva's network-based security platform to provide greater visibility and protection for DB2 on the mainframe. Mainframe environments usually have extremely high availability and performance requirements, "and so the appeal of an IBM product that is installed natively on the z/OS platform is very high, as opposed to a separate third-party product from an unproven mainframe vendor," observes Kraynak.

SecureSphere DGZ provides security and audit trails covering all paths into and out of DB2 databases on the z/OS platform, the vendor says. Network activity is captured directly by SecureSphere, while local activity by privileged users and administrators is collected through the integration of IBM Audit Management Expert (AME), a native tool specifically developed for IBM z/OS environments.

To automate regulatory compliance tasks, SecureSphere DGZ maintains a “tamper-proof” record of all activity on DB2 databases, Imperva adds. The SecureSphere DGZ audit trail includes details on schema changes (DDL), data changes (DML), privilege granting and revoking (DCL), and security exceptions such as failed logins and SQL errors. A reporting engine that includes regulation-specific reports for PCI DSS, SOX, HIPAA, as well as customizable analytics supports the audit trail. Additional details are available at the Imperva website.