Transcription
Imperva SecureSphereAppliancesDA T A SH E E TScalable. Reliable. Flexible.Imperva SecureSphere appliances provide superior performance and resiliency fordemanding data center environments. With fail open interfaces, SecureSphere platformsoffer fast and cost-effective fail over. Out-of-band management enhances security,while front panel status messages and network interfaces improve manageability.SecureSphere appliances deliver a scalable, reliable and flexible platform to powerImperva’s web, database, and file security solutions.High Performance ArchitectureSupporting multi-gigabitthroughput and tensof thousands oftransactions per second,low latency SecureSphereappliances can manageheavy traffic loads withoutimpacting applicationSecureSphere appliances offer exceptional performance, allowing organizationsto consolidate device management and address future bandwidth requirements.Supporting multi-gigabit throughput and tens of thousands of transactions per second,low latency SecureSphere appliances can manage heavy traffic loads without impactingapplication or network performance.Fault Tolerant System DesignTo maximize system uptime, SecureSphere appliances offer redundant, hot-swappablecomponents including redundant power supplies and hard drives. In the event of ahardware failure, the redundant component will automatically take over, providingcontinuous system operations.or network performance.1
D ATASHE E TExpansion Options to Address Unique Business NeedsSecureSphere appliances can be extended to provide remote, out-of-band managementand monitoring, performance acceleration, and more with expansion modules.Options include: Intelligent Platform Management Interface (IPMI) Hardware Security Module (HSM) SSL acceleration Fibre Channel interfacesFlexibility for High Throughput EnvironmentsThe X8510 and X10K appliances provide ultra-high performance by offering 5Gbps and10Gbps throughput, respectively. These appliances are built on a common hardwareplatform with flexibility in mind. SecureSphere customers that start with an X8510 havethe ability to later upgrade their appliance software, transforming the platform intoan X10K with up to 10Gbps throughput. No matter how demanding of a data centeryou’re running, Imperva has a high-performing platform to power SecureSphere Web,Database, and File Security solutions.SecureSphere Virtual AppliancesSecureSphere Virtual Appliances deliver the complete SecureSphere product line in asoftware-only form factor. Expanding customers’deployment options, SecureSphereVirtual Appliances provide a cost effective and flexible way to deploy SecureSphere’sdata security solutions and align with organizations’ data center virtualization strategies.SecureSphere for Amazon Web ServicesSecureSphere appliancescan be extended toprovide remote, out-ofband management andmonitoring, performanceacceleration, and more withexpansion modules.Imperva SecureSphere for Amazon Web Services (AWS) delivers the benefits of therenowned SecureSphere Web Application Firewall (WAF), Database Activity Monitoring(DAM) and Database Firewall (DBF) while natively leveraging important AWS featureslike VPC, CloudFormation, CloudWatch, and Elastic Load Balancing.SecureSphere for Microsoft AzureSecureSphere for Azure protects business-critical applications hosted in the MicrosoftAzure cloud from advanced web attacks and audits/monitors access to sensitivedata in Azure. It streamlines deployments and extends scalability and disaster recoveryin the cloud, by leveraging the built-in features in Azure.2
D ATASHE E TSecureSphere Hardware AppliancesS PEC I F I C A T I O NX1 0 KX8510X 6510X4510X2510Fault ToleranceTriple hot-swap harddrives Dual hot-swappower suppliesTriple hot-swap harddrives Dual hot-swappower suppliesTriple hot-swap harddrives Dual hot-swappower suppliesDual hot-swap harddrives Dual hot-swappower suppliesDual hot-swap harddrives Dual hot-swappower supplies72,000 IPU36,000 IPU18,000 IPU9000 IPU5000 IPU27,50027,50013,5003,0002,500 5ms 5ms 5 ms 5 ms 5 ms2 x 10G SR4 Copper4 Copper4 Copper4 CopperN/A4 Copper4 Copper4 CopperN/AThroughputDAM IPU, for sizing1RSA/Sec (2048bit)2Latency3DefaultInterfaceModule Slot 1 OptionalInterfaceModule Slot 2DefaultOptionalMax Network SegmentsInline Fail Open(bridging only)Intelligent PlatformManagement Interface(IPMI) PortHard DriveMemorySerial PortUSB PortOut-of-Band PortManagement10 Gbps4 Copper OR 4 x 1G OR 2x 10G SR/LR4 Copper OR 4 x 1G OR 2x 10G SR/LRBridge (4), ReverseProxy (9), Non-Inline5 Gbps4 Copper OR 4 x 1G OR 2x 10G SR/LR4 Copper OR 4 x 1G OR 2x 10G SR/LRBridge (4), ReverseProxy (9), Non-Inline2 Gbps4 Copper OR 4 x 1G OR2 x 10G SR/LR4 Copper OR 4 x 1G OR2 x 10G SR/LRBridge (4), ReverseProxy (9), Non-Inline1 Gbps4 Copper OR 4 x 1G OR2 x 10G SR/LR4 Copper OR 4 x 1G OR2 x 10G SR/LRBridge (4), ReverseProxy (9), Non-Inline500 Mbps4 Copper OR 4 x 1G OR2 x 10G SR/LR4 Copper OR 4 x 1G OR2 x 10G SR/LRBridge (4), ReverseProxy (9), Non-InlineUp to 4 Bypass SegmentsUp to 4 Bypass SegmentsUp to 4 Bypass SegmentsUp to 4 Bypass SegmentsUp to 4 Bypass Segments1 Copper IPMI1 Copper IPMIOptional RJ45 PortOptional RJ45 PortOptional RJ45 Port3 x 2TB RE4 (RAID 5)3 x 2TB RE4 (RAID 5)3 x 2TB RE4 (RAID 5)2 x 2TB RE4 (RAID 1)2 x 2TB RE4 (RAID 1)128 GB DDR3128 GB DDR364GB DDR332GB DDR316GB DDR3Console RJ45Console RJ45Console RJ45Console RJ45Console RJ452 ports2 ports2 ports2 ports2 ports2 x 100/1000 Copper2 x 100/1000 Copper2 x 100/1000 Copper2 x 100/1000 Copper2 x 100/1000 CopperSSL AccelerationOptional SSL HighperformanceOptional SSL HighperformanceOptional SSL standardperformanceOptional SSL standardperformanceAdd-OnsDefault: IPMI // Optional:Fiber Channel, HSMDefault: IPMI // Optional:Fiber Channel, HSMDefault SSL StandardperformanceOptional SSL highperformanceOptional: Fiber Channel,HSM, IPMIDual 600WOptional: Fiber Channel,HSM, IPMIDual 400WOptional: Fiber Channel,HSM, IPMI100-240V100-240V100-240V100-240V100-240VIdle: 633.07,Full: 706.40Idle: 641.34,Full: 717.29Idle: 402.60,Full: 455.09Idle: 318.42,Full: 370.33Idle: 189.88,Full: 271.58Power SupplyAC PowerTypical Consumption (W)Typical Heat Output (BTU)Form FactorDimensionsWeightOperating EnvironmentStorage EnvironmentDual 600WIdle: 185.11,Full: 206.552UDual 600WIdle: 187.53,Full: 209.732UIdle: 117.72,Full: 133.072UIdle: 93.11,Full: 108.282UDual 400WIdle: 55.52,Full: 79.412U88 x 446 x 645mm88 x 446 x .25Kg18.45kg14.75kg14.45kgTemperature: 0 - 70 CRelative Humidity:20 - 90%Temperature: 0 - 70 CRelative Humidity:20 - 90%Temperature: 0 - 70 CRelative Humidity:20 - 90%Temperature: 0 - 70 CRelative Humidity:20 - 90%Temperature: 0 - 70 CRelative Humidity:20 - 90%Temperature: 5 - 40 CRelative Humidity:20 - 90%Safety Agency ApprovalCE, TUV, FCC, CB, VCCI,RCMSupportedSecureSphere ProductsWeb Application FirewallDatabase Activity MonitorDatabase FirewallFile FirewallTemperature: 5 - 40 CRelative Humidity:20 - 90%CE, TUV, FCC, CB, VCCI,RCMTemperature: 5 - 40 CRelative Humidity:20 - 90%CE, TUV, FCC, CB, VCCI,RCM, KCCWeb Application FirewallDatabase Activity MonitorDatabase FirewallWeb Application FirewallDatabase Activity MonitorDatabase FirewallSecureSphere forSharePointDatabase Agents Included 100100100Database VulnerabilityAssessments Included8004001600Temperature: 5 - 40 CRelative Humidity:20 - 90%CE, TUV, FCC, CB, VCCI,RCM, KCCWeb Application FirewallDatabase Activity MonitorDatabase FirewallSecureSphere forSharePointFile Firewall50200Temperature: 5 - 40 CRelative Humidity:20 - 90%CE, TUV, FCC, CB, VCCI,RCM, KCCWeb Application FirewallDatabase Activity MonitorDatabase FirewallSecureSphere forSharePointFile Firewall251001The Imperva Performance Units (IPU) is a proprietary metric that represents the maximum recommended load on a gateway, and is a number used for sizing and loadbalancing SecureSphere appliances in a given deployment. IPU is computed based on a number of metrics including, but not limited to, the total number of databaseservers, the total number dB cores, and type of dB used in the deployment.2Measured with ‘high performance’ SSL card.3SSL traffic latency measured with SSL card.3
D ATASHE E TSecureSphere Hardware Appliances4Throughput figures represent layer 7 Webapplication firewall performance5Measured with standard SSL card6Database vulnerability assessments only includedwith Database AssessmentSP E CIF IC ATIONX 2020X1020Fault ToleranceNot availableNot availableThroughput 4500 Mbps100 MbpsRSA/Sec (2048bit) rfaces4 x 1G Copper2 x 1G Copper (for management)4 x 1G Copper2 x 1G Copper (for management)Max Network Segments(2) Bridge; (5) Proxy, Non-inline(2) Bridge; (5) Proxy, Non-inlineInline Fail Open(Bridging only)2 bypass segments2 bypass segmentsHard Drive2 TB2 TBMemory16 GB16 GBSerial PortRJ45 connectorRJ45 connectorUSB Port22SSL AccelerationOptionalOptionalPower Supply220 W220 WAC Power100-240V, 50-60 Hz100-240V, 50-60 HzTypical Consumption106.7 W106.7 WTypical Heat Output364 BTU/Hr364 BTU/HrForm Factor1U1UDimensions17.25 x 16.38 x 1.73 inches438 x 416 x 44 mm17.25 x 16.38 x 1.73 inches438 x 416 x 44 mmWeight13.65 lbs (6.2 kg)13.65 lbs (6.2 kg)Operating EnvironmentTemperature: 5 - 40 CRelative Humidity 20 - 90%Temperature: 5 - 40 CRelative Humidity: 20 - 90%Storage EnvironmentTemperature: 0 - 70 CRelative Humidity 20 - 90%Temperature: 0 - 70 CRelative Humidity: 20 - 90%Safety Agency /VCCI/CCC/KCC/CBSupportedSecureSphere ProductsWeb Application FirewallDatabase AssessmentWeb Application FirewallDatabase AssessmentDatabase VulnerabilityAssessments Included 6100254
D ATASHE E TSecureSphere Management AppliancesImperva’s SecureSphere management products deliver superior performance,scalability and unified management capabilities for any size deployment. Whetheryou’re managing a small data center, or a large number of business units, data centers,or customers, SecureSphere products give you the visibility and control to minimizeadministrative overhead and ensure a strong data security posture. Managementappliances support the SecureSphere Manager and SecureSphere Manager ofManagers products.Ultra HighBandwidthSecureSphere, in conjunction withour network visibility partners,delivers a scalable, high-performancedata center security solutionfor your bandwidth-intensiveapplications. Leveraging solutionsfrom Net Optics, an Ixia company,and Gigamon, SecureSpheredeployments easily scale to meet theneeds of high bandwidth and clouddeployments. These network visibilitysolutions distribute your high volumeof inbound traffic across multipleSecureSphere gateways, ensuringonly relevant protocols are sent toSecureSphere web, database, andfile security gateways.SP E CIF IC ATIONM160M120Fault ToleranceDual hot-swap hard drives Dualhot-swap power suppliesNot AvailableMemory32GB DDR316 GBHard Drive2 x 500GB 10K RPM (RAID 1)2 TBSerial PortRJ45 connectorRJ45 connectorUSB Port2 ports2 portsIntelligent Platform ManagementInterface (IPMI) PortOptional RJ45 PortNot AvailableFibre ChannelOptionalNot AvailableManagement Port2 x 100/1000 Copper2 x 100/1000 CopperPower SupplyDual 400W220 WAC Power100-240V100-240V, 50-60 HzTypical ConsumptionIdle: 80.40Full: 94.7198.7 WTypical Heat OutputIdle: 274.98Full: 323.89337 BTU/HrForm Factor2U1UDimensions88 x 442 x 513 mm438 x 416 x 44 mmWeight14.15kg13.43 lbs (6.1 kg)Operating EnvironmentTemperature: 5 - 40 CRelative Humidity 20 - 90%Temperature: 5 - 40 CRelative Humidity 20 - 90%Storage EnvironmentTemperature: 0 - 70 CRelative Humidity 20 - 90%Temperature: 0 - 70 CRelative Humidity 20 - 90%Safety Agency ApprovalCE, TUV, FCC, CB, VCCI, RCM,KCCCE, FCC, cTUVus, VCCI, CCC,KCCSupported SecureSphereProductsMX, SOMMX5
D ATASHE E TSecureSphere Virtual AppliancesSecureSphere Virtual Appliance provides the complete SecureSphere product linein a cost effective, simple, and easy to install virtual appliance. IT organizations canchoose between physical or virtual SecureSphere deployments depending on theirdatacenter virtualization strategy. With SecureSphere Virtual Appliances, customerscan leverage existing hardware for appliance consolidation, maximize the utilizationof their servers and network infrastructure and cut power, cooling and support costs.The simplicity and flexibility of SecureSphere Virtual Appliances enable organizationsof any size to quickly provision new security services as requirements change. Withina VMware ESX server environment, SecureSphere Virtual Appliances can inspectinter-VM traffic and support disaster recovery and workload migration requirements.PER FO RM A N C EV6 5 0 0V4 5 0 0V2500V1000VM150Throughput(Web, Database andSharePoint securityproducts 8)Up to 2 GbpsUp to 1 GbpsUp to 500 MbpsUp to 100 MbpsNot applicableThroughput(File Activity Monitorand File Firewall)Not applicableUp to 4 GbpsUp to 2 GbpsNot applicableNot applicableDatabase ActivityMonitoring, DatabaseFirewallWeb ApplicationFirewallDatabase ActivityMonitorDatabase FirewallFile FirewallSecureSphere forSharePointWeb ApplicationFirewallDatabase ActivityMonitorDatabase FirewallFile FirewallSecureSphere forSharePointWeb ApplicationFirewallManagerManager of ManagersSupportedSecureSphereProductsM I NI M U M R E Q U IRE M ENTS P E R P H Y SICAL H OSTHypervisorESX/ESXi 4.x/5.x/6.0ESX/ESXi 4.x/5.x/6.0ProcessorDual core server Intel VTx or AMD-VDual core server IntelVTx or AMD-VMemory16 GBHard Drive250 GB250 GBNetwork InterfaceHypervisor-supported network interface cardHypervisor-supportednetwork interface card8 GB4 GB4 GB4 GBM I NI M U M R E Q U IRE M ENTS F OR E ACH GUE ST SE CURE SPHERE VIRTU AL APPLIAN CECPU84222Memory16 GB8 GB4 GB4 GB4 GB 9Disk Space250 GB160 GB160 GB160 GB160 GB8SecureSphere for SharePoint not supported on V1000.9Expandable to 32GB for SecureSphere V11.0 and above.6
D ATASHE E TSecureSphere for Amazon Web ServicesSecureSphere for Amazon Web Services (AWS) protects applications and data in theAmazon cloud from attack, while also streamlining compliance. SecureSphere for AWSis specifically designed to leverage native AWS infrastructure capabilities, such as AWSCloudFormation, so it delivers superior capabilities and uniquely addresses the security needsof AWS applications.SecureSphere Web Application Firewall is also available on AWS GovCloud, to enablegovernment agencies to quickly and easily migrate sensitive apps/workloads to the cloud,with a peace of mind that comes from knowing the data and applications are protected.PER FO RM A N C EAV2500AV1000AVM150Supported SecureSphere ProductWeb Application Firewall10Database Activity Monitor11Database Firewall11Web Application Firewall1MX Management ServerThroughputUp to 500 MbpsUp to 100 MbpsNot ApplicableM I NI M U M R E Q U IRE M ENTS F OR E ACH SE CURE SP H E RE FOR AWS IN STAN CEMinimum AWS Instance TypeM3 Extra LargeM3 LargeM3 Extra LargeS ECURE S P HE RE F O R A W S TE CH NICAL DE TAILSAWS Service IntegrationEC2, CloudFormation, CloudWatch, VPC, AutoScale (WAF only)SecureSphere Operating SystemCentOS version 6.3Delivery Method64-bit Amazon Machine Image (AMI)10SecureSphere WAF for AWS supports SecureSphere OS 10.5 or later11SecureSphere DAM and DBF for AWS support SecureSphere OS 11.5 or laterSecureSphere for Microsoft AzureSecureSphere protects your applications hosted on Microsoft Azure cloud infrastructure fromattacks and audits/monitors access sensitive data. SecureSphere is designed to leveragenative Azure infrastructure capabilities, such as Azure Resource Manager (ARM) to streamlinedeployment, and Azure Application Insights to monitor WAF instances.M I CR O S O F T A Z U REMV2 5 0 0MV1000MVM150SecureSphere Products SupportedWeb Application Firewall12Web Application Firewall12Management Server (MX)Performance: HTTP ThroughputUp to 500 MbpsUp to 100 MbpsNot ApplicableM I NI M U M R E Q U IRE M ENTS F OR E ACH SE CURE SP H E RE FOR AZU RE IN STAN CEMinimum Azure Instance TypeA3/D3 for HTTP onlyD3v2/D4 for HTTPSA2 for HTTP onlyA3 for HTTPSA3 StandardS ECURE S P HE RE F O R A ZURE TE CH NICAL DE TAILSSecureSphere OSCentOS version 6.3Delivery Method64 bit Azure Virtual Machine (VM)12SecureSphere WAF for AWS supports SecureSphere OS 11.5 or later7
D ATASHE E TImpervaSecureSphereCyber SecurityImperva SecureSphere is acomprehensive, integratedsecurity platform that includesSecureSphere Web, Databaseand File Security. It scales to meetthe data center security demandsof even the largest organizations,and is backed by ImpervaApplication Defense Center, aworld-class security researchorganization that maintains theproduct’s cutting-edge protectionagainst evolving threats.WE B AP PLICATION SECU RITY PRODU CTSSecureSphere WebApplication FirewallAccurate, automated protection against online threatsSecureSphere ThreatRadarGlobal, real-time threat intelligence for detection, filtering andblocking of known bad trafficDATABASE SECU RITY PRODU CTSDatabase Activity MonitorFull auditing and visibility into database data usageDatabase FirewallActivity monitoring and real-time protection for critical databasesDatabase AssessmentVulnerability assessment, configuration management, and dataclassification for databasesUser Rights Managementfor DatabasesReview and manage user access rights to sensitive databasesADC InsightsPre-packaged reports and rules for SAP, Oracle EBS, andPeopleSoft compliance and securityF ILE SE CU RITY PRODU CTSFile FirewallActivity monitoring and protection for critical file dataUser Rights Managementfor FilesReview and manage user access rights to sensitive filesDirectory Services MonitorAudit, alert, and report on changes made in Microsoft ActiveDirectorySH ARE P O IN T SECU RITY PRODU CTSSecureSphere for SharePointVisibility and analysis of SharePoint access rights and data usage,and protection against Web based threatsMANAGEMEN T PRODU CTSMX Management ServerSingle interface for managing, monitoring, and reporting on theactivities of multiple SecureSphere gatewaysManager of ManagersFederates multi-domain and multi-tenant environments that aredeployed with multiple MX Management ServersCopyright: 2017, Imperva, Inc. All rights reserved. Imperva, the Imperva logo, SecureSphere, Incapsula, CounterBreach,ThreatRadar, and Camouflage and design are trademarks of Imperva, Inc. and its subsidiaries. All other brand or productnames are trademarks or registered trademarks of their respective holders.imperva.com
Imperva's web, database, and file security solutions. High Performance Architecture SecureSphere appliances offer exceptional performance, allowing organizations . SPECIFICATION X10K X8510 X6510 X4510 X2510 Fault Tolerance Triple hot-swap hard drives Dual hot-swap power supplies Triple hot-swap hard power supplies Triple hot-swap hard
