Enterprise security is an essential consideration when it comes to integration into the cloud. Imperva Inc. is dedicated to filling the gaps in endpoint and network security by directly protecting high-value applications (apps) and data assets in physical and virtual data centers.
A public company, Imperva, Inc. ranked 247 in the 2014 Software 500, reporting $137.8 , million in overall revenue and a growth of more 32 percent from 2013. Founded in 2002 and currently headquartered in Redwood Shores, CA, it staffs more than 700 employees.
The company offers an integrated security platform built to thwart modern threats and provide both the visibility and control needed to neutralize attack, theft, and fraud from inside, as well as mitigate risk and streamline compliance outside of the organization. Its SecureSphere platform serves more than 3,500 customers in over 90 countries.
Imperva recently announced the availability of a Cloud Reference Architecture for Infrastructure as a Service (IaaS), targeting Amazon Web Services (AWS). This new reference architecture kicks off a series of templates that the company plans to release for cyber defense and cloud security. It provides an industry guide for implementing Web app security and app management security solutions in the public cloud, something the company says is an industry first.
Mark Kraynak, chief product officer, Imperva, notes that interest in the adoption of cloud computing in the company’s enterprise customer base has dramatically accelerated in the last year. “These customers are finding that security is largely ‘do it yourself’ if the cloud. And while many of the security functions are the same in the cloud, deployment concerns are very different, so they have been assigned for help and guidance on those questions.”
To address cloud security, Imperva started developing the blueprint for its Cloud Reference Architecture late last year, working through AWS deployment concerns with its first design partners for SecureSphere for AWS.
Kraynak suggests there are three key security challenges for apps in the AWS cloud, app attacks, distributed denial-of-service (DDoS), and administrative access.
With Imperva, customers can choose between SecureSphere WAF for AWS or Incapsula for app attack protection. “SecureSphere is right for companies that want to manage their own security infrastructure and have a need for integration into a range of other enterprise security products,” explains Kraynak. “Incapsula is right for customers that want a Software as a Service (SaaS) and don’t have deep integration needs at this time.”
To address DDoS mitigation, Imperva’s Incapsula DDoS offering supplements SecureSphere to provide a hybrid solution. “Both SecureSphere and Incapsula can handle layer 7 DDoS attacks, but the power of the hybrid solution is unlocked when they work together and Incapsula takes care of network-based and volumetric attacks in their cloud before they impact your app,” he offers.
Kraynak notes that administrative access security is probably the most overlooked aspect of AWS security. “Unfortunately, the consequences of getting this wrong can be truly dire,” he warns. To address this, Imperva offers Skyfense, which provides access monitoring and account take-over protection.
Imperva has been offering SecureSphere WAF for AWS since March. Now, with the Cloud Reference Architecture for AWS, customers can also take advantage of the Incapsula DDoS protection service to protect against disruptions to service and the Skyfense Cloud Gateway, which provides customers with the ability to monitor and protect administration access to the AWS Management Console.
The new Cloud Reference Architecture for AWS is available on the Imperva Web site. The SecureSphere WAF for AWS is available on AWS Marketplace in two licensing options.
Kraynak admits the need to address these challenges beyond AWS. “While there are many vendors offering IaaS today, AWS is the clear leader in this space and accounts for the majority of the business and the majority of Imperva’s customer requests. It is our intention to expand to other players in the future.”
The company plans to continue to offer its reference architectures to address the needs of cyber defense. Kraynak suggests future reference architectures could include other IaaS platforms, security for SaaS environments, vertical-specific solutions, and other layered approaches. SW
Dec2014, Software Magazine