This section features use cases that show how Imperva Data Security Fabric will monitor an EDB Postgres Advanced Server Database. There are many different options and reports that can be configured with the Imperva Data Security Fabric Agent installed on your EDB Postgres Advanced Server or PostgreSQL database.
Some of these options are:

  • Scan and assess the servers
  • Configure security policies
  • Create and/or manage reports
  • Configure and view audited traffic
  • Configure or work with a Database Cluster

For in depth information on the many pieces of Database Activity monitoring with the Imperva Data Security Fabric Agent, please visit the Database Activity Monitoring User Guide on the Imperva Website: Database Activity Monitoring

Monitor EDB Postgres Advanced Server or PostgreSQL Database Traffic

One of the uses of the Imperva Data Security Fabric Agent is monitoring database traffic for compliance and auditing. Many regulations and industry standards require organizations to monitor and track data access and changes for auditing purposes. This can include tracking access to sensitive data such as financial information or personal data of customers.

Imperva Agents within the Imperva Data Security Fabric solution can be used to track and review the actions of employees and 3rd parties to ensure they are complying with policies and procedures.

Set-up to Monitor Database Traffic with Imperva Data Security Fabric Agent

The following steps need to be taken in order to set-up the Imperva Data Security Fabric Agent to monitor EDB Postgres Advanced Server traffic.

  1. Install Imperva Data Security Fabric Agent.

  2. Run the basic management configuration.

  3. Connect to the database using an external client and run queries.

  4. Check that the traffic was intercepted and displayed in the management audit screen.

Here is an example of a query to table name “my_test_table” and the DB is PostgreSQL. The table does not exist and therefore the SQL exception is marked as true.

ImpervaDBAudits

Secure an EDB Postgres Advanced Server or PostgreSQL Database

Imperva agents can also be used within an EDB Postgres Advanced Server or PostgreSQL server for security reasons. Imperva agents can be used to block transactions like unauthorized access or changes to data. This can help organizations protect against data breaches, cyber attacks and other threats.

Imperva Data Security Fabric Agent Traffic Block Conditions

An Imperva Agent, within the Imperva Data Security Fabric Solution, can block traffic when all the following conditions are met:

  1. An applicable security policy blocks the traffic.

  2. Enable Blocking is selected withing the Imperva Agent's settings tab.

  3. The server group is not in simulation mode.

When Enable Blocking is selected, Default Connection Mode in the Imperva Agent’s Settings tab must be set to either Sniffing or Inline. In both cases, the Imperva Agent forwards the traffic to the Gateway.

If Default Connection Mode is set to Sniffing, then the Imperva Agent allows the traffic to pass to the database. If the Imperva Agent later receives a notification from the Gateway that the traffic must be blocked, it does so, but in the meantime, some undesirable traffic will have gotten through to the database.

The advantage of Sniffing is that no latency is introduced. Its disadvantage is that undesirable traffic can reach the database.

If Default Connection Mode is set to Inline, then the Imperva Agent holds the traffic until it receives a notification from the Gateway indicating whether the traffic should be allowed or blocked.

The advantage of Inline is that no undesirable traffic can reach the database. Its disadvantage is that it introduces latency.

For more information: Please visit the Imperva Data Activity Monitoring User Guide on the Imperva website: Database Activity Monitoring User Guide


Could this page be better? Report a problem or suggest an addition!