Imperva Releases DB2 Security and Auditing Product

SecureSphere Database Gateway for z/OS checks inbound and outbound DB2 traffic and includes tools to automate compliance reporting

Imperva recently released a new product designed to help administrators protect and audit IBM DB2 databases that run on z/OS.

The SecureSphere Database Gateway for z/OS (DGZ) automates compliance procedures and helps prevent fraud and data loss by monitoring the activities of users (both privileged and not) and applications on the local and network levels -- all with minimal impact on mainframe availability, the company said.

SecureSphere DGZ checks all traffic coming from and going to the DB2 database for malicious activity. It monitors and audits network-based activity such as queries and application responses. Meanwhile, all local activity (from administrators and privileged users) is inspected by the native IBM Audit Management Expert tool.

All told, users get "360-degree visibility" into their DB2 databases, the company said in a press release.

SecureSphere DGZ also helps companies with their compliance reporting by automating compliance-related tasks. According to Imperva, SecureSphere DGZ keeps a "complete and tamper-proof record" of all DB2 activities, with an audit trail that details everything from granted privileges to failed log-ins. The built-in reporting engine supports HIPAA, SOX and PCI reporting, among others.

"Traditional approaches for monitoring and auditing activity, especially by privileged users, on mainframe databases often require installing agent that can impact performance and availability," said Imperva CTO Amichai Shulman in a prepared statement. "SecureSphere [DGZ] combines native and very stable IBM technology to capture local activity with Imperva' security platform to provide complete visibility and protection for DB2 on the mainframe."

For more information, go to

About the Author

Gladys Rama (@GladysRama3) is the editorial director of Converge360.

Must Read Articles