1

CASE STUDY

Leading Canadian University Selects Imperva SecureSphere to Protect Database and Secure Web Applications

2

CASE STUDYLeading Canadian University Selects Imperva SecureSphere

Overview

On the beautiful Niagara Peninsula in St. Catharines, Ontario, Brock University is the only Canadian university that is part of a UNESCO Biosphere Reserve. With a student population of over 17,000, Brock turns out smart, successful graduates that enjoy one of the highest employment rates in the country—96.5 percent. Brock U offers a wide array of undergraduate, graduate and interdisciplinary degree programs.

Brock found that its mainframe, proprietary database was no longer capable of supporting the University’s online programs and corresponding web based applications. To ensure that IT systems kept pace with its stellar academic reputation and could adapt more easily to future requirements, Brock moved to a SQL Server database environment and .Net-based web application development.

Brock was determined to protect itself from the major data breaches that have been reported by so many educational institutions in recent memory. Let the hackers get smarter, Brock would pre-empt their plans.

After testing competing security products, Brock concluded that the best way to prevent a hijack of its applications and data was to implement Imperva’s SecureSphere Gateway. SecureSphere was the only solution that could protect Brock’s front end web applications and also secure data all the way through to their backend databases—while handling custom developed applications with no impact on performance or requiring special scripting.

“Essentially, we can test the applications on a span port and drop them live without great

SecureSphere automatically detect who is doing what and makes sure that what they are

all, SecureSphere ensures that we aren’t bothered by false positives.”

Business Problem

Brock wanted to update its IT infrastructure in order to accommodate the growing number of online applications necessary to maintain its academic leadership, better handle administration, registrations, and to provide an improved online collaboration environment for students, faculty, and staff.

To do this, the University planned to move from its proprietary mainframe database to a Microsoft SQL Server environment that would support a wide array of homegrown, web based front end applications. These applications included student self service

business applications.

CustomerBrock University 500 Glenridge Avenue St. Catharines, Ontario

Requirements• Database Security for MS SQL

Server and front end Web-based, homegrown applications

• and application behavior to eliminate manual tuning

• Shorten development cycle by protecting against inadvertent security holes in code

Solution• Two Imperva SecureSphere Database

Security Gateways with integrated SecureSphere Web Application Firewall: one for production, one for QA. Deployed in active/passive mode for high availability.

Bottom Line• Achieved end to end application

data security without impacting performance

• Enabled protection for high volume of users, multiple web based, custom applications and databases—without extra coding

• Imperva was only vendor able to protect data, secure applications, and automatically monitor user activity, as well as alert and block threats in real time.

3

CASE STUDY

Nearly all of the applications are custom developed by the University. Since many of the applications undergo routine revisions, Brock was concerned not only about the protection of the initial applications, but also about protecting its database against new vulnerabilities that could be introduced over time. Brock also wanted to shorten application development cycles while implementing safe coding practices.

In addition, the University understood that the combination of its custom web applications, thousands of users, and database conversion project was going to present

Given the magnitude of the conversion project and its limited IT resources, Brock wanted a solution that was easy to implement and didn’t require a lot of manual tuning. Security and automation were both key factors in the selection criteria.

Technology Requirements

SecureSphere provided database security throughout the University’s transition

mode for two months, and when Brock went live with the new Windows environment, SecureSphere was put into production in blocking mode. A redundant, fail over SecureSphere unit is on a span port in the lab to monitor database activity for security violations and identify web application vulnerabilities prior to production.

“The SecureSphere lab unit helps us assess how an application will perform in production, and continually proves its value above and beyond our expectations by pointing out coding vulnerabilities before we place applications into production,” said Roger Herman.

Leading Canadian University Selects Imperva SecureSphere

If you're interested in learning more about how we protect your data and applications on premises, in the cloud or in a flexible configuration, head on over to www.imperva.com

CASE STUDYLeading Canadian University Selects Imperva SecureSphere

The implementation of SecureSphere was straightforward. Brock’s IT department was

up and worked exactly as promised without any human intervention and monitoring. Although SecureSphere provides comprehensive application and database protection, it does not require constant tuning and management. As a result, SecureSphere has not created additional work for Brock’s IT staff or impacted the IT infrastructure.

“SecureSphere was easy to set up and has been a tremendous help to us as we prepare and launch web based applications,” said Roger Herman. “Whenever we needed assistance, Imperva’s support team was excellent.”

The Intelligent Choice for Brock University

Using SecureSphere, Brock was able to maintain a safe and smooth conversion from its proprietary mainframe database to Microsoft SQL Server.

By relying on SecureSphere’s combination of Web Application Firewall protection and database activity monitoring, Brock is able to continually modify existing and deploy new web applications without being concerned about introducing security vulnerabilities. In addition, SecureSphere helps Brock test applications in the lab prior to placing them in production. SecureSphere performs a valuable step in the Quality Assurance process by locating coding errors that violate security best practices and could introduce vulnerabilities.

allowed to perform authorized actions, and that sensitive data is protected from inside and outside attacks. Meanwhile, SecureSphere’s ability to monitor and block suspicious database activity protects against data leakage.

Since being deployed, SecureSphere has detected and alerted Brock’s IT staff to the

University to take preventive measures against a situation they were unaware of and which could have led to a damaging and public security breach.

For Brock, SecureSphere receives an “A” for its ability to monitor application and database activity and block suspicious events without manual intervention. “Since our applications are all developed in-house we know the risk of undiscovered vulnerabilities

imperva.com

© 2018, Imperva, Inc. All rights reserved. Imperva, the Imperva logo, SecureSphere, Incapsula, CounterBreach andThreatRadar are trademarks of Imperva, Inc. and its subsidiaries. All other brand or product names are trademarks orregistered trademarks of their respective holders.