In your efforts to gather data access information from your data repositories in order to apply security controls, you don’t have to make a black-and-white choice of opting for agents or an approach without. agent. It is important, however, that the tool you choose is suitable for the job you are doing. In this article, we’ll explain where agents and agentless data collection fit into achieving your data security objectives and why it makes sense to use both, depending on the circumstances.
Start by stating your ultimate goal and work backwards from there. You need to be able to collect data access information with as little friction and performance impact as possible. If your organization is like most, your data repositories have a mix of modern and legacy systems, but have the same reporting, compliance, and security requirements across all systems. You need the continuous ability to collect data with the least impact on business processes.
Where agents make sense
When your data repository’s logging capability affects performance to an unacceptable level (primarily legacy on-premises repositories, DB2 z/OS, and other data repositories), agents provide an alternative native logging process. Although this approach requires software installation and maintenance, the performance impact of data access log collection will be negligible. In these cases, the use of agents works well.
Where the absence of an agent makes sense
In a recent study, 61% of IT professionals surveyed said they were already fully migrated or working to complete a full migration of their database to the cloud. In dynamic cloud environments, agentless auditing is key to reducing costs, unlocking visibility, and accelerating the speed of deployment.
Agentless auditing leverages native database auditing capabilities and (over the years) has evolved to provide very detailed information to meet auditing and security requirements with very low CPU overhead . In cloud-native architectures, the cloud provider has an API that enables the audit specification and allows users to retrieve log groups from cloud object stores. When using Imperva Agentless Auditingno additional configuration is needed, it is ready to accept and process all incoming data.
You should consider no agent in cases where you can natively collect Data Access logs while having negligible impact on the performance of a data store. The advantages are many; Agentless requires no appliances, no software management, and no database installation and enables organizations to gain full visibility into their cloud-native data repositories and extend their compliance requirements and data security. database in cloud-native environments. Agentless auditing also includes an underlying Big Data architecture with flexible analyzers for diverse and important workloads.
Have agents and agentless in one solution
Imperva’s flexible agent and agentless options provide the right tool in the right place, regardless of an organization’s mix of new and old data repositories and offer the best of both worlds. To learn more, contact an Imperva Solutions representative.
*** This is a syndicated blog from the Security Bloggers Network of Blog written by Bruce Lynch. Read the original post at: https://www.imperva.com/blog/agents-and-agentless-better-together/