Imperva Application Security Platform Reviews

They provide end-to-end data security, so everything to do with applications, APIs, et cetera.

We've got a Telco client, and they'll be partnering with us to use the DDoS solution with their clients.

It's primarily for DDoS attacks. It's looking at anything that's trying to remove the ability of the company to operate, usually volumetric, however, since it's got a three-second SLA, it's better than the competition.

We can look after an entire what used to be a Class C network/24. Now, they could do single IP addresses, so they can protect a single IP address, and they have a three-second SLA to stop an attack. They back that up with a very large amount of money as well, so you've got a guarantee on it.

It’s hard to think of an improvement. The three-second service level agreement is already better than the competition.

You would ordinarily say something like API protection. However, they've got that with another product. It's not that DDoS protection does everything. It's that within their family of products, they've got a solution for everything. That's what I like about it, the whole integrated service. There’s nothing that’s missing in terms of features.

We've been working with Imperva for about a year, and we've been working on a particularly big client at the moment as well.

The product is stable. It's resilient architecture. If one site is down for maintenance, then another site will take over the load.

It's very, very scalable. They've just added a lot more capacity to it. It's something like six or nine terabytes per second of protection capacity, which is more than the biggest attack there's ever been by quite a margin.

Technical support is very, very responsive. They're very good and they've got strength in depth. Across the world, they've got people. We deal with the local guys in the Netherlands, and they're pretty good.

The setup itself is straightforward.

It's quite quick. It can be done as a reactive solution. Therefore, if somebody rings up and says I'm being attacked, we can get them onboard very quickly.

You only need one person to handle the deployment. It's all done virtually. We're working with the Telco and the Telco sends out the BGP VPNs and we just reroute traffic. It’s all very easy.

There's no maintenance as such apart from reports on traffic utilization. If you are using it as a continuous service, if you're running it continuously rather than just invoking it when there is a DDoS attack, then you get reports basically on your utilization of traffic and the types of traffic that you're transporting, et cetera. It helps you improve your security.

We're doing the deployment for the client.

The ROI depends if you're being attacked or not. If you're the sort of organization that gets regularly attacked, then the ROI is extremely high as you could be down for quite some time with a DDoS attack. What usually happens these days is they don't have long attacks. They have very short attacks. However, the idea is to take down parts of the infrastructure to attack other parts. Therefore, it’s a diversion attack in many cases. Due to that, it's one of those products. It's very difficult to say what the ROI might be since it depends on what people are trying to do. However, it's the precursor to a lot of attacks.

The solution is very affordable. It's based on the traffic utilization, the average traffic utilization, not the DDoS traffic. Therefore, if you're being DDoSed, you don't pay extra for the absorption of the DDoS traffic. It's purely based on your average traffic.

We're an end-to-end Imperva partner. We're an Imperva reseller.

We're building an MSP at the moment, and it starts with a number of solutions. We then add on for those that have cloud exposure. We’ve added CloudWave DDoS and the API Protection and Bot Protection, and then for companies that have GDPR requirements, we've got the database side.

We use a cloud deployment with a variety of cloud providers. The telco, for example, is on the Equinix cloud. They're on a variety of data center sites. A lot of it is Equinix. I can't remember the name of the other providers, however, that's not relevant to us particularly since we are bringing in another Telco partner.

I’d rate the solution eight out of ten.

Imperva Web Application Firewall can improve by adding more features to the dashboard. increasing the visibility of the real-time events, besides configuring the administration itself. 

The automatic reporting system is good, but it needs more templates. For example, better made for the management and for system admins, and monitoring teams. This would be great. 

 We want to send any configuration change automatically to the management. However, I think the automatic reporting feature is not enabled on Imperva. We had to instead look at the audit log for the last 24 hours, check and generate the report to send to the management. 

I have been using Imperva Web Application Firewall for approximately three years.

Imperva Web Application Firewall is a highly stable solution and is very mature.

The price of Imperva Web Application Firewalls is expensive compared to others.

We stopped using Imperva Web Application Firewall mostly because at the time we need to upgrade our devices to the latest version. After four years, we didn't pay the license for the solution because we were updating our team solution also. After one year, when we tried to upgrade it, Imperva ask us for the last one-year license renewal and they didn't accept our devices. They wanted us to purchase the new versions for approximately $859, which was too expensive for our budget. The cost with implementation is approximately $2,000,000 because we were expected to deploy eight devices. There were other products that were cheaper and they could meet our mandatory requirements.

If companies want to use Imperva Web Application Firewall they will need to place their bids and they might have a budget for the solution it is a good solution.

I would recommend this solution to others.

I rate Imperva Web Application Firewall a nine out of ten.

We use the solution to protect applications.

Imperva has a complete picture of how the applications are utilizing it. It is handy. DDoS is good. It has an internally managed database. It is very easy to integrate. We have integrated it with SIEM services.

Apart from predefined templates, it would be helpful if the solution provided an option to customize any new rules or additions based on the requirement.

I have been using Imperva Web Application Firewall for three years.

I rate the solution’s stability an eight out of ten.

The tool is pretty scalable. Around 1,000 users are using this solution.

I rate the solution’s scalability an eight out of ten.

We have used Barracuda. We switched to Imperva because Barracuda was not user-friendly and didn't offer predefined data.

The initial setup is simple.

The product's pricing is flexible.

I rate the product's pricing a seven out of ten, where one is cheap and ten is expensive.

I recommend the solution.

Overall, I rate the solution an eight out of ten.

The solution is used by SMBs and enterprises that have a lot of websites that they need to protect.

Since the product is categorized in Gartner as a Web Application and API Protection tool, it protects APIs and web applications. It provides bot and client-side protection. I have done POCs. Once the platform is configured to block DDoS attacks, no traffic regarding DDoS or bots gets into the application.

If the clients have requirements for APIs and microservices, we can offer such services with the help of the solution. We can offer it as a security solution that protects APIs and microservices. Imperva’s real-time monitoring makes it very easy for administrators to monitor their existing web applications.

My clients raised a concern that even if they need the tool only for DDoS protection, they still have to buy the WAF license. It’s difficult to position the tool if the client already has a WAF solution and needs Imperva only for DDoS protection.

I have been using the solution since June last year.

I rate the tool’s stability a ten out of ten. Since I've been onboarded, I haven't had any issues.

I rate the tool’s scalability a ten out of ten. Imperva allows only clean traffic. The scalability is based on the clean traffic and not the overall bandwidth of the client. Our clients are mostly enterprise businesses. I have some SMB customers.

Sometimes, support tickets don't get addressed quickly. However, the support team gets to it eventually.

Positive

The initial setup is very easy. I rate the ease of setup a ten out of ten. The time taken for deployment depends on the number of applications we want to onboard. Usually, we can do it in a day.

Imperva is a very proactive solution. It is not reactive. We can prevent attacks or issues even before they happen. It is something people must consider since many enterprises are facing DDoS attacks, and their data is getting compromised.

I rate the solution’s pricing a seven out of ten. Some solutions are cheaper than Imperva. Imperva’s pricing is a bit higher in the market since it offers a full-blown WAF.

We are partners. I rate the product's integration with our client's IT infrastructure a nine out of ten. It is easily integrated since many configurations are needed to onboard Imperva into a client’s infrastructure fully. Overall, I rate the product a nine out of ten.

The solution is being used for communication.

If something goes wrong, there is a quick switch between nodes, wherever there's an attack against a specific area. The security setup is reasonably easy. It's easy to do setups, rules, and integrations. The backend team is also willing to help if there are questions that we cannot answer.

The UI interface needs improvement. 

I have been using Imperva Web Application Firewall for six months. 

The solution is highly stable. I rate the stability a ten out of ten. 

It is a scalable solution. I would rate it a nine out of ten. 

The initial setup is easy. The deployment depends on the customer's solution but does not take more than a few hours. I rate the initial setup an eight out of ten. 

It is a very affordable solution.

I would definitely recommend the solution. I rate the solution an eight out of ten. 

We use Imperva DDoS for DDoS protection and security.

Imperva DDoS is fairly stable, and its availability is quite high. I haven't faced any downtime or system instability issues with the solution.

Imperva DDoS does not provide version control. After I make any changes on any portal, I would want to roll back my changes and go back to a stable version if something goes wrong. That particular feature is not there on the UI portal.

They have this roundabout way wherein I can use different tools to integrate, do the versioning, and manage it on my own. It's not directly available, but I can use it indirectly.

I have been using Imperva DDoS for two to three years.

Imperva DDoS is a scalable product.

The solution's initial setup is a bit difficult and not very easy. It's not that time-consuming if you have expertise. Once you get your hands on it, it's pretty straightforward.

Imperva DDoS is deployed on-cloud in our organization.

I would recommend Imperva DDoS to users because it's a fairly stable product.

Overall, I rate Imperva DDoS an eight out of ten.

I am impressed with the product's automatic bot mechanism. It also gives us the control to create our own custom bot rules. 

The tool needs to include artificial intelligence and machine learning. It also needs to improve profiling. 

The tool is stable. 

The product's setup is pretty easy. 

The tool's pricing is good. 

The solution is a reliable product. I would rate the tool an eight out of ten. 

Imperva WAF's strongest features are the detection of web application threats and vulnerabilities in the source code.

An improvement for Imperva WAF would be to reduce the number of false positives and create more strong use cases based on AI/ML or behavioral analytics. In the next release, Imperva WAF should include more use cases for Advanced Persistent Threats and next emission sophisticated attacks.

I've been working with Imperva WAF for six to seven months.

Imperva WAF is scalable.

Imperva's technical support is very good.

I'd recommend Imperva WAF as a good product in terms of occupation perspective and strong WAF. I'd rate it as seven out of ten.

Imperva is easy to use and deploy. The UI is excellent.

I'd like the option to pick your bot protection.

I have used Imperva for seven years.

Imperva is stability.

Imperva is scalable.

Imperva support is good. 

Setting up Imperva is easy, and it takes two days.

The cost is reasonable. W have 50 clients and 10 websites per customer. 

I rate Imperva Web Application Firewall nine out of 10.

Imperva Web Application Firewall is used for protecting web applications.

The most valuable features of the Imperva Web Application Firewall are performance and flexibility. We can extend or customize the box itself.

Imperva Web Application Firewall could improve the console by making it easier to use. 

I have been using Imperva Web Application Firewall for approximately six years.

Imperva Web Application Firewall is stable.

The stability of the Imperva Web Application Firewall is good.

We have approximately three or four clients using this solution.

The support from Imperva Web Application Firewall is very good. They are handling support well, giving suggestions, and solving the issues.

The initial setup of the Imperva Web Application Firewall is straightforward. The process for us is simple, we have been doing it for years.

We have one person that does the deployment of the Imperva Web Application Firewall.

We sell three-year licenses for Imperva Web Application Firewall to our customers. The price is a little expensive.

I recommend this solution to others.

I rate Imperva Web Application Firewall an eight out of ten.