Imperva Application Security Platform Reviews

I would like to see automated reporting to improve visibility.

I have been working with Imperva DDoS for two years now.

Imperva DDoS is scalable.

The setup of Imperva DDoS was easy and we are satisfied with the pricing.

I would rate Imperva DDoS a nine on a scale of one to ten.

Previously I was in software development for more than 15 years. I had developed web applications for internet and cable TV companies. Now, I am a sales executive for Imperva Cloud WAF. 

Imperva Cloud WAF, previously Imperva Incapsula, is a web application firewall that is implemented in the cloud. It protects a public facing web application. It will track if a hacker is doing brute force attack. The web application firewall will detect it and block the source. This could be an IP address or the main name specific for a country. You can then update the profile of your server to block those IP addresses where the attack is coming from .

We have placed Imperva Cloud in our client's employee self service system that they are logged into. The website is protected by Imperva so that employees and customers can log in all over the Philippines. The client is a power generation company, which is a critical service, and has branches all over the Philippines.

We partner with a couple of on-premise data centers in the Philippines, one is PIM. They also provide cloud solutions. We bundle our solutions into their cloud projects.

Imperva Incapsula has many valuable features. One, it protects the top 10 OWAS vulnerability, the open web application software platform, this is standard. Secondly, it protects against broken authentication. As well, it has remote execution of code.

Imperva always needs to adjust to new versions of cyber attacks, it needs to be faster, improve the resiliency of the software of the solution.

I have been using Imperva Cloud WAF for three years.

Imperva is stable. Based on Gartner's survey we are top three, meaning we are reliable based on customer feedback.

This is a scalable solution. We have data centers all over the world. The solution can be set up to be optimized wherever the clients are accessing.

Technical support has good response time. I am also the liaison officer for the technical team in Singapore. Support responds quickly and they do attend to the issues that we raise to them.

The implementation of Imperva Cloud WAF is easy. All you need to do is change the DNS settings, because it is a cloud solution there is no appliance that you need to install at the data center. It just changes the DNS settings, and then a couple of IP address and domain name settings to allow a couple of those IP addresses and domain names settings into the firewall of the client and the firewall of Imperva.

The actual installation will only take a few hours and then full implementation within 24 hours. The initial setup takes time because of the configuration on the client-side. We prepared a questionnaire for the client to assist with preparation.

We created a cross-comparison against hiring a team of cybersecurity staff versus getting a subscription. After using Imperva Cloud for the past three years the cost is already acceptable against hiring a team.

The price depends on the client's needs, it will be impacted depending on whether they need diverse production, or account take over for example.

There is an initial four package bundle with the price changing monthly.

I would rate this solution an 8 out of 10.

All our web services go to the Incapsula cloud application environment for monitoring on the production service.

All the web application protection is under Incapsula because they provide the WAF protection services. Our web services are registered under their cloud environment so all our customers visit our web services. All the web services are under the web application firewall protector.

I think it's from their own cloud solution. I don't think the cloud solution is from Amazon because the IP address does not belong to Amazon. It belonged to Incapsula themselves, so their solution is under their own network cloud environment. Our own data center environment is using the Incapsula cloud service. I think it's a hybrid cloud to include all the private and the public services.

The most valuable features are DDoS protection. The Incapsula environment helps us monitor all the web activity. All the web activity is passed through their WAF cloud services, then that can help us to monitor those activities. That can help protect against DDoS hacking.

We started implementing WAF under Incapsula in 2019 or 2020.

It's very stable because Incapsula services also provides load balancing services for their service IP address environment. So far, with monitoring their services, the IP address was only changed once. Their services are very stable.

We implement the WAF production environment, or the web services, which is needed to provide traffic to the customer. We implement those services under the Incapsula WAF protection. 

We have about one thousand people using the solution globally.

If the scale is 1 to 10, technical support is a 9. Our global service team is more than 10 people. We have a whole Incapsula service team as well as our all global staff team.

We are using our own firewall with the web application services. We used our own firewall before implementing with Incapsula, but we are also implementing it now under Incapsula cloud solutions.

It's very simple because the domain name service is done with the CNAME. We just registered back in our DNS environment. After that, if the domain is resolved by our customer, then they will resolve the domain name which is provided by the Incapsula environment. That means all the network traffic will go through the Incapsula cloud services, and all the network activity can be monitored and protected by Incapsula WAF.

Deployment is simple and very fast. After they define the domain and service, we do some changes, and it takes within one hour. Within 15 minutes, it can transfer all the services from our site. All the network routing paths will pass through the Incapsula WAF cloud environment. It's very fast.

The license is on a yearly basis.

I would rate this solution 9 out of 10.

Because of all these services, you need to look at the company's services budget. If you have the budget and you can implement the web application for tech, or if you just want to move to the cloud, or you're just using your own firewall to do all those protections, Incapsula is a good option. This one just depends on the IT infrastructure budget in your own company or environment.

We use the latest version with all the functionality, not only WAF. Additionally, we use all the security capability that is possible to enable on Imperva including device security tools like API security.

We use this solution to protect the website for the company.

I find the configurability of the tools and the ease of operation to be the most valuable feature of Imperva.

I have three years of experience with Imperva Web Application Firewall.

This solution is very stable.

Scalability is very good.

Imperva's technical support is very good.

I used to work with Fortinet Web Application Firewall but it was not good.

The initial setup of Imperva is easy to do and only takes a few minutes to deploy.

Imperva Web Application Firewall is very expensive.

I have worked with Azure and find both solutions good. However, Imperva does have more advanced features than Azure.

I am very happy with this solution. I would rate the technical aspect a 10 out of 10, however because of the financial cost, I rate it an 8 out of 10.

Our primary use case is for protection of all our web applications.

Imperva Web Application Firewall is a very good solution and very feasible for any corporation. We can almost accommodate everything with this solution. We were able to accommodate almost all our use cases with this. This is one of the best solutions I have found so far.

The features I have found most valuable with Imperva Web Application Firewall are account takeover protection, advanced bot protection, and API security.

In terms of what could be improved, I would say reporting on the cloud side.

Additionally, I am looking for more data enrichment. We should have the ability to add our own custom data to the system, to the live traffic.

In the next release I would like to see more API security.

I have been using Imperva Web Application Firewall for almost five years.

We currently use a hybrid version but we are moving towards purely 100% cloud where we will shortly get rid of all the appliances.

Its stability is very good. In all aspects, it is very good. It is beyond my expectations actually.

In terms of scaling, Imperva Web Application Firewall is amazing. The product is really good so far.

We have very few users with direct usage - 10 users approximately.

There is zero maintenance.

Their customer support is very good. They are very quick.

I previously used F5 and something else whose name I don't remember.

We made the switch to Imperva because it is one of the best solutions on the market.

The initial setup is very easy.

It just took a few days.

We used the consultant. Our experience with them was not bad. But as I mentioned, things are not difficult here. It is fairly easy.

My advice to anyone considering Imperva Web Application Firewall is that they can safely go to this environment without having a second thought. I have done so much testing. I did so many use cases. It never failed so far.

On a scale of one to ten, I would give Imperva Web Application Firewall a 10.

Imperva Web Application Firewall can improve by adding more features to the dashboard. increasing the visibility of the real-time events, besides configuring the administration itself. 

The automatic reporting system is good, but it needs more templates. For example, better made for the management and for system admins, and monitoring teams. This would be great. 

 We want to send any configuration change automatically to the management. However, I think the automatic reporting feature is not enabled on Imperva. We had to instead look at the audit log for the last 24 hours, check and generate the report to send to the management. 

I have been using Imperva Web Application Firewall for approximately three years.

Imperva Web Application Firewall is a highly stable solution and is very mature.

The price of Imperva Web Application Firewalls is expensive compared to others.

We stopped using Imperva Web Application Firewall mostly because at the time we need to upgrade our devices to the latest version. After four years, we didn't pay the license for the solution because we were updating our team solution also. After one year, when we tried to upgrade it, Imperva ask us for the last one-year license renewal and they didn't accept our devices. They wanted us to purchase the new versions for approximately $859, which was too expensive for our budget. The cost with implementation is approximately $2,000,000 because we were expected to deploy eight devices. There were other products that were cheaper and they could meet our mandatory requirements.

If companies want to use Imperva Web Application Firewall they will need to place their bids and they might have a budget for the solution it is a good solution.

I would recommend this solution to others.

I rate Imperva Web Application Firewall a nine out of ten.

Our primary use case is DDoS protection. We are using it to protect access to internet sites. It is a SaaS solution, so everybody has the latest version. 

DDoS protection and WAF are the most valuable features. It is easy to deploy a service. It is easy and quick to deploy to a new website.

Its price could be improved. It is quite expensive.

It will be good if we could export the configuration. Currently, to control the configuration, we need to go to each website, which is not very convenient.

I have been using this solution for six years.

Its capacity is okay for us, and we don't need to scale it or expand its usage.

Their technical support is good. We get a quick response from them.

It was simple. It is very easy and quick to deploy.

It was done in-house.

It is expensive.

I would recommend this solution to others. It has been working fine for us, and it has all the features that we need. I would advise others to know the exact bandwidth that is required for the project because the cost is based on the bandwidth. You must evaluate the required bandwidth beforehand.

I would rate Imperva Incapsula a nine out of ten. Technically, it is a very good solution.

We are using this solution for backing up all of our day-to-day use data and the ability to restore it when we want. For example, when there is a catastrophe or disaster.

The most important feature I have found to be the ease in how to do the backup and restores.

The process to upgrade from one version to another can be a lot simpler than it is currently.

I have been using this solution for six years.

When it comes to stability the solution work well.

The solution in my experience has been scalable. In my organization we have approximately 10,000 users using the solution, the whole company uses it.

The initial setup was straightforward. We have a team that does the maintenance of the solution.

There is a license for this solution and we purchase the license annually with no additional fees.

My advice is to follow the three, two, one backup rule, this solution is very suitable for this. Make sure you are defining your mean time for recovery of the backup, and try to see that it makes the mean time.

I rate Imperva Web Application Firewall a nine out of ten.