Imperva Application Security Platform Reviews

We use this product as our Web Application Firewall. It provides web-based protection for us. Our requirements are not very complex.

Some maintenance must be performed by our IT team.

We have been working with Imperva Incapsula for two years.

The stability is okay. We use it extensively, on a daily basis. The firewall operates 24 hours per day.

We have approximately 500 employees that are protected with this product.

We have not had any problems with their technical support.

We did not use another Web Application Firewall before Imperva.

Incapsula is not a difficult product to deploy.

The vendor assisted us with the deployment.

We have an IT support team that is responsible for maintenance.

We have a yearly contract and I am happy with the pricing. Imperva charges us based on bandwidth, which is better than other vendors that charge us according to data transfer. In these cases, our costs are quite high.

Outside of our package, there are no additional fees.

Overall, I am really happy with this solution. This includes the features and capabilities, as well as the cost. It fits our requirements, as well as our budget.

I would rate this solution a nine out of ten.

We offer implementation services for our customers.

Most customers use Imperva Incapsula to protect themselves from WAF attacks. If they need an application load balancing, whether it is on a single data center or if they have a B2B extension. Also, if they need protection from the bots. Imperva has all of those functionalities.

It's very pretty easy to onboard the URL. One of the unique features included with Imperva is its advanced bot protection. In addition the base licensing modules with most of the features.

In terms of features, Imperva is quite good; it outperforms its competitors.

Pricing could be more competitive.

It would be beneficial to include vulnerability management in the solution, similar to what they have for their on-premise solution.

I have been working with Imperva Incapsula for more than three years.

I have been using the latest update.

The stability is quite good. It has an uptime of 99%. None of our customers have complained about its uptime and its availability.

The majority of our customers are enterprise businesses, with some SMB, but it depends on their budget, as well as their needs, and whether it is for security or compliance purposes.

Imperva is quite expensive for organizations that use it for compliance purposes. Other WAP solutions, such as Fortinet or Barracuda, which are slightly less expensive than Imperva, will be considered.

Imperva Incapsula is easy to scale.

I believe that Technical support is 24/7. They are also very quick to respond via email.

We work with all of the Imperva solutions from the database, monitoring tools, and the web applications firewall.

The initial setup Is quite simple and straightforward. We only have seven steps to follow. It's a very simple and straightforward process.

If the customer agrees to a DNS sense, it will take no more than 10 to 15 minutes.

Imperva is responsible for maintenance.

Incapsula is a SaaS (software-as-a-service) provider. Anyone can do the applications, but you must subscribe to the service.

Pricing is a challenge for most of our customers.

I cannot provide a comparison because I have not worked with any other vendors.

I would recommend this solution to others because it is pretty simple to implement, and you don't need a dedicated WAP technician to maintain this solution. 

Anyone in the organization can easily implement it, and it can be maintained with a little application knowledge. On the application side, you do not need to be a subject matter expert it is not necessary.

I would rate Imperva Incapsula a nine out of ten.

Our customers have a number of use cases for Imperva Incapsula. Some use it to protect their APIs and others for its DDoS features. 

There are quite a few useful Imperva Incapsula features. For example, one of them is the reports. The graphics are very good and it's easy to configure. The whole process is very fast and reliable too. They have good tech support as well.

Users would benefit from better documentation. There is official documentation, but sometimes we need more detail. We have some use cases that are not so run of the mill. It would be great if there was a knowledge base that we could go to for more answers.

The price could also be more reasonable. The price should at the very least be adjusted for different parts of the world. For example, here in Latin America, our budgets are very different than those for projects in the United States or Europe. It would be really positive if we could get the product at a more affordable price as we are customers with lower budgets without sacrificing features or capabilities of the solution.

I have been using Imperva Incapsula for about three years. It's a solutions I recommend to my customers. 

This is a very stable solution. 

I like their support. The times we have asked for their help, they have been very accurate at giving answers.

The initial setup is easy. It can take maybe half an hour due to the propagation of the DNS name on the server. However, setting up one Imperva website is very easy. You just have to wait for the DNS to refresh on the other DNS server and that's it.

I would encourage people to implement Imperva Incapsula. I think it is a very mature, easy to use, and reliable solution.

The company uses this solution to protect us from any potential attacks. We are customers of Imperva and I'm the company director. 

Imperva makes it easier for us to put everything in code; we use Terraform to deploy our infrastructure. 

This is a very limited tool if you're looking to customize. It would be helpful if Imperva would provide additional resources for Terraform that can easily be deployed. There are some cases where we're currently unable to use Terraform.

I've been using this solution for six months. 

The solution is stable although sometimes content delivery seems to be affected because it's in the cloud.

Scalability is fine and we haven't had any issues with resource consumption. 

Technical support is quite proactive in sharing information.

The initial setup is relatively straightforward. 

I rate this solution eight out of 10. 

I am a distributor for Imperva. We provide solutions for our customers. 

This solution is mainly used to protect websites. When it is deployed on the cloud it is used for traffic redirection and URL redirection functionality.

It is also used for dual location blocking and security for the policies that are being applied.

Imperva is a good solution.

It has fewer false positives. It is very simple to maintain the device. It is also simple to configure. You don't need to have any HTTP knowledge or understand the HTTP programming languages when it comes to configuring the device.

The visibility of the actual traffic needs to be improved. 

We are only monitoring the traffic if there are any issues and the alerts are being triggered. 

We don't log the real-time traffic. We only log the real-time attacks and not the normal traffic that is passing through the device.

The main concern for our customers is to improve the visibility of the actual traffic. Customers feel that is the one feature that will greatly improve Imperva. 

They would like to have the complete network traffic passing through the device. Currently, we are only being alerted for the attack that has passed through the device instead of the genuine traffic.

We would like to see logs of the genuine traffic that passes through the device. It can be optional to enable it for certain customers and certain applications but should be included.

The support for the on-premises version needs improvement.

We have been distributing Imperva for the last 10 years.

We are currently dealing with the latest version.

We provide both on-premises and cloud deployment, it depends on the customer's requirement.

Once it is configured it is stable. There are no issues with the stability of the Imperva Web Application Firewall.

It is easy to scale. The scalability is fine. You can add gateways and scale, which is a good feature in Imperva.

This device is suitable for everyone.

There are two different support teams. The cloud support is very good, but the on-premises support is lacking. The response time could be much better.

The initial setup is easy if you know how to deploy Imperva. Once we do the base installation, the deployment is simple.

Once in six months, there are some patch upgrades required. If there are specific requirements we need to upgrade.

We were able to complete the installation and deployment ourselves.

When it comes to the cost, there are different sets of customers. Some are SMB and veteran customers who go with the cloud version of Imperva, which is a managed service. The next-level customers and enterprise will select the on-premises version along with the cloud. They prefer the hybrid environment.

There are a couple of different licensing models. One is with respect to the Cloud and is based on the number of applications you have to protect. The on-premises model is based on the throughput that is required to be inspected.

I know that FortiGate is a niche product and wanted to evaluate Impera and FortiGate for the differences.

You should understand the customer's website, what their website is. They need to configure the ciphers properly. Many engineers are not able to complete the project because they don't understand the customer's environment. 

Before doing an implementation, understand the customer's environment. The ciphers need to be configured properly. Some Imperva engineers are not able to complete the projects because they understand the customer's environment.

Know the ciphers being used and match the ciphers. You must ensure the same ciphers are being matched in the backend load balances. If the backend load or cipher is changed the same should be replicated in Imperva as well. Once this is complete it should be good.

I would rate this solution an eight out of ten.

The product is very good. 

It's so easy to do the deployment. The installation is very straightforward. You can't even compare it to others on the market. It's that easy.

The features on offer are very nice.

The solution is stable.

The licensing setup makes the product easy to scale. 

The pricing is very good. 

I loved the approach of the cloud. The cloud has a lot of new features, like advanced web protection and DDoS protection. If those could also be on-boarded onto the on-prem versions, that would be ideal. They need to pay attention to both deployment options and not just favor one. 

I've been using the solution for the last five years. I've used it for quite a while now. 

The stability of the product is good. There are no bugs or glitches. It doesn't crash or freeze. It's reliable.

We typically deal with medium-sized organizations.

The licensing model makes the solution very simple to scale. If a company wants to expand, it's not a problem.

We need an improvement in the support. We need a lot of turnarounds. Whenever is a ticket open, it's something that has become a concern. 

I'm not currently working with any other solution. I just use this product. 

Previously, I did work with F5 and Fortinet. However, Imperva is superior to both of these products.

The initial setup is easy and the solution is very simple to deploy.

The solution is very affordable and the cloud is making it even easier in terms of cost savings. 

We are resellers and we are based in Kenya. We're actually doing the whole suite. I'm working with Database Security and I'm also doing the Web Application Firewall, both of which are on-prem and on the cloud. I'm also doing the DRA.

It's the best in breed in terms of a solution you can put in place.

I'd rate the solution at an nine out of ten. We're quite happy with its overall capabilities. 

My experience is to integrate this application. It's a firewall. You must connect it with the traffic the infrastructure must be routed through this firewall in order to block and search for any problems with the applications.

As a system, it's very effective at blocking potentially malicious items. The security is very good.

The solution can scale.

The stability has been pretty good.

Technical support is helpful.

The initial setup is rather straightforward.

In the past, I have bugs on the WAF. I've contacted Imperva about them. Future releases should be less buggy.

I've been working with the solution for about three years or so.

I have previously found bugs within the solution and in the past, I have contacted Imperva in order to deal with them to get them resolved.

That said, for the most part, I have found the solution to be quite stable. It doesn't crash or freeze. It works well. 

The solution can scale.

We typically deal with medium-sized enterprises as clients. Typically, these companies have around 500,000 or so employees. They aren't massive, however, they are quite sizeable. 

I've dealt with technical support on multiple occasions and I find them to be very helpful and responsive. They are knowledgeable. We're very happy with the level of service we get. 

The initial setup is straightforward, although it does take time to integrate the solution into your existing infrastructure.

As an integrator, I can help clients set up the solution at their companies.

I'm not sure what the exact licensing costs are for the solution. I can't speak to the pricing. It's not part of my responsibilities to cover sales or billing.

Imperva has different three parts - the Web Application Firewall (WAF), Incapsula for cloud, and DAM for database firewalls. This is in one central monitor.

We aren't using the latest version of the solution.

We use the solution as a customer as well as an integrator.

I'd rate the solution at a ten out of ten. It's very good. We've been quite happy with its overall capabilities.

We primarily use the solution for database security.

Basically, the solution is a web application firewall that is used to protect against multiple types of attacks online. It is used for web attacks - mostly DDoS attacks, cross-site scripting attacks, or SQL injection attacks. 

There is also multiple HTTP protocol compliance. If there is any violation it will be detected by this application. It is used for detecting an illegal file type, illegal URL, or bots. 

The solution can prevent a geolocation attack also. If any application is not allowed from certain countries, it will not allow access. We can detect everything via the web application firewall. 

The solution offers good security against a variety of web attacks.

The protection from DDoS attacks is very useful. The DDoS attack is a very powerful attack that can harm a company's services. If an application is deployed to any web server or database our service will slow and will go down. A user would not be able to access our service until we can fix the issue. It's a deal if a company can avoid getting hit with DDoS attacks and having something that can effectively protect a company is extremely useful.

The solution has been quite stable. I have not seen any bugs at all.

Until now, it is good. There are no issues. As an analyst, I simply monitor. I don't really get too far into the technical aspects of the solution.

Occasionally, I've noticed that the web application firewall was down. If we are not using proper storage, proper memory, proper CPU, and if multiple attacks happen at one time, they will be detected by our web application firewall. Sometimes our web application firewall will slow down. In that sense, it needs some improvement. We do have a precaution for if the solution goes down. We basically, need to increase the memory and the storage and the CPU utilization, so that we can prevent our company from malicious activity. 

I cannot say which type of memory or storage should be improved. The requirements depend on the organization. What organizations need and which type of configurations would work best as per their requirements depend completely on that.

I've been working with the solution for about three years or so. It's been a while. I've been mostly working with it over the last 12 months or so.

The solution is quite stable. There are no bugs or glitches - or at least, I haven't seen any problems on that front. It doesn't crash or freeze. It's reliable.

Right now, it depends on the company and its needs. I can't speak to if there are plans to increase usage.

I've never been in touch with technical support. I can't speak to how knowledgeable and responsive they are, having never communicated with them directly. As an analyst, it's not my responsibility to deal with technical issues directly.

It's my understanding that this company has only used this solution. However, if I move somewhere else, it's possible that something else may be used.

I wasn't part of the initial setup. I can't speak to how easy or difficult the process was.

I am not sure of the exact licensing costs of the solution. The licensing is a management decision. The costs and payments are handled by them.

We use the solution's latest version.

We have a partnership with Imperva within our company.

I'd rate the solution at a nine out of ten. We've been mostly quite happy with its capabilities.