Imperva Application Security Platform Reviews

The most valuable features for us are the DDoS and Bot.

I would like to have support for SSL management and secure DNS.

We have been using Imperva for more than a year.

We have had no problems with stability.

Imperva is a scalable solution. We have about 20 users but it's protecting our main website.

I would say that technical support is average.

We did not use another similar solution prior to Imperva.

The initial setup was simple. It took about two hours to deploy.

The cost is on par with other solutions such as Cloudflare and Akamai. There's not much difference in it.

I would rate this solution a seven out of ten.

Incapsula was acquired by Imperva. We had a need to provide a solution for our clients and the Incapsula solution and Cloud WAF (Web Application Firewall) allowed us to have people subscribe to Incapsula as a service. It was easy to work with because we would just put in the hostname and the IP address of the websites in Incapsula's DNS. When the DNS is resolved it first passes through Incapsula and makes a stops in the Cloud WAF before it sends the website itself.  

Customers can trust it because the traffic going to the customer passes through Incapsula's cloud service. So if there is an attack, the website and the visitors are protected because it will take care of such issues and it eliminates the bad traffic. Both ends are taken care of so the website is protected from hackers because it first goes through the Incapsula Cloud WAF. That is the basic high-level architecture of how the Incapsula works.  

We distributors of Imperva in Africa. I am responsible for our business presence in Eastern and Western Africa. I am fixed locally here in Nigeria. Being distributors, we have a pretty good idea of how the market is in general and how the products are used. All the partners who implement it and who resell sell it, buy it from us and deploy for customer accounts. We cover a high percentage of the financial service industry here in Nigeria.  

For this part of the world, several things are important. It is important that the clients have the features which they get to use to get against bad traffic, of course as this is the reason for the product. But especially for customers in this region, it is also the opportunity to use the service platform. They do not have to own it or maintain it and they may not otherwise have the capacity to deploy this type of solution. Instead, they can pay for it as a service. It works so well here that even some of the banks are using it.  

The most valuable feature is the ability to mitigate bad traffic. I think the highest traffic we would experience can be handled by the Incapsula Cloud WAF because it can scale. So if there is some attack on a website and there is high volume, instead of it disrupting the website and disrupting business operations, it is not a problem for the customer's website. That ability to mitigate problems with the traffic is why the clients use the product to protect their valuable data and customer interactions.  

If I had the opportunity to recommend an enhancement to Imperva it would be to have more POP (Point of Presence) in East and West Africa, and in Central Africa as well. There is only one POP in South Africa. There are other ones are in Europe, America, and Asia and sometimes the latency can be an issue because for your traffic to hit the website — say in East Africa. First, it has to first go to the nearest point of presence. Because of the distance, there can be some problems. So if they have a POP closer to manage customers around Africa this could be a better service to clients.  

I have only recently begun to use Imperva Incapsula compared to the amount of time I have been in the industry. For more than a decade and I have tried my hands on various security solutions, mainly having to do with network infrastructure.  But now I am back to working with security solutions and, over this past year, I have engaged mostly with applications in data security. Before that, I was doing a lot more with the whole of network security. Incapsula is more of an application for data security and it is something which Imperva does pretty well.  

The stability is not an issue. The product is serviced and maintained for the client.  

Virtually all the banks in Nigeria, Ghana, East, and West Africa, are using Imperva. Of course, they are using it for various things, but for the most part, they use it for data security and application security and then also a little bit on the Incapsula platform.  

The scalability depends on the customer but there are really no features that a client will want to request that Imperva does not handle in terms of scalability. Of course, you cannot compare the size of the banks and the input and output demands of banking in Western European countries or the Americas with the needs of banking in Africa.  

For us, it is a good solution.  

Response from technical support has been very good. I would say that they are excellent because they are always willing to attend to customers' requests. They provide support based on time zones so there is good access.  

Because it is a cloud product and the setup is minimal, it is straightforward and quickly implemented.  

I do have experience with Imperva SecureSphere. I am working with various solutions that have various features and how these solutions work for different customers. For one customer, I was trying to do some research to see if they should replace Trustwave WAF with a different solution because the customer asked me about other possibilities. This was my first customer who had asked me to look into Trustwave, so I also took the time to research that product. But different products fit different businesses and industries better.  

I am not an expert in every solution of this type, but I have a pretty good idea of what makes them work as a good solution based on customer needs. I do not do the implementation because I am more in a position of doing pre-sales and consultancy.  

I would highly recommend Imperva Incapsula especially for customers who want extra security for their web presence.  

On a scale from one to ten where one is the worst and ten is the best, I would rate the Incapsula product overall as a nine-out-of-ten.  

Primarily, clients are in need of some extra defense and a bit of protection, which is why they use this solution.

The most important aspect of the solution is the DDoS feature.

The solution has a very good interface.

Last year, the solution added a lot of additional improvements and functionalities, and for now, the features they have offered us have been great. 

They recently added some account takeover protections that have been really useful.

The rules surrounding the making of web applications could be improved.

I believe I've been using the solution for about four years.

There aren't issues with stability. As a cloud solution, it's hard to say if there will be stability issues. There might be issues with some customer setups, for example, but not with the product itself.

The scalability of the solution is okay. Companies can expand it if they need to.

We've been in touch with technical support in the past. Out of ten, I'd rate them at six or seven. We've had some issues with them in terms of response times, but overall they are okay.

We didn't previously work with a different solution. We've partnered with Imperva so we're dealing only with them.

Typically, the initial setup is more or less straightforward. there isn't too much complexity.

We're resellers of the solution.

Typically the solution is deployed with the help of DNS.

It's a good product. It's one of the best on the market. If a company can afford the solution, they should try it out.

I'd rate the solution eight out of ten.

For some time now, I have been the CTO of a consulting company and our main issue is web application security. We also handle database security.

This is one of the solutions that we implement for our clients.

The primary use of this solution is the protection of applications.

This product has a logical perspective of negative and positive security. Negative meaning all of the blacklisted websites, and the positive is the profiling of the website itself. Impera can see and activate the policy, based on what it has learned. Imperva learns things like how dynamic content is dealt with, and what the permitted values are. When you combine these two perspectives, the negative and the positive, you get the optimal protection of the application.

When you want to move to a higher version of the platform, it is not in the GUI and not very easy to do. I expect that this will be available in the next version.

I think that better bot protection is needed in this solution. Bot protection is one of the features in Imperva that lets you recognize if their request is coming from a human or coming from a bot. In this context, a bot is a mechanism being used by the attacker. Good bot protection will reduce a lot of the attacks coming into the applications.

This solution is pretty stable.

If you build this solution properly then you have scalability.

We do not use technical support very often. It is only in cases where we get something that looks like a bug. Their team is good.

The initial setup of this solution is user-friendly and pretty straightforward.

However, the setup, in order to bring the application into inspection, is kind of complex. You need to know what you're doing. It takes approximately four hours to install, setup, and configure this platform.

My team and I handle the integration of this solution for our clients.

The number of people required depends on the environment. Sometimes it is one person, whereas other times there are two.

We have three people who take care of maintaining this solution for our customers.

The cost of this solution depends on the platform. For example, you may be buying virtual or you may be buying appliances. It also depends on the number of environments and the bandwidth that is required.

Compared to other web application firewalls in the market, Imperva does things in the most accurate way.

Overall, Imperva is a pretty good product.

I am working with the development team for Imperva in Israel, and I have submitted some feature requests for things that I think should be changed. Everything that should be fixed, we have a discussion on it and it is probable that these things will be fixed.

My advice to anybody who is implementing this solution is to first go and learn the attack surfaces because you need to protect the assets from attack. In order to do this, you need to understand the attacks. Let's say that a good defense is a good offense.

The biggest lesson that I have learned from working with this solution is to back up the system all of the time. Do it step by step, and be very precise. Have plans for each and every move, all of the time.

I would rate this solution a nine out of ten.

The dynamic profiling of websites is the solution's most valuable feature. The security is also good.

It would be useful if the solution used more intelligence in attack protection. For example, firewalls are to be dependent on the configuration, but if they could have some data science around it the solution would be even better. The profiling of the traffic, and making decisions surrounding that should be intelligence-based, instead of being based on the configuration of the firewall itself.

The solution is scalable, however, in terms of scalability, you're required to change the appliance, as it's not like a cloud, which is easier to scale. I would not rate it very well when it comes to scalability, because a model of license-based upgrades would be better. They could give you a bigger box to make it easier to grow if you needed to.

The solution's technical support is good.

The initial setup is straightforward. However, when you move to more advanced configurations, you require more expertise.

We are an integration company, so we are providing this as a solution to other customers. They're mostly enterprise-level clients.

I would recommend the solution. I'd rate it eight out of ten.

Data masking is the most valuable feature of this solution. 

Most of the clients are new to this solution and don't have an in-depth knowledge of the solution. It's not so well-known in Ethiopia. Imperva has only been around for a year. 

Licensing should be improved. Most of the clients aren't happy. It's expensive. 

Some of the features should be included in the next release is a file integrating monitoring tool. This feature should be improved. Also, it should have a privileged account option. In the solution, if you put it there, that would be a very nice feature so that the clients could get all those solutions in one box. It will be easier for support and for clients. 

It's a relatively new product but from the information I got from the Bank of Ethiopia, the stability is okay. They are getting what they are expecting from the product.

Scalability is good especially compared to IBM. It's not so easy to integrate with another solution from another vendor. 

The initial setup was complex. 

The company has to deeply work on it. Also, with regard to support for the distributor, distributors have a big problem. We got the wrong consigning. It was kept for more than three months in a customs warehouse because of the issue of the problems on the distributor side. That is a big problem.

I would rate it an eight out of ten. Imperva is good because it doesn't also only monitor but it also does acquisition.

We mainly use this solution as a web application firewall. We have CMS systems in our portfolio, which our customers use, and the full information portraits are running on our infrastructure and in our CMS product. We, therefore, use this solution mainly for protection and to improve performance.

I found that it is very easy to set everything up. I like the user-friendly interface.

I think the pricing needs some tweaks. 

Imperva Incapsula is a very stable solution.

We use this solution as a crowd solution, a software service so we don't have any issues regarding its performance or scalability. Our IT administrators use Incapsula to maintain the solution because they have knowledge about how this protection works.

I am satisfied with the customer service. The few times that we had issues, they technical support team was able to solve our issues. 

The initial setup was very easy and straightforward. Our customers need good protection so we do the installation for them to protect our sites. 

We are resellers and in addition to supplying the product, we also offer support. 

We compared this with other solutions like Akamai, but it couldn't deliver the same as Imperva Incapsula. We don't use specific application tweaks. We only use basic mechanisms of cashing and six years ago, when we were looking for a solution, there was no solution like this one out there. Incapsula does what we need it to do, and we like the easy installation process. We think still that Incapsula is the best.

Because we are resellers, we prefer that our customers use it. But even if I wasn't a reseller, I would still recommend it. I love the solution's capabilities and the ease of the installation. 

In the future, I would like to see better pricing. E.x. the additional bandwidth packages are higher than our needs so we end up paying for data that we don't use. I want them to provide me with the particular quantity of megabytes I need. I don't want to pay extra money for megabytes that I will not use in the future.

I rate this program nine out of ten.

Data marking is the solution's most valuable feature.

The firewall aspect of the solution needs improvement.

The GUI is not as intuitive enough. It should be more user-friendly, especially for end-users. 

The initial setup could be simplified. Every time you have to install the solution you have to get in touch with support or somebody that can to do that for you. 

The core functionality of the solution has been met. We find it stable enough.

The solution is very scalable. It is one of the most important features. You can also expand resources and features as well.

Customers actually require a lot of support. They want an easier channel that can provide support. The solution should offer a monthly check-in with clients. Other solutions offer this, and it's helpful for the clients, just to make sure everything is running okay.

In general, however, technical support has been good.

The initial setup required a lot of help. It took a month or two to deploy so it wasn't exactly straightforward. However, it was not as difficult as other solutions either.

I handle the on-premises deployment model. We have the latest version of the solution. We also sell the product.

I would rate the solution nine out of ten.