Imperva DDoS Reviews

We primarily use the solution for all our corporate websites for port 80 and 443 redirect and protecting all the web pages that we have in our environment.

The solution is very good at intercepting traffic before it gets to our data centers. It saves us some security hits and top-level bad guy stuff. It's very good at protecting us. It keeps anything malicious off of our infrastructure.

We did have a major complaint, however, they fixed it after about a year and a half of complaining. It's not a problem anymore. I don't recall really having any issues with the solution beyond what they have fixed.

The salespeople tend to exaggerate its capabilities, which can cost you money if you don't verify the information.

I've dealt with the solution for two years at this point.

The stability of the solution is very good. I've never heard of any outages that I'm aware of. It doesn't crash or freeze. There aren't bugs or glitches. It's reliable.

The scalability is just based on the number of licenses and in our case, we've maxed out our licenses. They are extremely expensive, and therefore it would be costly to scale.

I haven't had to call technical support, however, from what I've heard, they're okay. They are not great, not bad, just right down the middle.

The infrastructure team did all the certificates on that side. My team took care of security. It's the security settings we set up. There was a lot of complexity in the initial configuration based on our proprietary apps and having to disable or change some settings to allow some stuff to work. That's kind of a normal thing. No matter what WAF you would have, you'd have the same issue.

The licensing of the solution is quite high. Licenses are quite expensive. I'm not sure if they really offer the value that they ultimately charge.

The cost is somewhere around $10,000 a site. For every site, you pay individually. For every DNS entry, you have you pay.

We are just customers and end users.

We're using the WAF. It's the web-based version. Whatever's the current and newest version is what we're using.

I'd advise potential new users to not believe salespeople. That's kind of a standard thing across the industry, however, we were told one thing at the sales side, and then, after we purchased, it was not true what they said. That's extremely disappointing as it actually costs us tens of thousands of dollars more due to the fact that what they said could happen, how their licensing model works, doesn't work the way the sales guy said. That's a giant disappointment.

Overall, the solution does what it says it will do. I'd rate it at an eight out of ten.

• Extensive cache control like cache purging and cache rule propagation
• Availability features
• Cross-datacenter solution (active and passive environments)
• CDN and DDoS protection with 24/7 support

Automatic failover between primary and secondary sites enables high availability and accelerates disaster recovery. As soon as it detects that the primary site has gone down, it automatically kick-starts our standby data center.

The dashboard is not accessible on occasion. This is probably due to a high load. However, the sites’ protection seems intact.

We have been using this solution for four years.

There are no stability issues as of now.

There are no scalability issues, but the custom SSL has a terrible price point that puts it out of range for our clients. If they need custom or EV SSL, they are paying significantly more than their overall hosting.

The technical support is impressive.

We used Akamai previously, but due to full PCI DSS compliance, we needed a proprietary solution for two-factor authentication. We then switched to Incapsula.

The setup was so straightforward. It didn’t require to us to make any major changes.

If you don't have custom SSL, get it!

We switched to Incapsula from Akamai.

Imperva has a very impressive core feature set. Imperva has made security analysts scratch their heads. We allow them in from the inside so they can actually hit something worthwhile.

We are very confident in the reports we get from Imperva. Its bot identification has allowed us to plan bandwidth appropriately.

Identification for good bots (people who hit our site using automation, but for good business reasons) has allowed us to work with our customers who use our services in new ways.

We use it to protect websites against application threats and DDoS attacks. Because it is a cloud solution, we always have the last version. I don't need to update or upgrade. 

We are a partner of Imperva. Imperva doesn't sell directly to customers, so they have to pass through vendors and partners like us. All of my customers have different levels of services with Imperva.

We can protect our customers with Imperva solution very quickly, it's highly appreciated by our customers.  We trust the solution because we saw a lot of blocked attacks, so once the customer website is protected, we don't worry about the security of his acces, it's all managed by the solution.

-WAF protection works almost out-of-the-box

-Anti-DDoS mitigation in less than 1s, I saw it many time in production, I can say it works

-CDN has high performances, and the Smart Caching mode is really "smart" (you can do some efficient caching even if you're not a specialist)

-It's a unique interface for managing security and performance aspects, we don't need to go through multiples providers to manages these aspects.

The weakest point of Imperva is their first level of support, which should be improved. 

They should also improve the access and security logs viewing directly on the portal. I would like to see better access and security logs through the portal and not only through a SIEM solution. Currently, if you want to explore your access and security logs from Imperva, you need a SIEM tool or a SIEM infrastructure on your side to do it. You can't do it manually or directly through the portal, which is a big problem for us. They agreed that this is an improvement point from their side.

I have been using this solution for four years.

It is very stable. I have used this solution for more than 20 customers, and each customer has a lot of websites. I have seen some network outages or things like that over the last four years, but I can say it is very stable.

Scalability is not a problem because it is a cloud. The provider manages this aspect for me.

This is the weakest point of Imperva. They have some very good technicians but not at the first level of support. I have already told them this several times. Each time I meet or talk to a chief or director, I say, "Your product is very good, but your support is not at the same level." I provide support to my customers for their solution. So, I know what the customers expect and how to address this kind of expectation. They need some improvement at this level.

The initial setup is very easy and quick. You can put the protection live in less than 10 minutes if you need it.

It is an expensive solution. The price is high as the level of service and security provided is high. A lot of customers tell us that they would love to use Imperva more. I have some customers who have 50 websites, but they protect only 10 websites on Imperva because of the price. They would love to have all their websites running through Imperva, but they can't. They have to choose the more critical websites to protect because the price is very high. It is a very good product, but it is expensive.

If you buy a plan for 20 megabytes and you don't consume all of your 20 megabytes, it is okay, but if you consume more, you are charged for the superior traffic.

I would recommend this solution because I have also used different WAF and DDoS solutions. For me, it is the best solution available. It is quite simple to do the configuration. You can do whatever you want. If you know the product, you can do fine-tuning and have the configuration that you need. You need the knowledge to do this, but you can do this, and it works. Even though it is a high-cost solution, it is easy for me to sell it to customers because I know it will work. I get a little bit stressed about some of the other solutions because I don't trust those solutions like I trust Imperva. 

I would rate Imperva Incapsula an nine out of ten. It is quite a good solution. They can do some improvements, but it is quite a good solution.

All our web services go to the Incapsula cloud application environment for monitoring on the production service.

All the web application protection is under Incapsula because they provide the WAF protection services. Our web services are registered under their cloud environment so all our customers visit our web services. All the web services are under the web application firewall protector.

I think it's from their own cloud solution. I don't think the cloud solution is from Amazon because the IP address does not belong to Amazon. It belonged to Incapsula themselves, so their solution is under their own network cloud environment. Our own data center environment is using the Incapsula cloud service. I think it's a hybrid cloud to include all the private and the public services.

The most valuable features are DDoS protection. The Incapsula environment helps us monitor all the web activity. All the web activity is passed through their WAF cloud services, then that can help us to monitor those activities. That can help protect against DDoS hacking.

We started implementing WAF under Incapsula in 2019 or 2020.

It's very stable because Incapsula services also provides load balancing services for their service IP address environment. So far, with monitoring their services, the IP address was only changed once. Their services are very stable.

We implement the WAF production environment, or the web services, which is needed to provide traffic to the customer. We implement those services under the Incapsula WAF protection. 

We have about one thousand people using the solution globally.

If the scale is 1 to 10, technical support is a 9. Our global service team is more than 10 people. We have a whole Incapsula service team as well as our all global staff team.

We are using our own firewall with the web application services. We used our own firewall before implementing with Incapsula, but we are also implementing it now under Incapsula cloud solutions.

It's very simple because the domain name service is done with the CNAME. We just registered back in our DNS environment. After that, if the domain is resolved by our customer, then they will resolve the domain name which is provided by the Incapsula environment. That means all the network traffic will go through the Incapsula cloud services, and all the network activity can be monitored and protected by Incapsula WAF.

Deployment is simple and very fast. After they define the domain and service, we do some changes, and it takes within one hour. Within 15 minutes, it can transfer all the services from our site. All the network routing paths will pass through the Incapsula WAF cloud environment. It's very fast.

The license is on a yearly basis.

I would rate this solution 9 out of 10.

Because of all these services, you need to look at the company's services budget. If you have the budget and you can implement the web application for tech, or if you just want to move to the cloud, or you're just using your own firewall to do all those protections, Incapsula is a good option. This one just depends on the IT infrastructure budget in your own company or environment.

Incapsula:

• Strength of DDoS and WAF
• Simple dashboard
• Analytics
• SSL

CloudFlare:

• Ease of use
• Simple dashboard
• DNS management
• CDN
• SSL

Incapsula:

It has provided heightened visibility and awareness at management level on the actual threat landscape; it paves the way for easier approval for security-related implementations/projects.

CloudFlare:

It provides free SSL certs that can be used on website domains that I did not purchase SSL certs for.

Some protection and CDN caching realized, even though I’m on the free tier.

Incapsula:

• Allow easier scripting of firewall rules.
• Enable more custom actions to trigger turning on/off Incapsula settings (current actions are quite limited).
• Allow setting up of user groups to manage different groups of sites with viewer/operations/admin levels of privileges. This is quite a typical requirement for enterprise clients who will have multiple teams taking care of different sites, plus an overall IT security team who oversees everything.

CloudFlare:

• Improve the strength of WAF/DDoS.
• Reduce the rate of false positives.

I have used Incapsula for about a year.

I have used CloudFlare for almost a year.

Incapsula: The dashboard occasionally is not accessible (probably due to high load) but the sites protected seem intact.

CloudFlare: I have not used it enough to provide useful information.

Incapsula: The only issue so far is with the dashboard.

CloudFlare: I have not used it enough to provide useful information.

Incapsula: Technical support provides fast response via email tickets, and fairly responsive local technical/account reps.

CloudFlare: I have hardly utilized their technical support so far.

I did not previously use a different solution.

For both Incapsula and CloudFlare, initial setup was very easy.

Incapsula:

Pricing is described on their website, but for enterprise agreements, clarify with local reps, as there might be a need for customized needs/pricing. Be clear on how they handle domains and subdomains.

CloudFlare:

Pricing and licensing is very clearly described on their website; 1 site = 1 domain. Clarify how to support subdomains.

We evaluated Incapsula and CloudFlare.

Incapsula:

You need to understand how DNS works (e.g., A records vs CNAME, TXTs etc.), how SSL works and how to set it up, and how web servers work with domains and proxy servers. It is not for the layman, as the dashboard assumes some level of understanding in these topics. Some settings can break your site, so do perform some tests on a development site before turning features on/off in the dashboard. The good thing is that most settings are reversible and take effect quite quickly, so if things do go wrong, it will not stay broken for too long.

Also, use extra caution when dealing with TLDs, as the product does not handle your DNS, so for onboarding of domains using A records, you may need to ask Incapsula support for advice and assistance as it requires assigning the A record to a CNAME or IP address (network folks might understand the problem here).

CloudFlare:

You need to understand how DNS works (e.g., A records vs CNAME, TXTs etc.), how SSL works and how to set it up, and how web servers work with domains and proxy servers. It is not for the layman, as the dashboard assumes some level of understanding in these topics. Some settings can break your site, so do perform some tests on a development site before turning features on/off in the dashboard. The good thing is that most settings are reversible and take effect quite quickly, so if things do go wrong, it will not stay broken for too long.

The solution has the best volumetric DDoS attacks feature.

The solution needs to be improved every time there are new attacks. They need to add new features and techniques to prevent the attacks.

We have been using the solution for seven years.

I rate the solution's stability an eight out of ten.

It is a scalable solution. It is suitable for medium and enterprise businesses.

The solution's technical support services are fine. 

Compared with the competitors, the solution provides better security features, including web protection firewall and DDoS protection.

The solution's initial setup process is complicated. You need to include the right security policy and discover the attack trends. The time taken for implementation depends on the project requirements.

The solution's price is reasonable. Although, it is a bit expensive for small companies. The cost of its licenses depends on the specific project requirement.

I advise others to study their requirements while choosing DDoS protection thoroughly. They should know if the CDN is limited to their region or has a global reach. Also, DDoS attacks appear in different ways every single time. Thus, it is challenging to implement. It is crucial to know its surface, nature, and how to implement the security measures.

I rate the solution an eight out of ten.

Previously I was in software development for more than 15 years. I had developed web applications for internet and cable TV companies. Now, I am a sales executive for Imperva Cloud WAF. 

Imperva Cloud WAF, previously Imperva Incapsula, is a web application firewall that is implemented in the cloud. It protects a public facing web application. It will track if a hacker is doing brute force attack. The web application firewall will detect it and block the source. This could be an IP address or the main name specific for a country. You can then update the profile of your server to block those IP addresses where the attack is coming from .

We have placed Imperva Cloud in our client's employee self service system that they are logged into. The website is protected by Imperva so that employees and customers can log in all over the Philippines. The client is a power generation company, which is a critical service, and has branches all over the Philippines.

We partner with a couple of on-premise data centers in the Philippines, one is PIM. They also provide cloud solutions. We bundle our solutions into their cloud projects.

Imperva Incapsula has many valuable features. One, it protects the top 10 OWAS vulnerability, the open web application software platform, this is standard. Secondly, it protects against broken authentication. As well, it has remote execution of code.

Imperva always needs to adjust to new versions of cyber attacks, it needs to be faster, improve the resiliency of the software of the solution.

I have been using Imperva Cloud WAF for three years.

Imperva is stable. Based on Gartner's survey we are top three, meaning we are reliable based on customer feedback.

This is a scalable solution. We have data centers all over the world. The solution can be set up to be optimized wherever the clients are accessing.

Technical support has good response time. I am also the liaison officer for the technical team in Singapore. Support responds quickly and they do attend to the issues that we raise to them.

The implementation of Imperva Cloud WAF is easy. All you need to do is change the DNS settings, because it is a cloud solution there is no appliance that you need to install at the data center. It just changes the DNS settings, and then a couple of IP address and domain name settings to allow a couple of those IP addresses and domain names settings into the firewall of the client and the firewall of Imperva.

The actual installation will only take a few hours and then full implementation within 24 hours. The initial setup takes time because of the configuration on the client-side. We prepared a questionnaire for the client to assist with preparation.

We created a cross-comparison against hiring a team of cybersecurity staff versus getting a subscription. After using Imperva Cloud for the past three years the cost is already acceptable against hiring a team.

The price depends on the client's needs, it will be impacted depending on whether they need diverse production, or account take over for example.

There is an initial four package bundle with the price changing monthly.

I would rate this solution an 8 out of 10.

Our primary use case is DDoS protection. We are using it to protect access to internet sites. It is a SaaS solution, so everybody has the latest version. 

DDoS protection and WAF are the most valuable features. It is easy to deploy a service. It is easy and quick to deploy to a new website.

Its price could be improved. It is quite expensive.

It will be good if we could export the configuration. Currently, to control the configuration, we need to go to each website, which is not very convenient.

I have been using this solution for six years.

Its capacity is okay for us, and we don't need to scale it or expand its usage.

Their technical support is good. We get a quick response from them.

It was simple. It is very easy and quick to deploy.

It was done in-house.

It is expensive.

I would recommend this solution to others. It has been working fine for us, and it has all the features that we need. I would advise others to know the exact bandwidth that is required for the project because the cost is based on the bandwidth. You must evaluate the required bandwidth beforehand.

I would rate Imperva Incapsula a nine out of ten. Technically, it is a very good solution.