Try our new research platform with insights from 80,000+ expert users

Barracuda Web Application Firewall vs Imperva Web Application Firewall comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Barracuda Web Application F...
Ranking in Web Application Firewall (WAF)
15th
Average Rating
8.2
Number of Reviews
40
Ranking in other categories
No ranking in other categories
Imperva Web Application Fir...
Ranking in Web Application Firewall (WAF)
6th
Average Rating
8.6
Number of Reviews
49
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Web Application Firewall (WAF) category, the mindshare of Barracuda Web Application Firewall is 2.0%, down from 2.2% compared to the previous year. The mindshare of Imperva Web Application Firewall is 6.4%, down from 7.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Web Application Firewall (WAF)
 

Q&A Highlights

it_user566739 - PeerSpot reviewer
Dec 07, 2016
 

Featured Reviews

Carlo Bertini - PeerSpot reviewer
Sep 8, 2023
Provides strong issue discovery capabilities; enhance the security parameters of web applications and suitable for medium to large enterprises
The Barracuda support depends. Sometimes, they solve the issue promptly, but normally, they are not so fast and are not entirely focused on the problem. For example, sometimes I write many requests on the tickets, asking for one, two, three, or four steps and asking for one to three resolutions. Often, they respond with only one or two. So, I need to push again and again. In other cases, I ask questions and get positive feedback immediately, depending on who the technician is. Barracuda has engineers in the USA, UK, and other countries, so it depends on the technician's location and expertise. So, I am not completely satisfied, but sometimes it is okay, and sometimes it is not okay. So, depending on the region and depending on the person who actually receives these tickets, the technical support could be more knowledgeable. So they may need some training or education for the entire staff to respond immediately without any delays. Often, it happens that they respond because they need to, not because they understand the technology I'm using. So they respond just because it's required by the service level agreement, which specifies a response time within four hours. But this is just a response, not a resolution of the case. Sometimes, the response is within the agreed time, but the solution takes much longer.
Abdullah Jin - PeerSpot reviewer
Sep 9, 2024
Offers bot protection and DDoS Protection and protects public-facing portals
Support is one thing I wish Imperva could improve. They follow the phone model and keep rotating you from one customer service person to another. The layer one support isn't very clear about the workings of the product. My feedback is primarily about Imperva Cloud, not on-premise. On-premise is a whole new story. Support is the issue for Imperva Cloud. It's also a bit pricey. It's a premium service and very expensive. The licensing model is not very straightforward. Every feature is priced separately, and to enjoy maximum protection, you'll have to spend a lot of money. The licensing model is a bit complex, and each feature is very pricey. For example, API security and web application protection are two separate license packages.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One of the strongest points is its robust issue discovery capabilities. Barracuda invests significant efforts in identifying and resolving issues. They have multiple products that work in tandem to perform these checks, which is beneficial because it automates security updates. This is the primary reason I recommend it to my customers."
"Our customers value the solution's simplicity."
"We only need one subscription to be protected against both active DDoS and offline DDoS attacks."
"It significantly improved our overall web security posture, addressing intrusions and enhancing control over web URLs in our environment."
"We use Barracuda to protect the application. That's the main feature we use it for."
"The solution ensures layer seven is secure from attacks."
"The most valuable feature of this solution is the simplicity of configuration."
"Its recommendation about the probabilities on the website is great. It also has free probability managers for the website, which is really helpful. The protection engine, signature-based protection behavior, and analysis features are also great. It also has an ATP module for sandbox scanning and behavior analysis for file uploads."
"If you are using the appliance as opposed to the virtual deployment, it can stand as the network layer-two and provide real transparency."
"The configurability of the tools and the ease of operation to be the most valuable feature of Imperva."
"Imperva Web Application Firewall is a highly stable solution and is very mature."
"It has threat intelligence and we are using Incapsula. With threat intelligence, we can separate HTTP and HTTPS traffic. We can use Incapsula to send all the threat intelligence to the WAF."
"The most valuable features of the Imperva Web Application Firewall are performance and flexibility. We can extend or customize the box itself."
"Compared to other web application firewalls in the market, Imperva does things in the most accurate way."
"Imperva monitors all traffic, even customer access, to the web application. Then, Imperva uses features like signatures to identify attacks like cross-site scripting or SQL injection."
"Imperva is a Gartner leader, so its scalability, performance, and features are excellent."
 

Cons

"It is not stable nor mature."
"We've had some blocks of the application and some false positives."
"If you know nothing about networks, then you can't set it up."
"There are some vulnerabilities that are reported across the tools offered by Barracuda for some devices, which need to be taken care of from an improvement perspective."
"It would be better if their updates would be released annually."
"I would suggest that someone implementing this product is knowledgeable in the IT field, and with the network needs. It is complex."
"Its interface can be better. It is not very friendly."
"An area for improvement in Barracuda Web Application Firewall is attack identification. Other banks identified attacks and tracked logs that the solution wasn't able to identify because of its ready-made rules pre-deployed by the vendor. My organization raised this issue with the technical support team. Another area to improve in Barracuda Web Application Firewall is its service desk. The team resorted to stonewalling because they couldn't accept that a feature was missing in the solution, and it was only after a lot of drilling down that the service desk team accepted that, and would be adding that feature in the future. My organization had to submit a report to the Reserve Bank of India with information on the logs identified and the attacks that happened, and that there was a failure on the part of the Barracuda Web Application Firewall. The Reserve Bank of India conducts a tri-monthly cyber risk audit in all Indian banks. Even smaller banks identified and caught attacks that my organization wasn't able to do, so I was looking into other solutions that competitor banks could be using because Barracuda Web Application Firewall failed to identify some of the attacks."
"Sometimes, support tickets don't get addressed quickly."
"It is complicated to integrate the solution's on-cloud version with other platforms."
"There's always room for improvement. Occasionally, there might be false-positive alerts."
"I think that better bot protection is needed in this solution."
"In the past, I have bugs on the WAF. I've contacted Imperva about them. Future releases should be less buggy."
"It would be helpful to have a "recommended deployment", or even a list of basic features that should either be used or turned on by default."
"They can provide an option to create reports, automatically import the entire report, and create rules again. In a real-life crisis, it would be helpful to be able to import a report and generate security rules from that report. I should be able to create a simple query and import the reports automatically. It can maybe also tell us the format of the report."
"Their portal is very limited and needs improvement."
 

Pricing and Cost Advice

"The price is reasonable, more so than other products."
"The pricing is reasonable."
"Barracuda costs us $8,000 per year. Barracuda costs $20,000 for a full subscription, when you try to protect multi-site infrastructure, in different geographical zones and for different data centers. If you have only one site, Barracuda will be cheaper."
"They have competitive pricing."
"Cost is a bit on the higher side. Big companies can afford it."
"For small companies, the price is very expensive because the WAF is an enterprise-level application, not intended for smaller businesses. In my opinion, the price is right for enterprise-level use."
"The price of this solution is okay."
"The product is expensive."
"There are some licenses that you have to buy to use some features. Its price could be better. Price is always important because, at the end of the day, customers have a budget. If you can meet the budget, you can sell, and if you don't, you cannot sell."
"Imperva Web Application Firewall price is higher compared to other solutions. However, everything is included in the price."
"The price is high compared to other solutions like FortiWeb."
"The price of Imperva Web Application Firewalls is expensive compared to others."
"The pricing is somewhat expensive. It is actually a huge investment when compared to other countries."
"It's an excellent product, but it can be very costly."
"It is a very affordable solution."
"There are a couple of different licensing models."
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Answers from the Community

it_user566739 - PeerSpot reviewer
Dec 8, 2016
Dec 8, 2016
To prevent OWASP TOP 10 (SQL Injection, XSS, XSFR...etc) attacks, stop L7 DDoS like SlowLoris and HeavyURL, protect against web fraud, phishing and endpoint malware (Dridex) on endpoint machines outside administrative control, secure application API's, the option to deploy as a managed service in the cloud and available on premises, use DAST integration for policy building with Qualys, Cenzic, ...
2 out of 13 answers
it_user307584 - PeerSpot reviewer
Dec 7, 2016
Today i would say Barracuda is the better WAF based on that Imperva Dev slowed down over the last two years and the customers give bad feedback on the support, but there is a newer generation of WAF´s in the market that is better than Imperva and Barracuda, both in performance and price, PT application firewall, the only visionary in the GMQ
Dec 7, 2016
Neither. F5 Networks Sent from my iPhone
 

Top Industries

By visitors reading reviews
Computer Software Company
20%
Financial Services Firm
10%
Educational Organization
9%
Government
8%
Financial Services Firm
17%
Computer Software Company
14%
Manufacturing Company
8%
Insurance Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Barracuda Web Application Firewall?
It significantly improved our overall web security posture, addressing intrusions and enhancing control over web URLs in our environment.
What is your primary use case for Barracuda Web Application Firewall?
I use the solution in my company to protect our website.
Is Citrix ADC (formerly Netscaler) the best ADC to use and if not why?
For ADC, any ADC can do a good job. But in case if you want to add WAF functionality to the same ADC hardware you have to look for other ADC's like F5, Imperva, Radware, Fortinet, etc.
DDoS solutions: Any other solutions to consider aside from Radware DefensePro and F5 Silverline DDoS Protection?
You can have a look to Imperva Cloud WAF, the anti-DDoS mitigation is under 1s and works very well. I observed a lot of DDoS attacks that were well managed (even not seen by the customer) by Imperv...
 

Overview

 

Sample Customers

Oracle, CBS, Pioneer, Hyundai, Publix, Barnes Noble, Calzedonia, Nordstrom, Samsung, Nascar
BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens
Find out what your peers are saying about Barracuda Web Application Firewall vs. Imperva Web Application Firewall and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.