Imperva DDoS Reviews

We use Imperva DDoS for DDoS protection and security.

Imperva DDoS is fairly stable, and its availability is quite high. I haven't faced any downtime or system instability issues with the solution.

Imperva DDoS does not provide version control. After I make any changes on any portal, I would want to roll back my changes and go back to a stable version if something goes wrong. That particular feature is not there on the UI portal.

They have this roundabout way wherein I can use different tools to integrate, do the versioning, and manage it on my own. It's not directly available, but I can use it indirectly.

I have been using Imperva DDoS for two to three years.

Imperva DDoS is a scalable product.

The solution's initial setup is a bit difficult and not very easy. It's not that time-consuming if you have expertise. Once you get your hands on it, it's pretty straightforward.

Imperva DDoS is deployed on-cloud in our organization.

I would recommend Imperva DDoS to users because it's a fairly stable product.

Overall, I rate Imperva DDoS an eight out of ten.

All our web services go to the Incapsula cloud application environment for monitoring on the production service.

All the web application protection is under Incapsula because they provide the WAF protection services. Our web services are registered under their cloud environment so all our customers visit our web services. All the web services are under the web application firewall protector.

I think it's from their own cloud solution. I don't think the cloud solution is from Amazon because the IP address does not belong to Amazon. It belonged to Incapsula themselves, so their solution is under their own network cloud environment. Our own data center environment is using the Incapsula cloud service. I think it's a hybrid cloud to include all the private and the public services.

The most valuable features are DDoS protection. The Incapsula environment helps us monitor all the web activity. All the web activity is passed through their WAF cloud services, then that can help us to monitor those activities. That can help protect against DDoS hacking.

We started implementing WAF under Incapsula in 2019 or 2020.

It's very stable because Incapsula services also provides load balancing services for their service IP address environment. So far, with monitoring their services, the IP address was only changed once. Their services are very stable.

We implement the WAF production environment, or the web services, which is needed to provide traffic to the customer. We implement those services under the Incapsula WAF protection. 

We have about one thousand people using the solution globally.

If the scale is 1 to 10, technical support is a 9. Our global service team is more than 10 people. We have a whole Incapsula service team as well as our all global staff team.

We are using our own firewall with the web application services. We used our own firewall before implementing with Incapsula, but we are also implementing it now under Incapsula cloud solutions.

It's very simple because the domain name service is done with the CNAME. We just registered back in our DNS environment. After that, if the domain is resolved by our customer, then they will resolve the domain name which is provided by the Incapsula environment. That means all the network traffic will go through the Incapsula cloud services, and all the network activity can be monitored and protected by Incapsula WAF.

Deployment is simple and very fast. After they define the domain and service, we do some changes, and it takes within one hour. Within 15 minutes, it can transfer all the services from our site. All the network routing paths will pass through the Incapsula WAF cloud environment. It's very fast.

The license is on a yearly basis.

I would rate this solution 9 out of 10.

Because of all these services, you need to look at the company's services budget. If you have the budget and you can implement the web application for tech, or if you just want to move to the cloud, or you're just using your own firewall to do all those protections, Incapsula is a good option. This one just depends on the IT infrastructure budget in your own company or environment.

We primarily use the solution for all our corporate websites for port 80 and 443 redirect and protecting all the web pages that we have in our environment.

The solution is very good at intercepting traffic before it gets to our data centers. It saves us some security hits and top-level bad guy stuff. It's very good at protecting us. It keeps anything malicious off of our infrastructure.

We did have a major complaint, however, they fixed it after about a year and a half of complaining. It's not a problem anymore. I don't recall really having any issues with the solution beyond what they have fixed.

The salespeople tend to exaggerate its capabilities, which can cost you money if you don't verify the information.

I've dealt with the solution for two years at this point.

The stability of the solution is very good. I've never heard of any outages that I'm aware of. It doesn't crash or freeze. There aren't bugs or glitches. It's reliable.

The scalability is just based on the number of licenses and in our case, we've maxed out our licenses. They are extremely expensive, and therefore it would be costly to scale.

I haven't had to call technical support, however, from what I've heard, they're okay. They are not great, not bad, just right down the middle.

The infrastructure team did all the certificates on that side. My team took care of security. It's the security settings we set up. There was a lot of complexity in the initial configuration based on our proprietary apps and having to disable or change some settings to allow some stuff to work. That's kind of a normal thing. No matter what WAF you would have, you'd have the same issue.

The licensing of the solution is quite high. Licenses are quite expensive. I'm not sure if they really offer the value that they ultimately charge.

The cost is somewhere around $10,000 a site. For every site, you pay individually. For every DNS entry, you have you pay.

We are just customers and end users.

We're using the WAF. It's the web-based version. Whatever's the current and newest version is what we're using.

I'd advise potential new users to not believe salespeople. That's kind of a standard thing across the industry, however, we were told one thing at the sales side, and then, after we purchased, it was not true what they said. That's extremely disappointing as it actually costs us tens of thousands of dollars more due to the fact that what they said could happen, how their licensing model works, doesn't work the way the sales guy said. That's a giant disappointment.

Overall, the solution does what it says it will do. I'd rate it at an eight out of ten.

• Extensive cache control like cache purging and cache rule propagation
• Availability features
• Cross-datacenter solution (active and passive environments)
• CDN and DDoS protection with 24/7 support

Automatic failover between primary and secondary sites enables high availability and accelerates disaster recovery. As soon as it detects that the primary site has gone down, it automatically kick-starts our standby data center.

The dashboard is not accessible on occasion. This is probably due to a high load. However, the sites’ protection seems intact.

We have been using this solution for four years.

There are no stability issues as of now.

There are no scalability issues, but the custom SSL has a terrible price point that puts it out of range for our clients. If they need custom or EV SSL, they are paying significantly more than their overall hosting.

The technical support is impressive.

We used Akamai previously, but due to full PCI DSS compliance, we needed a proprietary solution for two-factor authentication. We then switched to Incapsula.

The setup was so straightforward. It didn’t require to us to make any major changes.

If you don't have custom SSL, get it!

We switched to Incapsula from Akamai.

Imperva has a very impressive core feature set. Imperva has made security analysts scratch their heads. We allow them in from the inside so they can actually hit something worthwhile.

We are very confident in the reports we get from Imperva. Its bot identification has allowed us to plan bandwidth appropriately.

Identification for good bots (people who hit our site using automation, but for good business reasons) has allowed us to work with our customers who use our services in new ways.

Our primary use case is DDoS protection. We are using it to protect access to internet sites. It is a SaaS solution, so everybody has the latest version. 

DDoS protection and WAF are the most valuable features. It is easy to deploy a service. It is easy and quick to deploy to a new website.

Its price could be improved. It is quite expensive.

It will be good if we could export the configuration. Currently, to control the configuration, we need to go to each website, which is not very convenient.

I have been using this solution for six years.

Its capacity is okay for us, and we don't need to scale it or expand its usage.

Their technical support is good. We get a quick response from them.

It was simple. It is very easy and quick to deploy.

It was done in-house.

It is expensive.

I would recommend this solution to others. It has been working fine for us, and it has all the features that we need. I would advise others to know the exact bandwidth that is required for the project because the cost is based on the bandwidth. You must evaluate the required bandwidth beforehand.

I would rate Imperva Incapsula a nine out of ten. Technically, it is a very good solution.

Hands down, the WAF is the most valuable feature; being able to identify, block, whitelist or blacklist as needed, are all valuable.

We now have visibility into our traffic in a scope that we never had before, especially being able to review bot vs human traffic and country of origin.

Reporting and the main Sites dashboard could use refinement. We have a lot of sites, and scrolling through the dashboard becomes cumbersome.

I have used it for six months.

The only deployment issue we encountered was getting Incapsula and Akamai to play nice. However, the Incapsula engineers were very helpful in helping us configure our sites in the WAF correctly.

We have not encountered any stability issues.

We have not encountered any scalability issues.

I have yet to need customer service.

I rate the level of technical support as very high.

We had not used a WAF before deploying Incapsula.

The setup was straightforward and simple.

We implemented it ourselves with the guidance of the Incapsula team.

It is too soon to tell regarding ROI.

Know your bandwidth requirements.

Before choosing this product, we evaluated so, so, so many other options.

Incapsula:

• Strength of DDoS and WAF
• Simple dashboard
• Analytics
• SSL

CloudFlare:

• Ease of use
• Simple dashboard
• DNS management
• CDN
• SSL

Incapsula:

It has provided heightened visibility and awareness at management level on the actual threat landscape; it paves the way for easier approval for security-related implementations/projects.

CloudFlare:

It provides free SSL certs that can be used on website domains that I did not purchase SSL certs for.

Some protection and CDN caching realized, even though I’m on the free tier.

Incapsula:

• Allow easier scripting of firewall rules.
• Enable more custom actions to trigger turning on/off Incapsula settings (current actions are quite limited).
• Allow setting up of user groups to manage different groups of sites with viewer/operations/admin levels of privileges. This is quite a typical requirement for enterprise clients who will have multiple teams taking care of different sites, plus an overall IT security team who oversees everything.

CloudFlare:

• Improve the strength of WAF/DDoS.
• Reduce the rate of false positives.

I have used Incapsula for about a year.

I have used CloudFlare for almost a year.

Incapsula: The dashboard occasionally is not accessible (probably due to high load) but the sites protected seem intact.

CloudFlare: I have not used it enough to provide useful information.

Incapsula: The only issue so far is with the dashboard.

CloudFlare: I have not used it enough to provide useful information.

Incapsula: Technical support provides fast response via email tickets, and fairly responsive local technical/account reps.

CloudFlare: I have hardly utilized their technical support so far.

I did not previously use a different solution.

For both Incapsula and CloudFlare, initial setup was very easy.

Incapsula:

Pricing is described on their website, but for enterprise agreements, clarify with local reps, as there might be a need for customized needs/pricing. Be clear on how they handle domains and subdomains.

CloudFlare:

Pricing and licensing is very clearly described on their website; 1 site = 1 domain. Clarify how to support subdomains.

We evaluated Incapsula and CloudFlare.

Incapsula:

You need to understand how DNS works (e.g., A records vs CNAME, TXTs etc.), how SSL works and how to set it up, and how web servers work with domains and proxy servers. It is not for the layman, as the dashboard assumes some level of understanding in these topics. Some settings can break your site, so do perform some tests on a development site before turning features on/off in the dashboard. The good thing is that most settings are reversible and take effect quite quickly, so if things do go wrong, it will not stay broken for too long.

Also, use extra caution when dealing with TLDs, as the product does not handle your DNS, so for onboarding of domains using A records, you may need to ask Incapsula support for advice and assistance as it requires assigning the A record to a CNAME or IP address (network folks might understand the problem here).

CloudFlare:

You need to understand how DNS works (e.g., A records vs CNAME, TXTs etc.), how SSL works and how to set it up, and how web servers work with domains and proxy servers. It is not for the layman, as the dashboard assumes some level of understanding in these topics. Some settings can break your site, so do perform some tests on a development site before turning features on/off in the dashboard. The good thing is that most settings are reversible and take effect quite quickly, so if things do go wrong, it will not stay broken for too long.

The solution has the best volumetric DDoS attacks feature.

The solution needs to be improved every time there are new attacks. They need to add new features and techniques to prevent the attacks.

We have been using the solution for seven years.

I rate the solution's stability an eight out of ten.

It is a scalable solution. It is suitable for medium and enterprise businesses.

The solution's technical support services are fine. 

Compared with the competitors, the solution provides better security features, including web protection firewall and DDoS protection.

The solution's initial setup process is complicated. You need to include the right security policy and discover the attack trends. The time taken for implementation depends on the project requirements.

The solution's price is reasonable. Although, it is a bit expensive for small companies. The cost of its licenses depends on the specific project requirement.

I advise others to study their requirements while choosing DDoS protection thoroughly. They should know if the CDN is limited to their region or has a global reach. Also, DDoS attacks appear in different ways every single time. Thus, it is challenging to implement. It is crucial to know its surface, nature, and how to implement the security measures.

I rate the solution an eight out of ten.