Imperva DDoS Reviews, Competitors and Pricing

Owner at a tech services company with 51-200 employees

May 1, 2014

Speed up WordPress – increase security

In a nutshell this is what Incapsula does:

Incapsula offers state-of-the-art security and performance to websites of all sizes. Through a simple DNS change, your website’s traffic is seamlessly routed through Incapsula’s globally-distributed network of high-powered servers. Incoming traffic is intelligently profiled in real-time, blocking even the latest web threats: from sophisticated SQL injection attacks to scrapers, malicious bots, intruding comment spammers and thwarting multi-Gigabit DDoS attacks. Meanwhile, outgoing traffic is accelerated and optimized with Incapsula’s global CDN, for faster load times, keeping welcome visitors speeding through.

I’ve always been interested in how to make my website faster but with the news about brute force attacks on WordPress, I wanted a more secure website as well. Researching WordPress security, I was surprised to find the following image from Incapsula on what sort of traffic you actually get.

I don’t know how accurate this study is, I would like to see more data but I was surprised to say the least. I didn’t know just how much bandwidth could be wasted by automated services on your website.

So I decided to try Incapsula to see what it could do for my website and try and show you through this Incapsula review, just what this product can do.

But what can Incapsula do against all of this? A much easier way of answering this would be to watch their promo video

Install IncapsulaThe installation was pretty easy and within 5 mins I was done. All that is required is to change your DNS records, you can see more about the setup here. For WordPress users it’s also advised for you to install their WordPress plugin.

By using this plugin you will have no change to your originating IPs when using Incapsula. Incapsula acts as a reverse proxy and all incoming connections to your website first pass through one of Incapsula’s servers. This plugin will ensure that you continue to see the real originating IP of your website visitors.

Once this is all setup, it’s just a waiting game for Incapsula to start collecting the data.

Inside Incapsula

inside-incapsula

Once the DNS changes have been made and Incapsula has had time to do its job, you’ll see an image like above when you log in. This is a 7 day run down of what has been going on with your website. As you can see my bot visits out-number the human visits by quite some way.

Not all bots are bad however, I need Google-bot in order for my website to be found as well you a large number of other good bots but Incapsula reports that in the last 7 days there’s been 158 bad bots on my website!

Incapsula security

To test the security of Incapsula, I deleted my Askimet plugin as Incapsula can handle comment bots and protect me from spam. I also let it run for 7 days to see what it would report. Here’s my 7 day run down of what happened on my website.

Going further into the Incapsula dashboard you get a run down of the top attacking countries with USA being my top one with 30% next is China with 20%.

Incapsula also gives you a run down of the types of threats to your website.

threats

So it’s clear that bots are my biggest problem and Incapsula also shows what type of bot is causing the most problems, in my case it’s the comment spammer with 94%. I did want to test just how good Incapsula was so I deleted my Askimet plugin. Considering the amount of comment spammer bots visting my websites, Incapsula does a very good job of protecting my website. Although I still get a couple of spam comments a day without Askimet, I’m still impressed with Incapsula.

comment-spammer

Incapsula will also email you when there’s a threat. This is an email I got yesterday when someone tried to login to my website. Incapsula blocked the request.

This image is also provided by incapsula showing the top client applications. It surprising just how many bots are out there on the Internet!
bots2

To get a better idea of bot vs humans, Incapsula provides you with the following image. This is a nice example of just how much of your bandwidth is being wasted with unwanted bots on your website.

bots

Incapsula speed

Not only does Incapsula do a pretty god job of protecting your website but it also increases the speed of it. By blocking unwanted bots and saving your bandwidth, it not only saves you resources and money but you also get to use their CDN for a faster website.

So I wanted to test the speed of Incapsula, I switched to advanced performance and tested the before and after. The results are below.

Before advanced

After advanced

According to Pingdom switching to advanced performance on Incapsula increased the speed of my website by just over 50%!

You can also see the response time of the CDN location centers.

response-time

With the advanced setting of Incapsula it also caches dynamic cotent which you can read about here. There’s also a good article on how a CDN can help your SEO by Incapsula.

I’ve been impressed with Incapsula, it not only protects me from spammers and bad bots but it has also increased the speed of my website by over 50%. I found Incapsula very easy to use and once the setup is done everything is done automatically for you leaving you with a peace of mind of a faster website with better security.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

it_user1020Head of Data Center at a tech company with 51-200 employees

Report as inappropriate

Nov 21, 2013

A very good review of the product with matching graphics and stats to prove it. This is really something worth considering for anyone operating a high-traffic site, and I would definitely like to implement this for our university web services.

it_user70002

CEO with 51-200 employees

Nov 19, 2013

Incapsula helped us stay up during some of the biggest DDoS attacks on record

To ensure the success of our online trading operations, we place a major emphasis on state-of-the-art security, high availability (99.9% uptime) and user convenience.

Daily high-volume network DDoS attacks against our website were wreaking havoc with business operations, resulting in downtime for our online trading platform. The anti-DDoS solutions we had in place was not equipped to mitigate these attacks, which came precisely at the time when we were experiencing record trading volumes.

Since our company deals with a highly competitive and time-sensitive trading market, high availability and stability are paramount to building our users' confidence in our platform. It was obvious to us that in order to maintain and grow our business, we needed the best DDoS protection solution.

We required a high-capacity solution capable of mitigating the largest Layer 3 DDoS attacks, which can often reach several tens of Gbps. Blackholing was not a desirable option, since this aggressive method for diverting traffic actually serves the attackers' goal of denying and disrupting service by not allowing any visitors to reach the site.

To ensure an optimal user experience, we sought a DDoS mitigation solution that would be transparent to users. In this context, we preferred a solution that does not use delay pages, which cause problems for the application's APIs and prevent users from connecting to the server.

In terms of architecture, we preferred a cloud-based solution for reasons of cost-effectiveness and compatibility with our existing cloud computing infrastructure.

Aware of the threat to our core business, we immediately began to look for a new anti-DDoS solution with the network capacity and security proficiency to meet our requirements. After an in-depth evaluation of leading DDoS Protection services in several industry comparisons and reviews, we chose Incapsula's cloud-based DDoS Protection service based on its ability to mitigate any type of DDoS attack with virtually zero business disruption.

We conducted an initial trial with Incapsula while still experiencing DDoS attacks of up to 100 Gbps. Incapsula mitigated these attacks, keeping the online trading platforms up at all times.

Our experience so far shows that Incapsula is a marked improvement over other DDoS protection companies we have worked with in the past. Despite the fact that attacks on our high-profile website are still a daily occurrence, traders coming to the site are able to buy and sell without any noticeable degradation in terms of performance and availability.

Through its non-intrusive traffic filtering and an enterprise-grade Web Application Firewall, Incapsula has been stable in protecting our online applications. The service secures websites and applications against all types of DDoS attacks, as well as sophisticated application attacks such as XSS and SQL injections.

Incapsula is now a key component of our security infrastructure. When under DDoS, traffic is routed through Incapsula for screening, where malicious traffic and DDOS attacks are blocked automatically.

By using Incapsula's DDoS Protection, we have achieved concrete benefits:

Cloud-based mitigation of network DDoS attacks - Incapsula mitigates high-volume network attacks through a global network of multi-gigabyte scrubbing centers
Intelligent mitigation of sophisticated application layer attacks - Incapsula uses advanced traffic analysis algorithms, granular mitigation rules and an enterprise-grade WAF to differentiate legitimate website visitors (humans, search engines, etc.) from automated or malicious clients.
"Always on" DDoS protection - Automatic "always on" DDoS mitigation and 24x7 monitoring are effective in stopping "hit & run" DDoS attacks can wreak havoc with solutions that need to be manually turned on and off on every burst.
Dedicated SoC team – An experienced team of Security Operations Center (SOC) engineers performs 24x7 security monitoring and assists with DDoS mitigation as needed.

Incapsula helped us stay up during some of the biggest DDoS attacks on record. This happened at a critical business juncture, when our increasing trading volumes were turning us into the number one bitcoin trading site in the world. We hope to continue working with Incapsula as we gain more exposure and popularity.

Disclosure: PeerSpot has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.

it_user3876Database Manager at a tech company with 51-200 employees

Report as inappropriate

Jan 4, 2014

Incaplsula provides protection against network as well as application level DDoS attacks including UDP Flood, ICMP (Ping) Flood , SYN Flood, Ping of Death , Slowloris and Zero-day DDoS.
Incapsula keeps an extensive DDoS threat knowledge base, which is constantly updated as new threats emerge.

Buyer's Guide

Imperva DDoS

January 2025

Free Report: Imperva DDoS Reviews and More

Learn what your peers think about Imperva DDoS. Get advice and tips from experienced pros sharing their opinions. Updated: January 2025.

DOWNLOAD NOW

831,997 professionals have used our research since 2012.

it_user162618

Security Consultant at a security firm with 501-1,000 employees

Feb 26, 2018

Download

Gives us the ability to differentiate between a positive and a false-positive intruder action

Pros and Cons

"Gives us the ability to trace each connection, and to have logs to be able to differentiate between a positive and a false-positive intruder action."

"I miss being able to integrate the dashboard with other BI tools we are using. We have to export and import data to be able to present it, and doing so is a lot of work."

How has it helped my organization?

It helped us to define wherever there was illicit traffic between our webs, and improved the control we achieved.

What is most valuable?

The ability to trace each connection, and to have logs to be able to differentiate between a positive and a false-positive intruder action.

It is handy to retrieve and download the logs to line up separate actions to identify possible intruder behaviour.

What needs improvement?

At that moment, I miss being able to integrate the dashboard with other BI tools we are using. We have to export and import data to be able to present it, and doing so is a lot of work.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Not at all.

It was a bit pointless to know how many sites were offline every time a spot in the world decided to do maintenance, but we like it as we can handle worldwide issues, knowing what is going on there.

What do I think about the scalability of the solution?

No issues at all, it fulfills our expectations in terms of scalability.

How are customer service and technical support?

Great.

Which solution did I use previously and why did I switch?

We had used many local, and some cloud-based solutions (like Azure, Advanced Nagios, Centreon). We switched for the scalability of the solution, the reporting features it has, as well as the availability to fine tune the solution.

How was the initial setup?

It was straightforward, but we had to fine tune it.

The initial setup blocked some cookies and data from our scrapers which, they said, they never received from us. We investigated and found the WAF was blocking them. It was a lot of work.

What's my experience with pricing, setup cost, and licensing?

It's worth it. It's a fine solution for medium/big companies worried about attacks that happen in the wild.

Which other solutions did I evaluate?

Centreon and Azure.

What other advice do I have?

My best advice could be, if you don't have the staff to carry out security in a proper way, have a tool do it, but use a specialized tool like this one, and don't re-invent the wheel.

Also, in our case, we soon realized that we needed an expert to fine tune it and to obtain all the features we wanted.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

it_user569916

Network and Security Engineer at a consumer goods company with 1,001-5,000 employees

Feb 23, 2017

Download

The dashboard shows us traffic, security, and real-time utilization. The default configuration usually does the trick for us.

What is most valuable?

Very easy to configure, which quickly allows us to add significant security to our websites.
Nice dashboard, which shows us details about traffic, security, performance, real-time utilization and an activity log.
Easy to configure caching, content optimization and other advanced settings, which allows us to improve the customer experience if necessary, or keep the defaults if any change is unnecessary.

How has it helped my organization?

With our IT infrastructure more secure, our customers receive a great website experience without encountering website defacements and other fallout from attacks on our web servers. Our IT department is not spending the time we used to on website remediation after attacks.

What needs improvement?

An Incapsula website configuration instance can be in a "Pending DNS changes" state, where further work is needing to be done by the customer, while website access is otherwise fully functional. While in this state, the PCI Compliance Report for the website in question, which I have set to email me monthly, doesn't get generated and sent. Imperva should decouple the "Pending DNS changes" state from the process that periodically emails the PCI Compliance Report. Until that happens, the workaround is to manually generate the report monthly.

For how long have I used the solution?

Since May 2014.

What do I think about the stability of the solution?

We haven’t had any stability issues. I get emails about internal Incapsula technical issues that they’re working on. However, they haven’t ever impacted me as an administrator and I’m unaware of any customers experiencing issues getting to our websites.

What do I think about the scalability of the solution?

Incapsula scales nicely.

How are customer service and technical support?

Technical support is excellent.

Which solution did I use previously and why did I switch?

Prior to Incapsula, we only used inline IPS, anti-virus, etc. Incapsula is our first web application firewall.

How was the initial setup?

Initial setup was very easy. The default configuration usually has done the trick for us. We simply haven’t needed to deviate much from default. Online documentation is good and if we still had questions, we contacted support who helped us make configuration changes to address our needs.

What's my experience with pricing, setup cost, and licensing?

Gain an understanding of pricing for the various advanced features and figure out what features you need to meet your objectives. We have done very well with the first tier feature package to address the needs at our two data centers and our cloud environments.

Which other solutions did I evaluate?

We got a feel for pricing and capabilities of other competing systems. However, Incapsula came highly recommended by our trusted security VAR as they had many customers who experienced great results with it. With that ringing endorsement, and the reasonable cost, we tried it out, loved it, and have been using it ever since.

What other advice do I have?

Do a proof-of-concept. It’s quick and easy to set up, and you’ll have Incapsula support to help you if needed. Embrace the ease-of-use of the administrative interface and marvel “can a WAF really be this easy?!”. Monitor the dashboard and enjoy the results. The ease of testing Incapsula and then implementing it into production is one of the most remarkable product experiences in my IT career. It’s clear that Incapsula engineers are busy behind the scenes, which is in contrast to my appreciation of what I would otherwise be doing tuning other WAF options.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

it_user573036

Client Relations Coordinator at a marketing services firm

Dec 19, 2016

Download

Good customer support.

What is most valuable?

Customer Support has been the biggest help in dire situations. Their control panel is nice but support has been the best.

How has it helped my organization?

When under DDoS, we are able to get piece of mind to our clients since they know a large, technical company is dedicated to getting the issues resolved.

What needs improvement?

More products, especially for smaller companies that could benefit them.

For how long have I used the solution?

About 3 months.

What was my experience with deployment of the solution?

None.

What do I think about the stability of the solution?

None yet.

What do I think about the scalability of the solution?

Not that I know of.

How are customer service and technical support?

Customer Service:

10/10

Technical Support:

8/10

Which solution did I use previously and why did I switch?

We had a sysadmin but he was unable to keep up. No other parties were used.

How was the initial setup?

Yes, it was straightforward for our IT team to implement.

What about the implementation team?

In house.

What's my experience with pricing, setup cost, and licensing?

We ate the cost so it wasn't passed on to the client.

Which other solutions did I evaluate?

From my understanding, our CEO had multiple parties on the table but decided Incapsula was the best fit for us.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

it_user508662

IT & DevOps Engineer at a comms service provider with 501-1,000 employees

Sep 29, 2016

Download

It has SSL support and content caching. You can 'play' with the rules as much as you'd like.

What is most valuable?

We are using Incapsula as our web application firewall and for DDoS protection, and it performs really well at its job. Incapsula packs some great features, such as SSL support, content caching and the ability to 'play' with the rules as much as you'd like.

How has it helped my organization?

Since this is the very first WAF solution that we evaluated and tried to integrate into our AWS environment, I can't really say that it has improved anything, but the fact is, we never looked the other way.

What needs improvement?

Incapsula has a built-in monitoring module, but it is a paid feature; I would expect that for the price we pay for the basic service, we would be able to integrate a monitoring solution, even a simple one.

In addition to that, Incapsula doesn't feature the option to add/remove available SSL protocols and/or ciphers.

For how long have I used the solution?

We have been using Incapsula for a little more than six months.

What was my experience with deployment of the solution?

The only problem we encountered with Incapsula regarding deployment is with their Performance solution that allows caching the hosted sites. The dynamic caching sometimes causes issues and we need to manually purge all of the cache from their system after a new version has been deployed, in order for new content to load properly.

How are customer service and technical support?

Technical support is excellent. In the few times we tried to contact Imperva's support, we received quick and swift replies.

Which solution did I use previously and why did I switch?

I did not previously use a different solution.

How was the initial setup?

The initial deployment is very straightforward; you follow a very simple setup wizard that guides you which changes you need to perform and where.

What about the implementation team?

We received the recommendation regarding Incapsula from Emind, a third-party vendor that helped us deploy our environment over at Amazon. The rest was performed by our in-house IT/Devops teams.

What other advice do I have?

I highly recommend Incapsula for anyone that is looking to integrate a WAF and DDoS protection into their environment.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

reviewer1262313

Solutions Architect at a financial services firm with 201-500 employees

Jul 21, 2020

Download

Easy to configure, simple to set up, and quite stable

Pros and Cons

"The solution's most valuable aspect is that it is easy to configure."

"The log analytics interface within Incapsula isn't really good. For example, if you have to get all logs from there, it's a very cumbersome process."

What is our primary use case?

We are using the solution as a WAF. Beyond that, I can't divulge too much information about the details surrounding how we use the solution as part of a confidentiality agreement we're under with clients.

What is most valuable?

The solution's most valuable aspect is that it is easy to configure.

The solution keeps itself up to date itself and there's no customization that we need to do. It makes it extremely easy and cut back on the amount of work required, and saves us on man-hours.

The initial setup is fairly easy.

What needs improvement?

The log analytics interface within Incapsula isn't really good. For example, if you have to get all logs from there, it's a very cumbersome process.

The solution doesn't seem to come with any other additional features. There are other products in the market today that give you an overall network perimeter protection. Incapsula is good for what it is, but it can expand its horizon a lot if it decides to include more network perimeter protection features and capabilities. It needs items, for example, at endpoints and some sort of firewall that can work at multiple levels. Items of that nature will really bump up the security and make it a much better product.

For how long have I used the solution?

We've been using the solution for a while now. It's been about three or four years at least.

What do I think about the stability of the solution?

The solution is fairly stable. I don't think we've had to deal with crashes of the system. There aren't bugs and glitches. We find it to be reliable.

What do I think about the scalability of the solution?

We haven't had any issues with the scalability the solution provides. If a company needs to scale this product they can do so pretty easily.

How are customer service and technical support?

I've never contacted technical support, and I'm unsure if anyone on my team has, either. I wouldn't be able to speak to the quality of service they provide.

How was the initial setup?

The initial setup was not complex at all. It was pretty straightforward.

The deployment of the solution, which included the design phase of the process, took a few months to complete.

We have our own in-house team that handles any maintenance that needs to happen on an ongoing basis.

What other advice do I have?

We're simply a customer. We don't have a business relationship with the company at this time. We use the product ourselves. We aren't resellers or integrators.

I'd advise other companies, based on the scale of the organization and complexity, that if one has to choose a product, a company cannot choose a product from someone else's say so. It would depend on how complex their network design is. If it's fairly simple, then there's only one thing they need there. Multiple layers mean that this solution may not be the right product. A company has to do the research to find out if there are other products that are offering more of what they want, according to their unique requirements.

I'd rate the solution eight out of ten. If the solution was a bit more complete, and offered, for example, perimeter protection, I would give it higher marks.

Disclosure: I am a real user, and this review is based on my own experience and opinions.