Imperva DDoS Reviews, Competitors and Pricing

it_user818130

System Administrator at a tech services company with 51-200 employees

Mar 8, 2018

Download

We have peace of mind that nobody will use malware on us or try to hack our website

Pros and Cons

"On the site security, I can see which countries have incidents, whether it was a robot attack, a real human user, or non-human user."
"On the activity log, I can see the exact details, the visit, and the threat."
"The dashboard is good and user-friendly."
"On the real time, you can see live traffic, which is flowing into our website."

"I am not sure if this application has a policy where you can create your custom policy and run it as our firewall. We should have some ability to also create some custom policy, then run it as a firewall."

What is our primary use case?

We use Incapsula as a firewall on our website which can block any suspicious attempts from the outside of the company. For example, if someone is trying to hack our website or put malware on it, it blocks them.

How has it helped my organization?

When I joined the company, one of our websites was hacked by malware (somebody put it on our website). The website went down for a long time. It took two weeks to clear the server and move everything: all the content, clean it, bring it up, and start again. By using this application, the firewall is blocking every suspicious activity and event. Now, we are safe. We have peace of mind that nobody will use malware on us or try to hack our website. With this application, we have some peace of mind that everything is blocked by Incapsula.

What is most valuable?

I like to see the security. On the site security, I can see which countries have incidents, whether it was a robot attack, a real human user, or non-human user. For this feature, I like it because I can see information quickly without going into long logs and details. It is very comprehensive regarding what is going on behind the scenes on the website traffic.
The option saying activity launch. On the activity log, I can see the exact details, the visit, and the threat. If I click on the details, it shows me exactly where it came from, who the user agent is, and what page they tried to enter. Then, it gives me the session. Also, I have the option to put them on the blacklist or the white list. Therefore, I like this option because it is more detailed. If someone causes more than one of the incidents, then they are maybe suspicious, and we want to learn more about it. Here we can get the data, and under the data, we can see the IP addresses, therefore tracking and copying that IP address and putting it under IP lookup.
The dashboard is good and user-friendly. You can easily understand it, even if you don't have any prior knowledge. Looking at it, you can easily see what is happening because it is a very user-friendly menu and user interface. I don't come from this exact background, but it seems I am supposed to manage and work with this stuff. Because of the user interface, I can understand even without having prior knowledge or education of it.
The real-time option is cool as well. On the real time, you can see live traffic, which is flowing into our website.

What needs improvement?

I am not sure if this application has a policy where you can create your custom policy and run it as our firewall. We should have some ability to also create some custom policy, then run it as a firewall. Maybe it is not relevant, but I think this would be a good option.

Some things previously happened where we moved one of our websites to a new host and new server, then we had difficulty putting in our user credentials to Incapsula because we could not find them. My boss was aggravated with the issue. I believe he contacted Incapsula and found out how to use the credentials for the website. They had changed the user interface a couple months ago. It was different than now. We had to put some information from the website domain to Incapsula login order to activate it, because they had changed the user interface.

Buyer's Guide

Imperva DDoS

November 2024

Free Report: Imperva DDoS Reviews and More

Learn what your peers think about Imperva DDoS. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.

DOWNLOAD NOW

816,660 professionals have used our research since 2012.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It is a stable product.

What do I think about the scalability of the solution?

It is not used at a high level, but we just put it in and configured it with our website. So, for the things that we have to run, it works just fine. I have no idea about any other scalability. However, it is just fine for the reason that we are using it.

How are customer service and support?

I have never had a ticket with technical support, but I believe that they are supportive.

Which solution did I use previously and why did I switch?

I was not involved with any solution in the company prior to Incapsula. When I came to this company, we were using this solution.

How was the initial setup?

Someone else set it up.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.

it_user574089

Security Architect at a financial services firm with 501-1,000 employees

Feb 8, 2017

Download

The anti-DDoS protection has distributed nodes around the world.

What is most valuable?

Infrastructure protection (anti-DDoS): Imperva anti-DDoS protection has the well-known value of having lots of distributed nodes around the world, making it the best value for DDoS protection. They also include protection against almost all known DDoS attack methods.

How has it helped my organization?

The product has given us DDoS protection.

What needs improvement?

The management interface needs improving. Even with a recent version of the interface, you cannot do all the changes that you would like. As an example, if you want to change one of your protected public IP addresses, you need to request this from support, and it takes a long time.

For how long have I used the solution?

I have used it for 10 months.

What do I think about the stability of the solution?

There were stability issues. One node went down and we completely lost the connectivity of our public IP addresses.

What do I think about the scalability of the solution?

We have not encountered any scalability issues.

How are customer service and technical support?

We rate technical support as really bad. It took one month to solve an issue with one node and give us an alternative solution. Apart from the management interface, support service has to improve their response times (based on our experience with them).

Which solution did I use previously and why did I switch?

We did not previously use any other solutions.

How was the initial setup?

Initial setup was simple, except for the GRE tunnel issues and MTU tuning.

What's my experience with pricing, setup cost, and licensing?

We think that this product is fairly priced considering other products.

Which other solutions did I evaluate?

We evaluated Arbor Networks.

What other advice do I have?

Check the SLAs carefully.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide

Imperva DDoS

November 2024

Free Report: Imperva DDoS Reviews and More

Learn what your peers think about Imperva DDoS. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.

DOWNLOAD NOW

816,660 professionals have used our research since 2012.

it_user504216

Systems Administrator at a financial services firm with 501-1,000 employees

Aug 31, 2016

Download

Added security is the biggest bonus, as our websites have highly sensitive data.

Valuable Features

The added security is the biggest bonus feature, as our websites are not usually under extreme load but do have highly sensitive data. A good WAF can be difficult enough to configure even without many of the advanced security features that Imperva Incapsula includes: SQL injection prevention, bot attack recognition and notification, and DDoS.

Improvements to My Organization

Our audit experience is made much more simple due to having this solution. It is an answer to many security issues. We have all of the same sites available and audited internally. This extra layer of security helps with the external 'monitoring and alerting' and keeps that heavy administration portion to those who can handle it at scale a lot easier.

Room for Improvement

The API is lackluster but especially for 'customers'. The only thing we wanted to use the API for was only available to resellers.

Use of Solution

I have been using it for 5+ years.

Stability Issues

I have not encountered any stability issues at all.

Scalability Issues

We have a multitude of DNS names for essentially the same site. Despite that, we have to pay for each of these separately as different sites. This model is unfortunate for us but we find the service to be worth it. I could see this being a potential issue, while it is not yet.

Customer Service and Technical Support

I have had to contact support only once for API support and it was a good experience.

Initial Setup

Initial setup was simple but admittedly handled by a different person. I have set up and decommissioned sites with ease.

Pricing, Setup Cost and Licensing

You get a better bang for your buck with converged DNS site names. If you use separate DNS for smaller portions of a site, it will increase your licensing cost.

Other Advice

Keep your sites strongly secured but sleep easier knowing Imperva Incapsula continuously baffles our penetration testers.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

it_user304074

Sales office at a real estate/law firm with 51-200 employees

Sep 21, 2015

Download

It's improved the speed of our website and setup is straightforward, although the file-purging function could be improved.

What is most valuable?

CDN
Site performance

How has it helped my organization?

The website itself is our first priority and we have seen improvements in that area -- it's faster.

What needs improvement?

Although we're only using it for the accelerator part, the purging of files and the way this feature functions could use improvement. It requires the user to either purge everything or go through specific files, but if you do, the latter doesn’t always work. So with the single files sometimes there is more difficulty.

For how long have I used the solution?

I've used it for a few months now.

What was my experience with deployment of the solution?

No issues. It was very straightforward.

What do I think about the stability of the solution?

No issues.

What do I think about the scalability of the solution?

It meets our needs right now. In the following months we are well within our package, but in the long term, we have to see if the cost will go up too much for our project’s needs. We are well covered for now.

How are customer service and technical support?

Customer Service:

9.5 -- they're very good.

Technical Support:

9.5 -- turnaround is very fast.

Which solution did I use previously and why did I switch?

No, as we are a fairly new project so we have no other experience with another solution. However, we did look at CloudFlare, Limelight, and CDN networks.

I had a gut feeling about the product right from the get-go.

How was the initial setup?

Very straightforward setup.

What about the implementation team?

It really depends what you're looking for. If you need to have a straightforward CDN, this CDN would probably be too expensive. If you want one solution with an all-in-one package for CDN and acceleration, I would definitely recommend Incapsula.

it_user71697

Engineer with 51-200 employees

Dec 1, 2013

Using Incapsula’s DDoS Protection and Load Balancing we maximized our Website Security and Availability

To support the growing traffic to our website from online traders, we realized that strong protection from DDoS and other types of attacks was only part of the equation. To ensure high availability (99.999% uptime) and consistent performance for our users, we also needed the ability to efficiently distribute website traffic across multiple servers.

As our online business grew, it became clear to us that we needed an enterprise-grade service that was able to combine powerful DDoS mitigation together with advanced load-balancing capabilities that would enable us to cost-effectively scale beyond the capacity of a single web server, as well as supporting automatic failover to prevent downtime.

Our previous cloud-based DDoS mitigation service supported load balancing via DNS, which by definition is TTL-reliant. This means that in the event of an overloaded server, for example, it may take several minutes before traffic is re-routed to another server. In the meantime, users continue to be routed to the overloaded server, further adding to the load and increasing latency. Another disadvantage of this load balancing method is that TTL may vary for different geographies and ISPs.

In the extremely time-sensitive world of online trading, it is mandatory that all traders have access to the same information at the same time. DNS-based load balancing was not suitable for our business model and impaired the user experience.

With these requirements in mind, we started our search for an alternative solution and came across some reviews of Incapsula in online industry forums.

Following an evaluation of Incapsula against our previous solution, we decided to purchase Incapsula’s comprehensive Enterprise plan, including “always on” DDoS Protection, an enterprise-grade WAF, Load Balancing and a global CDN. Incapsula was initially onboarded for a single server. We added a second server one week later for purposes of Load Balancing and Failover.

The key factors in our choice of Incapsula was that we were particularly impressed with its enterprise-grade WAF, powerful non-intrusive DDoS protection and efficient load balancing capabilities. From a management point of view, Incapsula’s real-time statistics, easy setup procedures and detailed control panel also represented a significant improvement from our previous solution.

We use Incapsula's service to secure our online trading platform against any type of DDoS attack (Layers 3, 4 & 7) with virtually zero business disruption. All incoming traffic to our online trading application is filtered by Incapsula, which automatically detects and blocks DDOS attacks and other types of malicious traffic. In addition, Incapsula’s sophisticated and scalable load balancing solution supports several different traffic distribution methods with built-in monitoring and failover capabilities to ensure high availability.

By using Incapsula's service, we have achieved several concrete benefits:

Layer 7 load balancing – Tracks HTTP requests as they are being processed by the origin servers, intelligently distributes the traffic in accordance with actual server loads, and reacts quickly to lags even before the server becomes unresponsive
Cloud-based mitigation of network DDoS attacks - Mitigates high-volume network attacks through a global network of multi-gigabyte scrubbing centers
Intelligent mitigation of sophisticated application layer attacks - Uses advanced traffic analysis algorithms, granular mitigation rules and an enterprise-grade WAF to differentiate legitimate website visitors (humans, search engines, etc.) from automated or malicious clients.
Real-time statistics - Provides a complete, real time view of incoming traffic, security events and server load distribution, allowing rapid response to security events and supporting real-time data driven decisions.

Incapsula has proven to be a very effective solution for meeting our rigorous security and load balancing requirements. Real-time statistics rock – it’s like having your own NOC at the click of a button, and helps us to better manage our website with 360-degree visibility of all events.

Disclosure: PeerSpot has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.

it_user3876Database Manager at a tech company with 51-200 employees

Report as inappropriate

Jan 21, 2014

Thanks for sharing your personal experience. Would you please like to tell that how much Incapsula’s enterprise plan cost you?

it_user67500

Developer with 51-200 employees

Oct 24, 2013

We Use Incapsula's DDoS Protection Service to Maximize Availability and Performance

In September 2013, our online store was the victim of a prolonged three-week application-level DDoS attack. Mitigating this type of Layer 7 DDoS attack is a major challenge for security solutions, since malicious bot traffic often appears to be requests from legitimate users. During this attack, our existing anti-DDoS solution was not able to effectively filter out the malicious traffic, which meant that innocent e-commerce customers were blocked from accessing the sites or were forced to unnecessarily fill out CAPTCHA challenges.

As an e-commerce company, website security is central to our core business. We needed a DDoS protection solution that would enable us to maintain "business as usual" even under attack, with minimum disruption to the user experience. Minimizing false positives was a crucial requirement, since the easiest way to lose a customer is to block her from accessing the site.

Realizing that our previous solution was not equipped to handle this type of sophisticated application-level DDoS attack, we sought a DDoS Protection service capable of correctly filtering all types of DDoS attacks from legitimate website traffic, without affecting the online experience for our customers.

During our search for a new solution, we came across Incapsula and were impressed by industry comparisons such as the one appearing on TopTenReviews.com showing the clear superiority of Incapsula over our existing service in terms of professionalism, performance and security.

We decided to give Incapsula a try and initially activated their service on our French domain. It quickly became clear to us that Incapsula was the right solution to handle the DDoS attacks that we face. After only six days, we signed a contract and moved our other domains to Incapsula's service as well.

We are now using Incapsula's always-on DDoS Protection service to secure our online stores against the largest and smartest types of DDoS attacks - including network, protocol and application level (Layers 3, 4 & 7) attacks – with minimal business disruption.

Incapsula is now a key component of our security infrastructure. When under DDoS, traffic is routed through Incapsula for screening, where malicious traffic and DDOS attacks are blocked automatically.

By using Incapsula's DDoS Protection, we have achieved concrete benefits:

Intelligent mitigation of sophisticated application layer attacks - Incapsula uses advanced traffic analysis algorithms, granular mitigation rules and an enterprise-grade WAF to differentiate legitimate website visitors (humans, search engines, etc.) from automated or malicious clients.
Transparent mitigation with less than 0.1% False Positives - Incapsula applies a set of progressive and non-intrusive challenges that are designed to ensure the optimal balance between strong DDoS protection and an uninterrupted user experience, without the need for annoying delay and CAPTCHA screens.
"Always on" DDoS protection - Automatic "always on" DDoS mitigation and 24x7 monitoring are effective in stopping "hit & run" DDoS attacks can wreak havoc with solutions that need to be manually turned on and off on every burst.
Cloud-based mitigation of network DDoS attacks - Incapsula mitigates high-volume network attacks through a global network of multi-gigabyte scrubbing centers
Dedicated NOC team – An experienced team of Network Operations Center (SOC) engineers performs 24x7 security monitoring and assists with DDoS mitigation as needed.

Since activating Incapsula on our sites, we have solved our DDoS problem and couldn't be more pleased with our overall website performance and security. Equally important, Incapsula's technical support and commercial teams have been very responsive throughout the initial rollout phase.

it_user2652Project Manager at a non-tech company with 10,001+ employees

Report as inappropriate

Nov 17, 2013

Nice and informative information. Could you share your customer service experience for the product Incapsula regarding license renewal and for critical DDOS incidents?

it_user814458

Manager Business Development at Seguridad América

Mar 7, 2018

Download

The complete solution is valuable for everything it delivers and the protection it offers.

Pros and Cons

"The complete solution is valuable for everything it delivers and the protection it offers."
"An improvement has been to our website: It increases the speed of our response, the capacity of the site, and optimizes the bandwidth."
"Technical support provides good, quick responses."

How has it helped my organization?

An improvement has been to our website: It increases the speed of our response, the capacity of the site, and optimizes the bandwidth.

What is most valuable?

More than features, the complete solution is valuable for everything it delivers and the protection it offers.

What needs improvement?

Acquire it for all the benefits that this solution brings to organizations, especially nowadays, when we live in a technological era where the speed and response times of the different websites are valued so much.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Never.

What do I think about the scalability of the solution?

None.

How are customer service and technical support?

Technical support provides good, quick responses.

Which solution did I use previously and why did I switch?

No.

How was the initial setup?

Initial setup is very simple, since it is enough to change the servers in and out of the site to make it work.

What's my experience with pricing, setup cost, and licensing?

Although the pricing can be a little high, it is worth the protection and security that it offers.

Which other solutions did I evaluate?

I only saw Cloudflare and Akamai, but the latter is very expensive.

What other advice do I have?

It is an excellent product.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.

it_user298473

Cyber Response Analyst at a insurance company with 1,001-5,000 employees

Jan 25, 2016

Download

Its DDoS Protection and Load Balancing helped maximize our security by adding an extra layer of protection.

Valuable Features:

DDoS Protection
Load Balancing

Improvements to My Organization:

Incapsula’s DDoS Protection and Load Balancing really helped maximize our security. It added an extra layer of protection.

Threat monitoring allows us to save time when responding to an incident. Previously we would have had to analyze logs, generate reports which takes time that could be spend remediating issues. Incapsula gives an uncomplicated overview of what is happening among other things.

Incapsula's DDoS protection service delivers immediate and comprehensive protection for both network and application level (Layer 7). DDoS is a hugely beneficial feature.

Disclosure: I am a real user, and this review is based on my own experience and opinions.