Imperva DDoS Reviews

• Caching and CDN
• WAF

We are using caching and CDN heavily, for certain campaigns we ended up in 80%+ of all the traffic served by Incapsula without passing to the origin servers.

We were PCI-complaint before using Incapsula; however, it is always better to have one more layer of security.

No DDOS attacks for now, but let's see once we face it.

Caching rules are really basic now and lots of space for improvement here.

- For example, Incapsula does not check the protocol (HTTP vs. HTTPS) when serving cached pages.

- There is no possibility to create a caching rule based on a regular expression.

No issues encountered.

No issues encountered.

No issues encountered.

Their support team is great and you get a response/resolution within five minutes of submitting a support ticket.

You can save some licenses/money if you have your own load balancer. No matter how many websites your load balancer is serving, you will need only one Incapsula ‘website’. We’ve managed to use two Incapsula ‘websites’ to serve approximately 150 real websites.

There is no need to have an in-house WAF to manage and maintain. We are now able to bring a new website live within minutes, without false positive alerts. It has Improved user/customer experience and website performance.

IncapRules is one of the most valuable features, as you can create your own security and access control rules on top of your security policy. Using IncapRules we were able to easily block Layer 7 DDoS attacks several times.

Real-time monitoring is also a great tool, as you may watch several parameters in real time.

It would be better if we were able to manage and apply changes to multiple websites/web applications, and search WAF logs for multiple websites, via the Incapsula dashboard.

The first year we faced one or two incidents, but since then we not had any stability issues.

No issues with scalability. You need not worry about scalability. Incapsula takes care of the CDN infrastructure and bandwidth volume, providing several enterprise "load balancing" features.

Incapsula’s support personnel is very good, positive, and most of them passionate. Sometimes a second-level support might be required for more complex requests. Additionally, you may see a slight delay in replying to support tickets, but you are able to contact them via phone for critical cases and prompt response.

We were using Akamai and we switched to Incapsula mainly due to the WAF effectiveness and total cost.

Not only the initial, but also the final setup, is straightforward.

For enterprise contracts you will be in touch with a dedicated account manager who will guide you regarding licensing.

We evaluated Akamai. Akamai had a bigger CDN network and probably better performance worldwide (especially on the Chinese mainland) but their WAF is very pure and not effective at all.

Go for it and request a free trial.

Customer Support has been the biggest help in dire situations. Their control panel is nice but support has been the best.

When under DDoS, we are able to get piece of mind to our clients since they know a large, technical company is dedicated to getting the issues resolved.

More products, especially for smaller companies that could benefit them.

About 3 months.

None.

None yet.

Not that I know of.

10/10

8/10

We had a sysadmin but he was unable to keep up. No other parties were used.

Yes, it was straightforward for our IT team to implement.

In house.

We ate the cost so it wasn't passed on to the client.

From my understanding, our CEO had multiple parties on the table but decided Incapsula was the best fit for us.

• CDN
• DDoS protection
  

Basically, before we found Incapsula, we were getting hit with 5-10 gigabit DDoS attacks, and we were trying to figure out how to fight the attacks. Therefore, we tried Incapsula out on one site, and through the trial we saw what the solution could do – the attacker gave up after a few tries. Once we signed up for an enterprise account with all ten sites we saw the attacks drop weekly.

It would be nice to get a feed from Incapsula to import into our system. We have to have multiple dashboards open at the same time, and it would be nice to have one single dashboard with all our information.

I've used it for eight months.

No issues encountered.

No issues – it has been particularly stable.

Scalability has been pretty good, our European traffic has doubled and our sales have gone up along with our stability.

10/10

10/10 – within 5 minutes we have had a response.

We used a NetScaler mitigation appliance – nothing worked that well, we were getting attacks and they were taking down services.

Setup was fairly straightforward. It took about 10 minutes as I had to fine tune it with our API to mitigate what traffic was being blocked. I was able to determine that pretty quickly and adjust accordingly.

We did it in-house.

Probably about $150,00-$190,000 savings. It's hard to predict, but that would be my ROI estimate.

It costs around $7/month, really cheap.

We looked at CloudFlare. We tried it but it didn’t work that well.

Make sure you use a premium DNS provider. We had to move from a basic DNS provider to a more complex one to get it work with Incapsula 100%.

WAF configuration is the most valuable feature.

• Reduced spammers during competitions
• Bot reduction

Improve reporting interface and filtering.

I have used it for two years.

We have not encountered any deployment issues.

Mostly, we have not encountered any stability issues, except the occasional leak from the HK pod.

We have not encountered any scalability issues.

Customer service is good.

Technical support is good.

We previously used Fortinet.

Our ROI is about 45% since deployment on reduction of our cloud bill.

Pricing and licensing is extremely competitive.

I like the interface, customer service, and info updates.

We can now quickly respond to issues, as opposed to trying to find the technical problem on our end. We can now quickly address the problems of our clients in an effective manner.

I have found some issues with caching; seems to be inconsistent

I have used it for five months.

We have not encountered any deployment issues.

We have encountered very few stability issues, but those could be more due to the stability of our servers.

We have not encountered any scalability issues.

Customer service is 8/10.

Technical support is 8/10.

We did not previously use a different solution, but we researched other solutions. Incapsula was highly regarded and we were simply wowed.

Initial setup was pretty straightforward on our end. Thanks for that!

We did the implementation in house using our own personnel.

I'm not sure about ROI.

Load balancing and DDoS protection.

Delivery services and information security.

One year.

None, the deployment was very fast and easy.

None.

Excellent, they answered all our questions.

Very good, the information provided by Imperva for the deployment was very clear.

No.

Straightforward.

Imperva and in-house team, the support provided from the Imperva team was very reliable.

Consider the unification of websites.

No.

Security rules and DDoS protection.

Well, just by using the security rules to block all secured areas by IP minimized the chance of sensitive data leaking outside.

I'd like it to work with Let's Encrypt.

1.5 years

No issues.

No issues.

No issues.

Once going enterprise, support is excellent.

Once going enterprise, support is excellent.

CloudFlare and I switched because we needed more locations.

Took us 10 minutes and we just waited for the DNS update.

In house.

No ROI since we use it for protection. Its an additional expense with no ROI expectations.

Always check the enterprise option, it gave us great rates.

We used CloudFlare in the past and we thought about working with Reblaze.

Try it for 30 days, it will amaze you.