Imperva DDoS Reviews

We are using this solution for web application firewall protection for the website and web application. I'm a user of this product and work as an information systems security manager. 

I'm very happy with the solution. The most valuable aspect of it is that it blocks all types of attacks.

I think the product could be improved by reducing the price. It would help if they came up with pricing options because as it is now if you're a big company and use the site often, it's more expensive. 

I've been using this solution for almost four years. 

Stability and scalability are fine. 

I don't use the technical support, but my colleagues do and they haven't mentioned any problems. 

I would rate this solution a nine out of 10. 

Infrastructure protection (anti-DDoS): Imperva anti-DDoS protection has the well-known value of having lots of distributed nodes around the world, making it the best value for DDoS protection. They also include protection against almost all known DDoS attack methods.

The product has given us DDoS protection.

The management interface needs improving. Even with a recent version of the interface, you cannot do all the changes that you would like. As an example, if you want to change one of your protected public IP addresses, you need to request this from support, and it takes a long time.

I have used it for 10 months.

There were stability issues. One node went down and we completely lost the connectivity of our public IP addresses.

We have not encountered any scalability issues.

We rate technical support as really bad. It took one month to solve an issue with one node and give us an alternative solution. Apart from the management interface, support service has to improve their response times (based on our experience with them).

We did not previously use any other solutions.

Initial setup was simple, except for the GRE tunnel issues and MTU tuning.

We think that this product is fairly priced considering other products.

We evaluated Arbor Networks.

Check the SLAs carefully.

The added security is the biggest bonus feature, as our websites are not usually under extreme load but do have highly sensitive data. A good WAF can be difficult enough to configure even without many of the advanced security features that Imperva Incapsula includes: SQL injection prevention, bot attack recognition and notification, and DDoS.

Our audit experience is made much more simple due to having this solution. It is an answer to many security issues. We have all of the same sites available and audited internally. This extra layer of security helps with the external 'monitoring and alerting' and keeps that heavy administration portion to those who can handle it at scale a lot easier.

The API is lackluster but especially for 'customers'. The only thing we wanted to use the API for was only available to resellers.

I have been using it for 5+ years.

I have not encountered any stability issues at all.

We have a multitude of DNS names for essentially the same site. Despite that, we have to pay for each of these separately as different sites. This model is unfortunate for us but we find the service to be worth it. I could see this being a potential issue, while it is not yet.

I have had to contact support only once for API support and it was a good experience.

Initial setup was simple but admittedly handled by a different person. I have set up and decommissioned sites with ease.

You get a better bang for your buck with converged DNS site names. If you use separate DNS for smaller portions of a site, it will increase your licensing cost.

Before choosing this product, I did not evaluate other options.

Keep your sites strongly secured but sleep easier knowing Imperva Incapsula continuously baffles our penetration testers.

• Caching and CDN
• WAF

We are using caching and CDN heavily, for certain campaigns we ended up in 80%+ of all the traffic served by Incapsula without passing to the origin servers.

We were PCI-complaint before using Incapsula; however, it is always better to have one more layer of security.

No DDOS attacks for now, but let's see once we face it.

Caching rules are really basic now and lots of space for improvement here.

- For example, Incapsula does not check the protocol (HTTP vs. HTTPS) when serving cached pages.

- There is no possibility to create a caching rule based on a regular expression.

No issues encountered.

No issues encountered.

No issues encountered.

Their support team is great and you get a response/resolution within five minutes of submitting a support ticket.

You can save some licenses/money if you have your own load balancer. No matter how many websites your load balancer is serving, you will need only one Incapsula ‘website’. We’ve managed to use two Incapsula ‘websites’ to serve approximately 150 real websites.

Imperva Incapsula is used for web applications. 

Our customers required the security of their web applications. We were asked to install this solution for their web solutions based on their throughputs and requirements.

We had an issue when securing the web applications for DDoS protection.

When using protection for some web applications, the customer may encounter a few issues.

I have been working with Imperva Incapsula for several months.

We have deployed the cloud version, and we use the on-premise version for testing.

Imperva Incapsula is a stable solution.

Imperva Incapsula is scalable.

We have two or three users in our company.

In order to increase our usage, We must publicize the fact that we have such a solution. I believe we had to use LinkedIn or some other solution to publish it. We need to inform our customers that we have a solution like this.

Technical support was very helpful.

The initial setup is not overly complex, but it could be easier.

There is a license or subscription renewal that our customers pay.

I would recommend this solution to others who are interested in using it.

I would rate Imperva Incapsula an eight out of ten.

Security rules and DDoS protection.

Well, just by using the security rules to block all secured areas by IP minimized the chance of sensitive data leaking outside.

I'd like it to work with Let's Encrypt.

1.5 years

No issues.

No issues.

No issues.

Once going enterprise, support is excellent.

Once going enterprise, support is excellent.

CloudFlare and I switched because we needed more locations.

Took us 10 minutes and we just waited for the DNS update.

In house.

No ROI since we use it for protection. Its an additional expense with no ROI expectations.

Always check the enterprise option, it gave us great rates.

We used CloudFlare in the past and we thought about working with Reblaze.

Try it for 30 days, it will amaze you.

WAF configuration is the most valuable feature.

• Reduced spammers during competitions
• Bot reduction

Improve reporting interface and filtering.

I have used it for two years.

We have not encountered any deployment issues.

Mostly, we have not encountered any stability issues, except the occasional leak from the HK pod.

We have not encountered any scalability issues.

Customer service is good.

Technical support is good.

We previously used Fortinet.

Our ROI is about 45% since deployment on reduction of our cloud bill.

Pricing and licensing is extremely competitive.