Try our new research platform with insights from 80,000+ expert users
Fairuz Zazli - PeerSpot reviewer
Lead Client Service Manager at Nexagate Sdn Bhd
Reseller
A self-managed service that is easy to deploy and offers regular updates
Pros and Cons
  • "One good thing about Imperva Web Application Firewall is it can be on the cloud and also it can be on-premise."
  • "I don't really use it and therefore can't speak to areas of improvement."

What is our primary use case?

We primarily use the solution as a firewall.

What is most valuable?

One good thing about Imperva Web Application Firewall is it can be on the cloud and also it can be on-premise. Either way, you can use it, and it's quite easy. 

It's quite easy to deploy. It is also a self-managed service. It's quite straightforward.

They do provide updates on a quarterly or half-yearly basis.

What needs improvement?

I don't really use it and therefore can't speak to areas of improvement. 

For how long have I used the solution?

We've been using it for probably three or four years.

Buyer's Guide
Imperva Web Application Firewall
December 2024
Learn what your peers think about Imperva Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
823,795 professionals have used our research since 2012.

What do I think about the stability of the solution?

The solution is stable. 

What do I think about the scalability of the solution?

Scalability-wise, it is not so scalable as the solution is quite straightforward. There's not much you can scale with the solution.

Mainly, the IT department uses the solution and there are ten to 20 of them.

How are customer service and support?

Technical support is quite helpful and responsive. They support us well and they are available worldwide so it's quite easy to get help.

How was the initial setup?

The product is very easy to deploy. It's simple and straightforward. It's not an overly complex solution.

Within half a day you can have it up and running. You just need two people to deploy and maintain the solution. 

What other advice do I have?

We are users and also we are resellers.

The version we are using is the latest version. 

It has many valuable options or features. You just need to know what you need for your organization. If not, Imperva will probably tend to sell you almost everything. You just need to know what are the options that you need for your organization. Apart from that, the whole process is quite fast and it's quite reliable.

I'd rate the solution an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Customer/Reseller
PeerSpot user
reviewer1358583 - PeerSpot reviewer
Application Security Engineer at a insurance company with 10,001+ employees
Real User
One of the best solutions on the market for protecting all your web applications
Pros and Cons
  • "The features I have found most valuable with Imperva Web Application Firewall are account takeover protection, advanced bot protection, and API security."
  • "I am looking for more data enrichment. We should have the ability to add our own custom data to the system, to the live traffic."

What is our primary use case?

Our primary use case is for protection of all our web applications.

How has it helped my organization?

Imperva Web Application Firewall is a very good solution and very feasible for any corporation. We can almost accommodate everything with this solution. We were able to accommodate almost all our use cases with this. This is one of the best solutions I have found so far.

What is most valuable?

The features I have found most valuable with Imperva Web Application Firewall are account takeover protection, advanced bot protection, and API security.

What needs improvement?

In terms of what could be improved, I would say reporting on the cloud side.

Additionally, I am looking for more data enrichment. We should have the ability to add our own custom data to the system, to the live traffic.

In the next release I would like to see more API security.

For how long have I used the solution?

I have been using Imperva Web Application Firewall for almost five years.

We currently use a hybrid version but we are moving towards purely 100% cloud where we will shortly get rid of all the appliances.

What do I think about the stability of the solution?

Its stability is very good. In all aspects, it is very good. It is beyond my expectations actually.

What do I think about the scalability of the solution?

In terms of scaling, Imperva Web Application Firewall is amazing. The product is really good so far.

We have very few users with direct usage - 10 users approximately.

There is zero maintenance.

How are customer service and support?

Their customer support is very good. They are very quick.

Which solution did I use previously and why did I switch?

I previously used F5 and something else whose name I don't remember.

We made the switch to Imperva because it is one of the best solutions on the market.

How was the initial setup?

The initial setup is very easy.

It just took a few days.

What about the implementation team?

We used the consultant. Our experience with them was not bad. But as I mentioned, things are not difficult here. It is fairly easy.

What other advice do I have?

My advice to anyone considering Imperva Web Application Firewall is that they can safely go to this environment without having a second thought. I have done so much testing. I did so many use cases. It never failed so far.

On a scale of one to ten, I would give Imperva Web Application Firewall a 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Imperva Web Application Firewall
December 2024
Learn what your peers think about Imperva Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
823,795 professionals have used our research since 2012.
Director, Information System Security at a financial services firm with 201-500 employees
Real User
Hosts a complete range of features and gives a comprehensive overview of network traffic
Pros and Cons
  • "The WAF itself has been very valuable to me because it has such a complete range of features. Another reason why I like it is because it also takes care of the total overview of the traffic over the network."
  • "They recently separated the WAF and the DAM management gateways in order for each of these to be managed from different areas, so I believe it now requires additional investments for what was previously a single complete solution."

What is our primary use case?

At my previous workplace in the banking sector, we used Imperva WAF for the monitoring of our internet banking traffic, and we also used Imperva's DAM for the database activity monitoring.

Our deployment of Imperva WAF was situated on-premises and it was in use throughout the whole organization, which included around 3,500 clients.

How has it helped my organization?

Imperva Web Application Firewall has improved security of my organization through enhanced visiblity as well protecting malicious IPs, applications and unknown users as well.

What is most valuable?

The WAF itself has been very valuable to me because it has such a complete range of features. Another reason why I like it is because it also takes care of the total overview of the traffic over the network.

What needs improvement?

Imperva's product is very good, but when it comes to procuring the software in my country it can be somewhat expensive. I don't recall the exact amount, but in comparison with other countries it is a huge investment.

They recently separated the WAF and the DAM management gateways in order for each of these to be managed from different areas, so I believe it now requires additional investments for what was previously a single complete solution.

Although the vendor support from Imperva is not bad, getting a response from them can be a lengthy process at times.

For how long have I used the solution?

I have used Imperva WAF for about three years. 

What do I think about the stability of the solution?

The stability is mature enough, in my experience. In fact, I would give it a 5/5 for stability.

What do I think about the scalability of the solution?

Scalability-wise, there is one issue we encountered that I want to mention. At some point, Imperva, moved their account takeover prevention features from the on-premises edition to the cloud-based edition, and we discovered that this step would take yet another integration, seeing that we were using Imperva on-premises. These account takeover prevention features, however, were already part of our subscription, but since the features moved to the cloud, we missed out on them. So, in this sense, I would say the scalability strategy isn't as solid as it should be, and for this reason I would rate the scalability a 3.5/5.

On the other hand, when it comes to how many users we were able to scale up to, we actually had the whole organization using it, including around 3,500 clients in total.

How are customer service and support?

The support from the vendor side could be improved because their response times weren't great and the process of obtaining the proper support was a long process sometimes. That said, the support itself was not bad.

How would you rate customer service and support?

Positive

How was the initial setup?

The setup was actually quite an advanced process. It was a good experience, but all in all it took about one year to get everything fully set up, when you take all the fine-tuning activities and such into account.

What about the implementation team?

We deployed the Imperva WAF with the help of organizations in South Africa who acted as consultants and implementation partners for Imperva. Our experience with them was good, and the full implementation required two professionals from the consultant's side and about five people from our own organization. The vendor itself was not part of the implementation process.

What's my experience with pricing, setup cost, and licensing?

The pricing is somewhat expensive. It is actually a huge investment when compared to other countries.

Not only that, but Imperva went on to separate the WAF and DAM management gateways, making it so that each would have to be managed and licensed separately, incurring the cost of additional investments.

On a related note, there was another licensing issue we encountered where we had a subscription for account takeover prevention features, but these features had been moved by Imperva from the on-premises instance to the cloud. Since we had not moved to the cloud at that point, we did not have access to these features anymore.

What other advice do I have?

I can highly recommend Imperva WAF for financial institutions. It's a good solution and I think it's important for financial institutions, particularly those who conduct online banking, to make use of a solid WAF such as this.

I would rate Imperva WAF a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Data analyst at Kyivstar
Real User
Enhanced security with profile functionality
Pros and Cons
  • "Protection is the best solution since it has profile functionality."

    What is our primary use case?

    I use the service for protection due to the fact that it has profile functionality.

    What is most valuable?

    Protection is the best solution since it has profile functionality.

    Which other solutions did I evaluate?

    Interesting alternatives are Akamai and some cloud solutions do exist.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    PreethamSingh - PeerSpot reviewer
    Principal Cloud Architect at a computer software company with 5,001-10,000 employees
    Real User
    Top 10
    Protects applications and provides a complete picture of how the applications are being used
    Pros and Cons
    • "Imperva has a complete picture of how the applications are utilizing it. It is handy. DDoS is good. It has an internally managed database. It is very easy to integrate. We have integrated it with SIEM services."

      What is our primary use case?

      We use the solution to protect applications.

      What is most valuable?

      Imperva has a complete picture of how the applications are utilizing it. It is handy. DDoS is good. It has an internally managed database. It is very easy to integrate. We have integrated it with SIEM services.

      What needs improvement?

      Apart from predefined templates, it would be helpful if the solution provided an option to customize any new rules or additions based on the requirement.

      For how long have I used the solution?

      I have been using Imperva Web Application Firewall for three years.

      What do I think about the stability of the solution?

      I rate the solution’s stability an eight out of ten.

      What do I think about the scalability of the solution?

      The tool is pretty scalable. Around 1,000 users are using this solution.

      I rate the solution’s scalability an eight out of ten.

      Which solution did I use previously and why did I switch?

      We have used Barracuda. We switched to Imperva because Barracuda was not user-friendly and didn't offer predefined data.

      How was the initial setup?

      The initial setup is simple.

      What's my experience with pricing, setup cost, and licensing?

      The product's pricing is flexible.

      I rate the product's pricing a seven out of ten, where one is cheap and ten is expensive.

      What other advice do I have?

      I recommend the solution.

      Overall, I rate the solution an eight out of ten.

      Which deployment model are you using for this solution?

      Hybrid Cloud
      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      Flag as inappropriate
      PeerSpot user
      Global Network and Cyber Security Project Manager at a manufacturing company with 10,001+ employees
      Real User
      Easy to operate
      Pros and Cons
      • "The configurability of the tools and the ease of operation to be the most valuable feature of Imperva."
      • "Imperva Web Application Firewall is very expensive."

      What is our primary use case?

      We use the latest version with all the functionality, not only WAF. Additionally, we use all the security capability that is possible to enable on Imperva including device security tools like API security.

      We use this solution to protect the website for the company.

      What is most valuable?

      I find the configurability of the tools and the ease of operation to be the most valuable feature of Imperva.

      For how long have I used the solution?

      I have three years of experience with Imperva Web Application Firewall.

      What do I think about the stability of the solution?

      This solution is very stable.

      What do I think about the scalability of the solution?

      Scalability is very good.

      How are customer service and support?

      Imperva's technical support is very good.

      Which solution did I use previously and why did I switch?

      I used to work with Fortinet Web Application Firewall but it was not good.

      How was the initial setup?

      The initial setup of Imperva is easy to do and only takes a few minutes to deploy.

      What's my experience with pricing, setup cost, and licensing?

      Imperva Web Application Firewall is very expensive.

      Which other solutions did I evaluate?

      I have worked with Azure and find both solutions good. However, Imperva does have more advanced features than Azure.

      What other advice do I have?

      I am very happy with this solution. I would rate the technical aspect a 10 out of 10, however because of the financial cost, I rate it an 8 out of 10.

      Which deployment model are you using for this solution?

      Public Cloud

      If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

      Other
      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      reviewer1563954 - PeerSpot reviewer
      Senior Software Developer at a computer software company with 1,001-5,000 employees
      Real User
      Stable, protects well against a variety of attacks, especially DDoS
      Pros and Cons
      • "The solution has been quite stable. I have not seen any bugs at all."
      • "Sometimes our web application firewall will slow down."

      What is our primary use case?

      We primarily use the solution for database security.

      Basically, the solution is a web application firewall that is used to protect against multiple types of attacks online. It is used for web attacks - mostly DDoS attacks, cross-site scripting attacks, or SQL injection attacks. 

      There is also multiple HTTP protocol compliance. If there is any violation it will be detected by this application. It is used for detecting an illegal file type, illegal URL, or bots. 

      The solution can prevent a geolocation attack also. If any application is not allowed from certain countries, it will not allow access. We can detect everything via the web application firewall. 

      What is most valuable?

      The solution offers good security against a variety of web attacks.

      The protection from DDoS attacks is very useful. The DDoS attack is a very powerful attack that can harm a company's services. If an application is deployed to any web server or database our service will slow and will go down. A user would not be able to access our service until we can fix the issue. It's a deal if a company can avoid getting hit with DDoS attacks and having something that can effectively protect a company is extremely useful.

      The solution has been quite stable. I have not seen any bugs at all.

      What needs improvement?

      Until now, it is good. There are no issues. As an analyst, I simply monitor. I don't really get too far into the technical aspects of the solution.

      Occasionally, I've noticed that the web application firewall was down. If we are not using proper storage, proper memory, proper CPU, and if multiple attacks happen at one time, they will be detected by our web application firewall. Sometimes our web application firewall will slow down. In that sense, it needs some improvement. We do have a precaution for if the solution goes down. We basically, need to increase the memory and the storage and the CPU utilization, so that we can prevent our company from malicious activity. 

      I cannot say which type of memory or storage should be improved. The requirements depend on the organization. What organizations need and which type of configurations would work best as per their requirements depend completely on that.

      For how long have I used the solution?

      I've been working with the solution for about three years or so. It's been a while. I've been mostly working with it over the last 12 months or so.

      What do I think about the stability of the solution?

      The solution is quite stable. There are no bugs or glitches - or at least, I haven't seen any problems on that front. It doesn't crash or freeze. It's reliable.

      What do I think about the scalability of the solution?

      Right now, it depends on the company and its needs. I can't speak to if there are plans to increase usage.

      How are customer service and technical support?

      I've never been in touch with technical support. I can't speak to how knowledgeable and responsive they are, having never communicated with them directly. As an analyst, it's not my responsibility to deal with technical issues directly.

      Which solution did I use previously and why did I switch?

      It's my understanding that this company has only used this solution. However, if I move somewhere else, it's possible that something else may be used.

      How was the initial setup?

      I wasn't part of the initial setup. I can't speak to how easy or difficult the process was.

      What's my experience with pricing, setup cost, and licensing?

      I am not sure of the exact licensing costs of the solution. The licensing is a management decision. The costs and payments are handled by them.

      What other advice do I have?

      We use the solution's latest version.

      We have a partnership with Imperva within our company.

      I'd rate the solution at a nine out of ten. We've been mostly quite happy with its capabilities.

      Which deployment model are you using for this solution?

      On-premises
      Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
      PeerSpot user
      RiaanDu Preez - PeerSpot reviewer
      Senior Cyber Security Specialist Architect at Cyberlinx
      Reseller
      Top 5Leaderboard
      Provides out-of-the-box security for web applications
      Pros and Cons
      • "There is a quick switch between any of the the nodes if something goes wrong, where there's a there's an attack against a specific area. The security setup is reasonably easy. It's not a problem to do setups and rules and integrations. And, yeah, just the the back end team is also very willing to insist if there's questions that that we cannot answer or with these questions that we do have"
      • "The UI interface needs improvement."

      What is our primary use case?

      The solution is being used for communication.

      What is most valuable?

      If something goes wrong, there is a quick switch between nodes, wherever there's an attack against a specific area. The security setup is reasonably easy. It's easy to do setups, rules, and integrations. The backend team is also willing to help if there are questions that we cannot answer.

      What needs improvement?

      The UI interface needs improvement. 

      For how long have I used the solution?

      I have been using Imperva Web Application Firewall for six months. 

      What do I think about the stability of the solution?

      The solution is highly stable. I rate the stability a ten out of ten. 

      What do I think about the scalability of the solution?

      It is a scalable solution. I would rate it a nine out of ten. 

      How was the initial setup?

      The initial setup is easy. The deployment depends on the customer's solution but does not take more than a few hours. I rate the initial setup an eight out of ten. 

      What's my experience with pricing, setup cost, and licensing?

      It is a very affordable solution.

      What other advice do I have?

      I would definitely recommend the solution. I rate the solution an eight out of ten. 

      Which deployment model are you using for this solution?

      Public Cloud
      Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
      PeerSpot user
      Buyer's Guide
      Download our free Imperva Web Application Firewall Report and get advice and tips from experienced pros sharing their opinions.
      Updated: December 2024
      Buyer's Guide
      Download our free Imperva Web Application Firewall Report and get advice and tips from experienced pros sharing their opinions.