Imperva Web Application Firewall Reviews

We primarily use the solution as a firewall.

One good thing about Imperva Web Application Firewall is it can be on the cloud and also it can be on-premise. Either way, you can use it, and it's quite easy. 

It's quite easy to deploy. It is also a self-managed service. It's quite straightforward.

They do provide updates on a quarterly or half-yearly basis.

I don't really use it and therefore can't speak to areas of improvement. 

We've been using it for probably three or four years.

The solution is stable. 

Scalability-wise, it is not so scalable as the solution is quite straightforward. There's not much you can scale with the solution.

Mainly, the IT department uses the solution and there are ten to 20 of them.

Technical support is quite helpful and responsive. They support us well and they are available worldwide so it's quite easy to get help.

The product is very easy to deploy. It's simple and straightforward. It's not an overly complex solution.

Within half a day you can have it up and running. You just need two people to deploy and maintain the solution. 

We are users and also we are resellers.

The version we are using is the latest version. 

It has many valuable options or features. You just need to know what you need for your organization. If not, Imperva will probably tend to sell you almost everything. You just need to know what are the options that you need for your organization. Apart from that, the whole process is quite fast and it's quite reliable.

I'd rate the solution an eight out of ten.

Our primary use case is for protection of all our web applications.

Imperva Web Application Firewall is a very good solution and very feasible for any corporation. We can almost accommodate everything with this solution. We were able to accommodate almost all our use cases with this. This is one of the best solutions I have found so far.

The features I have found most valuable with Imperva Web Application Firewall are account takeover protection, advanced bot protection, and API security.

In terms of what could be improved, I would say reporting on the cloud side.

Additionally, I am looking for more data enrichment. We should have the ability to add our own custom data to the system, to the live traffic.

In the next release I would like to see more API security.

I have been using Imperva Web Application Firewall for almost five years.

We currently use a hybrid version but we are moving towards purely 100% cloud where we will shortly get rid of all the appliances.

Its stability is very good. In all aspects, it is very good. It is beyond my expectations actually.

In terms of scaling, Imperva Web Application Firewall is amazing. The product is really good so far.

We have very few users with direct usage - 10 users approximately.

There is zero maintenance.

Their customer support is very good. They are very quick.

I previously used F5 and something else whose name I don't remember.

We made the switch to Imperva because it is one of the best solutions on the market.

The initial setup is very easy.

It just took a few days.

We used the consultant. Our experience with them was not bad. But as I mentioned, things are not difficult here. It is fairly easy.

My advice to anyone considering Imperva Web Application Firewall is that they can safely go to this environment without having a second thought. I have done so much testing. I did so many use cases. It never failed so far.

On a scale of one to ten, I would give Imperva Web Application Firewall a 10.

At my previous workplace in the banking sector, we used Imperva WAF for the monitoring of our internet banking traffic, and we also used Imperva's DAM for the database activity monitoring.

Our deployment of Imperva WAF was situated on-premises and it was in use throughout the whole organization, which included around 3,500 clients.

Imperva Web Application Firewall has improved security of my organization through enhanced visiblity as well protecting malicious IPs, applications and unknown users as well.

The WAF itself has been very valuable to me because it has such a complete range of features. Another reason why I like it is because it also takes care of the total overview of the traffic over the network.

Imperva's product is very good, but when it comes to procuring the software in my country it can be somewhat expensive. I don't recall the exact amount, but in comparison with other countries it is a huge investment.

They recently separated the WAF and the DAM management gateways in order for each of these to be managed from different areas, so I believe it now requires additional investments for what was previously a single complete solution.

Although the vendor support from Imperva is not bad, getting a response from them can be a lengthy process at times.

I have used Imperva WAF for about three years. 

The stability is mature enough, in my experience. In fact, I would give it a 5/5 for stability.

Scalability-wise, there is one issue we encountered that I want to mention. At some point, Imperva, moved their account takeover prevention features from the on-premises edition to the cloud-based edition, and we discovered that this step would take yet another integration, seeing that we were using Imperva on-premises. These account takeover prevention features, however, were already part of our subscription, but since the features moved to the cloud, we missed out on them. So, in this sense, I would say the scalability strategy isn't as solid as it should be, and for this reason I would rate the scalability a 3.5/5.

On the other hand, when it comes to how many users we were able to scale up to, we actually had the whole organization using it, including around 3,500 clients in total.

The support from the vendor side could be improved because their response times weren't great and the process of obtaining the proper support was a long process sometimes. That said, the support itself was not bad.

Positive

The setup was actually quite an advanced process. It was a good experience, but all in all it took about one year to get everything fully set up, when you take all the fine-tuning activities and such into account.

We deployed the Imperva WAF with the help of organizations in South Africa who acted as consultants and implementation partners for Imperva. Our experience with them was good, and the full implementation required two professionals from the consultant's side and about five people from our own organization. The vendor itself was not part of the implementation process.

The pricing is somewhat expensive. It is actually a huge investment when compared to other countries.

Not only that, but Imperva went on to separate the WAF and DAM management gateways, making it so that each would have to be managed and licensed separately, incurring the cost of additional investments.

On a related note, there was another licensing issue we encountered where we had a subscription for account takeover prevention features, but these features had been moved by Imperva from the on-premises instance to the cloud. Since we had not moved to the cloud at that point, we did not have access to these features anymore.

I can highly recommend Imperva WAF for financial institutions. It's a good solution and I think it's important for financial institutions, particularly those who conduct online banking, to make use of a solid WAF such as this.

I would rate Imperva WAF a nine out of ten.

We use the solution to protect applications.

Imperva has a complete picture of how the applications are utilizing it. It is handy. DDoS is good. It has an internally managed database. It is very easy to integrate. We have integrated it with SIEM services.

Apart from predefined templates, it would be helpful if the solution provided an option to customize any new rules or additions based on the requirement.

I have been using Imperva Web Application Firewall for three years.

I rate the solution’s stability an eight out of ten.

The tool is pretty scalable. Around 1,000 users are using this solution.

I rate the solution’s scalability an eight out of ten.

We have used Barracuda. We switched to Imperva because Barracuda was not user-friendly and didn't offer predefined data.

The initial setup is simple.

The product's pricing is flexible.

I rate the product's pricing a seven out of ten, where one is cheap and ten is expensive.

I recommend the solution.

Overall, I rate the solution an eight out of ten.

We use the latest version with all the functionality, not only WAF. Additionally, we use all the security capability that is possible to enable on Imperva including device security tools like API security.

We use this solution to protect the website for the company.

I find the configurability of the tools and the ease of operation to be the most valuable feature of Imperva.

I have three years of experience with Imperva Web Application Firewall.

This solution is very stable.

Scalability is very good.

Imperva's technical support is very good.

I used to work with Fortinet Web Application Firewall but it was not good.

The initial setup of Imperva is easy to do and only takes a few minutes to deploy.

Imperva Web Application Firewall is very expensive.

I have worked with Azure and find both solutions good. However, Imperva does have more advanced features than Azure.

I am very happy with this solution. I would rate the technical aspect a 10 out of 10, however because of the financial cost, I rate it an 8 out of 10.

We primarily use the solution for database security.

Basically, the solution is a web application firewall that is used to protect against multiple types of attacks online. It is used for web attacks - mostly DDoS attacks, cross-site scripting attacks, or SQL injection attacks. 

There is also multiple HTTP protocol compliance. If there is any violation it will be detected by this application. It is used for detecting an illegal file type, illegal URL, or bots. 

The solution can prevent a geolocation attack also. If any application is not allowed from certain countries, it will not allow access. We can detect everything via the web application firewall. 

The solution offers good security against a variety of web attacks.

The protection from DDoS attacks is very useful. The DDoS attack is a very powerful attack that can harm a company's services. If an application is deployed to any web server or database our service will slow and will go down. A user would not be able to access our service until we can fix the issue. It's a deal if a company can avoid getting hit with DDoS attacks and having something that can effectively protect a company is extremely useful.

The solution has been quite stable. I have not seen any bugs at all.

Until now, it is good. There are no issues. As an analyst, I simply monitor. I don't really get too far into the technical aspects of the solution.

Occasionally, I've noticed that the web application firewall was down. If we are not using proper storage, proper memory, proper CPU, and if multiple attacks happen at one time, they will be detected by our web application firewall. Sometimes our web application firewall will slow down. In that sense, it needs some improvement. We do have a precaution for if the solution goes down. We basically, need to increase the memory and the storage and the CPU utilization, so that we can prevent our company from malicious activity. 

I cannot say which type of memory or storage should be improved. The requirements depend on the organization. What organizations need and which type of configurations would work best as per their requirements depend completely on that.

I've been working with the solution for about three years or so. It's been a while. I've been mostly working with it over the last 12 months or so.

The solution is quite stable. There are no bugs or glitches - or at least, I haven't seen any problems on that front. It doesn't crash or freeze. It's reliable.

Right now, it depends on the company and its needs. I can't speak to if there are plans to increase usage.

I've never been in touch with technical support. I can't speak to how knowledgeable and responsive they are, having never communicated with them directly. As an analyst, it's not my responsibility to deal with technical issues directly.

It's my understanding that this company has only used this solution. However, if I move somewhere else, it's possible that something else may be used.

I wasn't part of the initial setup. I can't speak to how easy or difficult the process was.

I am not sure of the exact licensing costs of the solution. The licensing is a management decision. The costs and payments are handled by them.

We use the solution's latest version.

We have a partnership with Imperva within our company.

I'd rate the solution at a nine out of ten. We've been mostly quite happy with its capabilities.

The tool helps us to meet security requirements. 

I am impressed with the product's scalability, availability, easy management, and security. We were able to integrate the product with Azure and Sentinel. 

I would like the solution to improve its support response time. 

I am working on the solution for two to three years. 

I would rate the product's stability a nine out of ten. 

I would rate the solution's scalability a nine out of ten. We have more than eight to nine sites that are covered by the tool. 

The solution's deployment gets completed in less than 15 minutes. 

I would rate the product a nine out of ten. I discussed with the security teams and they consider the tool a state-of-the-art product. 

We are using Imperva Web Application Firewall to monitor databases.

The most valuable features of Imperva Web Application Firewall are the monitoring of databases and the dashboards are easy to understand.

Imperva Web Application Firewall could improve the API integration. It was complex for us. Additionally, The onboarding could be better.

I have been using Imperva Web Application Firewall for approximately three months.

Imperva Web Application Firewall is stable.

The scalability of the Imperva Web Application Firewall is good.

The initial setup of the Imperva Web Application Firewall is complex.

I rate the initial setup of Imperva Web Application Firewall a four out of five.

I rate Imperva Web Application Firewall a nine out of ten.