Imperva Web Application Firewall Reviews

The tool helps us to meet security requirements. 

I am impressed with the product's scalability, availability, easy management, and security. We were able to integrate the product with Azure and Sentinel. 

I would like the solution to improve its support response time. 

I am working on the solution for two to three years. 

I would rate the product's stability a nine out of ten. 

I would rate the solution's scalability a nine out of ten. We have more than eight to nine sites that are covered by the tool. 

The solution's deployment gets completed in less than 15 minutes. 

I would rate the product a nine out of ten. I discussed with the security teams and they consider the tool a state-of-the-art product. 

It is complicated to integrate the solution's on-cloud version with other platforms. 

I have been using the solution for six years.

It is a stable solution.

The solution is scalable. We have 20 applications hosted on its on-premises version and around five applications on mobile infrastructure. A team of three administrators manages the operations.

The solution's technical support is good.

Positive

I have used F5 and Barracuda before. Both solutions are easy to use.

The solution's initial setup is easy and takes two or three days to complete.

We implemented the solution with the help of its reseller.

The solution is stable and easy to manage. I rate it a nine out of ten.

The tool's profiling feature maps all the web application directories and related components on the profile directory. It has improved the security of my client's website applications. 

The tool's UI is complicated. It would be best to have a more accessible UI dashboard to make the job easier. 

I have been using the product for three years. 

I rate the tool's stability an eight out of ten. We have encountered bugs, but they are fixed fast. 

I rate Imperva Web Application Firewall's scalability an eight to nine out of ten. 

Imperva Web Application Firewall's customer support is good and responsive. However, they are less responsive on public holidays. 

Positive

Imperva Web Application Firewall's deployment is easy. Onboarding a website on Imperva Web Application Firewall is much easier than Fortinet. With the product, the process is simplified, as you only need to enter your application's IP address on the website for the site, and the profiling firewall automates the process. For large-scale web applications, deployment can take four days to complete. 

Imperva Web Application Firewall's pricing is expensive. 

I rate Imperva Web Application Firewall a nine out of ten. 

The solution is used by SMBs and enterprises that have a lot of websites that they need to protect.

Since the product is categorized in Gartner as a Web Application and API Protection tool, it protects APIs and web applications. It provides bot and client-side protection. I have done POCs. Once the platform is configured to block DDoS attacks, no traffic regarding DDoS or bots gets into the application.

If the clients have requirements for APIs and microservices, we can offer such services with the help of the solution. We can offer it as a security solution that protects APIs and microservices. Imperva’s real-time monitoring makes it very easy for administrators to monitor their existing web applications.

My clients raised a concern that even if they need the tool only for DDoS protection, they still have to buy the WAF license. It’s difficult to position the tool if the client already has a WAF solution and needs Imperva only for DDoS protection.

I have been using the solution since June last year.

I rate the tool’s stability a ten out of ten. Since I've been onboarded, I haven't had any issues.

I rate the tool’s scalability a ten out of ten. Imperva allows only clean traffic. The scalability is based on the clean traffic and not the overall bandwidth of the client. Our clients are mostly enterprise businesses. I have some SMB customers.

Sometimes, support tickets don't get addressed quickly. However, the support team gets to it eventually.

Positive

The initial setup is very easy. I rate the ease of setup a ten out of ten. The time taken for deployment depends on the number of applications we want to onboard. Usually, we can do it in a day.

Imperva is a very proactive solution. It is not reactive. We can prevent attacks or issues even before they happen. It is something people must consider since many enterprises are facing DDoS attacks, and their data is getting compromised.

I rate the solution’s pricing a seven out of ten. Some solutions are cheaper than Imperva. Imperva’s pricing is a bit higher in the market since it offers a full-blown WAF.

We are partners. I rate the product's integration with our client's IT infrastructure a nine out of ten. It is easily integrated since many configurations are needed to onboard Imperva into a client’s infrastructure fully. Overall, I rate the product a nine out of ten.

We are using this solution for backing up all of our day-to-day use data and the ability to restore it when we want. For example, when there is a catastrophe or disaster.

The most important feature I have found to be the ease in how to do the backup and restores.

The process to upgrade from one version to another can be a lot simpler than it is currently.

I have been using this solution for six years.

When it comes to stability the solution work well.

The solution in my experience has been scalable. In my organization we have approximately 10,000 users using the solution, the whole company uses it.

The initial setup was straightforward. We have a team that does the maintenance of the solution.

There is a license for this solution and we purchase the license annually with no additional fees.

My advice is to follow the three, two, one backup rule, this solution is very suitable for this. Make sure you are defining your mean time for recovery of the backup, and try to see that it makes the mean time.

I rate Imperva Web Application Firewall a nine out of ten.

For some time now, I have been the CTO of a consulting company and our main issue is web application security. We also handle database security.

This is one of the solutions that we implement for our clients.

The primary use of this solution is the protection of applications.

This product has a logical perspective of negative and positive security. Negative meaning all of the blacklisted websites, and the positive is the profiling of the website itself. Impera can see and activate the policy, based on what it has learned. Imperva learns things like how dynamic content is dealt with, and what the permitted values are. When you combine these two perspectives, the negative and the positive, you get the optimal protection of the application.

When you want to move to a higher version of the platform, it is not in the GUI and not very easy to do. I expect that this will be available in the next version.

I think that better bot protection is needed in this solution. Bot protection is one of the features in Imperva that lets you recognize if their request is coming from a human or coming from a bot. In this context, a bot is a mechanism being used by the attacker. Good bot protection will reduce a lot of the attacks coming into the applications.

This solution is pretty stable.

If you build this solution properly then you have scalability.

We do not use technical support very often. It is only in cases where we get something that looks like a bug. Their team is good.

The initial setup of this solution is user-friendly and pretty straightforward.

However, the setup, in order to bring the application into inspection, is kind of complex. You need to know what you're doing. It takes approximately four hours to install, setup, and configure this platform.

My team and I handle the integration of this solution for our clients.

The number of people required depends on the environment. Sometimes it is one person, whereas other times there are two.

We have three people who take care of maintaining this solution for our customers.

The cost of this solution depends on the platform. For example, you may be buying virtual or you may be buying appliances. It also depends on the number of environments and the bandwidth that is required.

Compared to other web application firewalls in the market, Imperva does things in the most accurate way.

Overall, Imperva is a pretty good product.

I am working with the development team for Imperva in Israel, and I have submitted some feature requests for things that I think should be changed. Everything that should be fixed, we have a discussion on it and it is probable that these things will be fixed.

My advice to anybody who is implementing this solution is to first go and learn the attack surfaces because you need to protect the assets from attack. In order to do this, you need to understand the attacks. Let's say that a good defense is a good offense.

The biggest lesson that I have learned from working with this solution is to back up the system all of the time. Do it step by step, and be very precise. Have plans for each and every move, all of the time.

I would rate this solution a nine out of ten.

Protects and secures all our web sites.

• Learning mode.
• Custom policies.
• Very intuitive and granular configuration - It does not require much time, or advanced knowledge, for configuration and maintenance.

The reporting is missing some features, such as: only two export formats, and the time period does not include the last day, week, year.

No issues with stability.

No issues with scalability.

10 out of 10 for local support, seven out of 10 for Imperva Professional Services.

Straightforward. Easy to install and config.

F5.

I rate it a 10 out of 10 because of the ability to apply real-time changes or creations, export and import applications learned, and it's very easy to use. It also features system logs or incidents, granular configuration in relation to a SIEM. It is the best product on the market, in my opinion. Cyber security leader.

The solution is being used for communication.

If something goes wrong, there is a quick switch between nodes, wherever there's an attack against a specific area. The security setup is reasonably easy. It's easy to do setups, rules, and integrations. The backend team is also willing to help if there are questions that we cannot answer.

The UI interface needs improvement. 

I have been using Imperva Web Application Firewall for six months. 

The solution is highly stable. I rate the stability a ten out of ten. 

It is a scalable solution. I would rate it a nine out of ten. 

The initial setup is easy. The deployment depends on the customer's solution but does not take more than a few hours. I rate the initial setup an eight out of ten. 

It is a very affordable solution.

I would definitely recommend the solution. I rate the solution an eight out of ten.