Try our new research platform with insights from 80,000+ expert users
Security Architect at a individual & family service with 1,001-5,000 employees
Real User
Top 20
Stable and easy-to-manage solution with good technical support service
Pros and Cons
  • "The solution is scalable."
  • "It is complicated to integrate the solution's on-cloud version with other platforms."

What needs improvement?

It is complicated to integrate the solution's on-cloud version with other platforms. 

For how long have I used the solution?

I have been using the solution for six years.

What do I think about the stability of the solution?

It is a stable solution.

What do I think about the scalability of the solution?

The solution is scalable. We have 20 applications hosted on its on-premises version and around five applications on mobile infrastructure. A team of three administrators manages the operations.

Buyer's Guide
Imperva Web Application Firewall
December 2024
Learn what your peers think about Imperva Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
823,875 professionals have used our research since 2012.

How are customer service and support?

The solution's technical support is good.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have used F5 and Barracuda before. Both solutions are easy to use.

How was the initial setup?

The solution's initial setup is easy and takes two or three days to complete.

What about the implementation team?

We implemented the solution with the help of its reseller.

What other advice do I have?

The solution is stable and easy to manage. I rate it a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1946217 - PeerSpot reviewer
Manager at a tech services company with 1,001-5,000 employees
Real User
An easy-to-use solution that integrates seamlessly to block OWSAP attacks
Pros and Cons
  • "The solution integrates seamlessly with other tools and has a good alert mechanism."
  • "The solution works for particular zones but isn't always the best solution for all zones."

What is our primary use case?

The solution is used to detect and block application attacks on the internet perimeter. We integrate the solution with SOAR and Phantom to automate our playbook and block URLs.

How has it helped my organization?

The solution reduces the risk of attacks and that benefits our clients. 

What is most valuable?

The solution integrates seamlessly with other tools and has a good alert mechanism. 

The solution provides good protection against OWASP top-ten attacks.

What needs improvement?

The solution works for particular zones but isn't always the best solution for all zones. 

The solution's pricing could be improved. 

For how long have I used the solution?

I have been using the solution for five years. 

What do I think about the stability of the solution?

The solution is stable. 

What do I think about the scalability of the solution?

We implemented the SA solution and have not tried to scale it beyond our client's 10,000 users. 

How are customer service and support?

I do not have experience with escalating issues because our internal support team handles vendor support. 

Which solution did I use previously and why did I switch?

We have not switched solutions but prefer this solution for on-premises. When we need a tool that is cloud-based, we prefer other solutions. 

How was the initial setup?

The initial setup was not complex and integration was easy. 

What about the implementation team?

The solution was implemented by the supplier. 

What's my experience with pricing, setup cost, and licensing?

The solution's pricing is an issue. 

Which other solutions did I evaluate?

We use many tools for the application layer including Imperva, Infoblox Secure DNS, and Palo Alto. 

What other advice do I have?

The solution is a leader in the market and is easy to use.

I rate the solution a nine out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Imperva Web Application Firewall
December 2024
Learn what your peers think about Imperva Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
823,875 professionals have used our research since 2012.
Claudio Colombo - PeerSpot reviewer
CTO at Sorint.Lab
Reseller
It's easy to use and deploy
Pros and Cons
  • "Imperva is easy to use and deploy. The UI is excellent."
  • "I'd like the option to pick your bot protection."

What is most valuable?

Imperva is easy to use and deploy. The UI is excellent.

What needs improvement?

I'd like the option to pick your bot protection.

For how long have I used the solution?

I have used Imperva for seven years.

What do I think about the stability of the solution?

Imperva is stability.

What do I think about the scalability of the solution?

Imperva is scalable.

How are customer service and support?

Imperva support is good. 

How was the initial setup?

Setting up Imperva is easy, and it takes two days.

What's my experience with pricing, setup cost, and licensing?

The cost is reasonable. W have 50 clients and 10 websites per customer. 

What other advice do I have?

I rate Imperva Web Application Firewall nine out of 10.

Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Anuraj Nair - PeerSpot reviewer
Presales Engineer at SNSIN
Reseller
Top 5Leaderboard
Flexible, good performance, and helpful support
Pros and Cons
  • "The most valuable features of the Imperva Web Application Firewall are performance and flexibility. We can extend or customize the box itself."
  • "Imperva Web Application Firewall could improve the console by making it easier to use."

What is our primary use case?

Imperva Web Application Firewall is used for protecting web applications.

What is most valuable?

The most valuable features of the Imperva Web Application Firewall are performance and flexibility. We can extend or customize the box itself.

What needs improvement?

Imperva Web Application Firewall could improve the console by making it easier to use. 

For how long have I used the solution?

I have been using Imperva Web Application Firewall for approximately six years.

What do I think about the stability of the solution?

Imperva Web Application Firewall is stable.

What do I think about the scalability of the solution?

The stability of the Imperva Web Application Firewall is good.

We have approximately three or four clients using this solution.

How are customer service and support?

The support from Imperva Web Application Firewall is very good. They are handling support well, giving suggestions, and solving the issues.

How was the initial setup?

The initial setup of the Imperva Web Application Firewall is straightforward. The process for us is simple, we have been doing it for years.

What about the implementation team?

We have one person that does the deployment of the Imperva Web Application Firewall.

What's my experience with pricing, setup cost, and licensing?

We sell three-year licenses for Imperva Web Application Firewall to our customers. The price is a little expensive.

What other advice do I have?

I recommend this solution to others.

I rate Imperva Web Application Firewall an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Akhilesh Mishra - PeerSpot reviewer
Technical Lead at M.Tech
Reseller
Top 5Leaderboard
Useful DDoS protection, good support, and reliable
Pros and Cons
  • "The most valuable features of the Imperva Web Application Firewall are DDoS, malware, and the other malicious threat prevention it provides. Additionally, third-party integration is available. You can forward the log for further analysis."
  • "Imperva Web Application Firewall can improve by providing better features, such as improved prevention of zero-day attacks. Additionally, it should include a VR meta-analysis."

What is our primary use case?

Imperva Web Application Firewall is used for customers who are looking to secure their multiple applications and want to block the threats, such as DDoS and ransomware attacks. Imperva Web Application Firewall delivers three main things, data security, data availability, and access control. For data security, it prevents malware and malicious threats. For the data availability, by preventing threats, such as malware, data can be available each and every time. You are able to have Access control, you have the ability to control the access.

What is most valuable?

The most valuable features of the Imperva Web Application Firewall are DDoS, malware, and the other malicious threat prevention it provides. Additionally, third-party integration is available. You can forward the log for further analysis.

What needs improvement?

Imperva Web Application Firewall can improve by providing better features, such as improved prevention of zero-day attacks. Additionally, it should include a VR meta-analysis.

For how long have I used the solution?

I have been using the Imperva Web Application Firewall for approximately 15 years.

What do I think about the stability of the solution?

Imperva Web Application Firewall is stable, and the performance is good.

What do I think about the scalability of the solution?

The solution is best suited for enterprise-sized businesses. It is a scalable solution.

How are customer service and support?

The Technical support is good from Imperva Web Application Firewall.

Which solution did I use previously and why did I switch?

I have used another solution previously which was good. However, Imperva Web Application Firewall had more features.

How was the initial setup?

The deployment of the Imperva Web Application Firewall is simple. However, it is not very user-friendly. It would be a benefit because the customers would have a better time with the installation.

What about the implementation team?

I did the implementation Imperva Web Application Firewall myself and it took approximately three days.

What's my experience with pricing, setup cost, and licensing?

Imperva Web Application Firewall price is higher compared to other solutions. However, everything is included in the price.

What other advice do I have?

I do the maintenance and upgrades of the solution if it requires it. I would recommend this solution to everyone. 

I rate Imperva Web Application Firewall a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
GA Consultant Cyber Security at a tech services company with 51-200 employees
Real User
Suits large enterprises, supports different application sources, and provides tight control
Pros and Cons
  • "Configuration for different application sources is most valuable. We can segregate the traffic that an application is carrying and identify the sizing in Imperva."
  • "It should be more user-friendly. Like other web solutions, it would be helpful to be able to easily do policy configuration and identification inside the application. Understanding the in-depth configuration of a policy is somewhat difficult for an engineer, and they can improve that."

What is our primary use case?

We have an Akamai cloud-based solution for it. We have an in-house customer, and they have their own Akamai cloud for WAF. As a solution provider, we are working with their private Akamai WAF. 

What is most valuable?

Configuration for different application sources is most valuable. We can segregate the traffic that an application is carrying and identify the sizing in Imperva.

It is quite proficient in terms of logs reports, and it provides tight control for policy configuration. So, there can't be any unwanted applications on the internal LAN site. It is quite restrictive, which is a plus point. The sizing of an application is quite easy to understand while we are configuring and deploying Imperva.

What needs improvement?

It should be more user-friendly. Like other web solutions, it would be helpful to be able to easily do policy configuration and identification inside the application. Understanding the in-depth configuration of a policy is somewhat difficult for an engineer, and they can improve that. 

For how long have I used the solution?

I have about two to three years of experience with Imperva. I'm working as a GA consultant for cybersecurity and information security. I'm working on different security solutions such as WAF, IAM, DDoS, Azure firewall proxy, and antivirus. I work with different customers, and I also do the architecture review or assessment.

What do I think about the stability of the solution?

Its stability is quite good. It is not at all an issue. 

It is also quite good performance-wise. We are confident about its performance.

What do I think about the scalability of the solution?

It is for large-scale enterprises where the traffic is huge, and there are many internet-facing applications, which is a plus point of Imperva.

We don't have the HA mode for the respective solution in Imperva, which has to be there when we have the DC and DR locations. We can activate only one solution at DC, but while we are conducting the drills between DC and DR, it is quite difficult to import all the configurations at the DR location in Imperva. It takes time.

How are customer service and support?

Their support is good. It is not an issue. Whenever we have any questions or concerns, we're getting an appropriate solution for our queries. 

Some of the clients have had direct support from Imperva, and some of the clients had a third-party vendor. We also get support from a local Imperva employee. When I was working for a bank, there was good support from this person who was working with Imperva. 

How was the initial setup?

The support for the setup is very good from the provider, but it can be difficult for an engineer to have an in-depth understanding of the configuration of a policy for an application.

What other advice do I have?

I would rate it an eight out of 10.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Sr. Consultant at a tech services company with 51-200 employees
Consultant
Scan policies allow us to group multiple targets and standardize our database scanning. Technical support is probably the biggest drawback.

What is most valuable?

The most valuable feature is the grouping of multiple targets via the scan policy. It is valuable because of the large number of targets and governmental requirements to conduct periodic scans.

How has it helped my organization?

With acquisition of a license to use the product, we received the ability to standardize database scanning and data protection across the enterprise around one product.

What needs improvement?

Many features are buried under not-straight-forward options and, at times, hard to find screens. Very few import features have clearly defined format requirements. Agent installation for data usage/blocking activities on target boxes requires the involvement of OS admins and DBA’s, which complicates coordination of installation and delays implementation. The discovery feature does not accurately discover the instances and instead identifies auxiliary end points (SQL – 1434) and TCP listeners (Oracle – 1521).

For how long have I used the solution?

I’ve used and administered Imperva SecureSphere for 2 years.

What do I think about the stability of the solution?

Periodically, the site stops functioning and the appliance requires a reboot to restore functionality.

What do I think about the scalability of the solution?

Scalability capabilities are well thought through by product development. Installation of additional MX servers and gateways on remote networks ensures coverage of scanning and data usage monitoring/data protection capabilities.

How are customer service and technical support?

Technical support is probably the biggest drawback. No contact with technical support ever results in an immediate response and the solution is usually preceded with series of emails, going on for up to a week, before a live person gets on the phone. But, even then, their task is to observe the manifestation of the problem and request a collection of additional information (logs, traces, etc.) without any attempt to solve the problem during the call/WebEx session. Their technical support staff has at most two or three engineers that have a good working knowledge of the product, but most of the time, a level one technician is running the case. When support staff finally gets on the phone, their first statement is a disclaimer that they are on the call ONLY to collect information and that the customer should not expect any resolution.

This pattern of providing technical support greatly differs from what IBM offers for their Guardium product (competitor solution).

Which solution did I use previously and why did I switch?

We attempted to use several previous solutions. One was Tenable SecurityCenter with its custom, XML-like scripting where each check had to be written by the Database Security Specialist (myself). We also attempted to use AppDetectivePRO, though its performance, lack of customization, scalability, and licensing costs prevented us from continuing with it.

How was the initial setup?

The setup is very straightforward considering that it’s either a physical or virtual (OVF template) appliance. The wizard-like initial setup and configuration are somewhat awkward, but can be completed after reviewing the instructional videos available to the customers.

What's my experience with pricing, setup cost, and licensing?

Licensing should be chosen based on the current infrastructure setup and growth plans. Purchasing appliances of different types may lead to unnecessary/unjustified expenditures and ultimately lead to complications in administration.

Which other solutions did I evaluate?

The product that was evaluated and was chosen as the recommendation was IBM Guardium. Unfortunately, its licensing cost was a lot higher. Therefore, the management decided not to proceed with the purchase.

What other advice do I have?

Be prepared to obtain every piece of documentation that comes with the product. Thoroughly research it to obtain a clear understanding of how to implement the product and ensure you have a dedicated Imperva first-response engineer that can answer your questions without going through a normal support channel. Be patient when encountering a bug or a feature failure, as well as discrepancies between the product interface and/or behavior with the accompanied documentation. Their support is not prepared to jump in and start working on a fix or update the documentation.

In many cases, the documentation remains outdated referring to old releases regardless how long you’ve been asking for an update. Their instructional videos are also out of date, but references to them are consistently sent by their support whenever you may have a question. And finally, thoroughly document your deployment and license-related information, because every email to technical support is responded with an automated reply requesting this information. Not replying to this automated email with correct info will lead to further delays.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
it_user577338 - PeerSpot reviewer
it_user577338Sr. Consultant at a tech services company with 51-200 employees
Consultant

A much more mature product in this regard is BeyondInsight. Highly customizable and flexible when it comes to scanning.

Specialist Engineer at Entel Networks S.A
Reseller
Valuable compliance features and has good stability
Pros and Cons
  • "The compliance is the most valuable aspect."
  • "It's a complicated tool to keep."

What is our primary use case?

The primary use was to cover the database. Imperva we recognized on the market as the best solution for techs on databases. The banks here in Chile always ask for these types of solutions.

What is most valuable?

The compliance is the most valuable aspect.

What needs improvement?

I just need it to be a stable and normal version. I'd want to hear about the new features to see which I would need.

For how long have I used the solution?

I've been using the solution for 2 years.

What do I think about the stability of the solution?

I find this solution stable. We have 2,000 users in financial services.

What do I think about the scalability of the solution?

The solution is scalable.

How was the initial setup?

The setup initially was simple, but when we tried to run it we had problems with the log parameters and it was complicated to use. The operation was complicated to use, but that is just the experience of my team. It took two months to deploy. The setup and installation of the technologies took one week, and after that, one month to set up the parameters and after that, in order to set up the logs, it took about two weeks. So two months total. We have three engineers, including an architect and a security engineer. We also had a fourth engineer that knew the application.

What's my experience with pricing, setup cost, and licensing?

We have a yearly license, but I'm unsure of the pricing.

Which other solutions did I evaluate?

We didn't evaluate other options, just Imperva.

What other advice do I have?

I would rate the solution as an 8 out of 10, simply because of the difficulty of operation management. It's a complicated tool to keep.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
Buyer's Guide
Download our free Imperva Web Application Firewall Report and get advice and tips from experienced pros sharing their opinions.
Updated: December 2024
Buyer's Guide
Download our free Imperva Web Application Firewall Report and get advice and tips from experienced pros sharing their opinions.