We performed a comparison between AWS WAF and Imperva DDoS based on real PeerSpot user reviews.
Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product's initial setup phase was very simple."
"We preferred the product based on its cost. AWS WAF is an out-of-the-box solution and integrates with the AWS services that we use. It's natively integrated with AWS."
"It is Amazon. Everything is scalable. It is beyond what we need."
"The most valuable feature is the addition of managed tools that help us create customizable rules. In case we want to block a particular request, we can make use of those rules."
"We can host any DB or application on the solution."
"The stability of AWS WAF is valuable."
"The most valuable features of AWS WAF are its cloud-native and on-demand."
"The tool’s stability is very good."
"On the site security, I can see which countries have incidents, whether it was a robot attack, a real human user, or non-human user."
"It blocks all types of attacks."
"The solution has a very good interface."
"The solution's most valuable aspect is that it is easy to configure."
"The dashboard is good and user-friendly."
"Technical support was very helpful."
"IncapRules is one of the most valuable features, as you can create your own security and access control rules on top of your security policy. Using IncapRules we were able to easily block Layer 7 DDoS attacks several times."
"Gives us the ability to trace each connection, and to have logs to be able to differentiate between a positive and a false-positive intruder action."
"The product should improve the DDoS-related features."
"It would be better if AWS WAF were more flexible. For example, if you take a third-party WAF like Imperva, they maintain the rule set, and these rule sets are constantly updated. They push security insights or new rules into the firewall. However, when it comes to AWS, it has a standard set of rules, and only those sets of rules in the application firewalls trigger alerts, block, and manage traffic. Alternative WAFs have something like bot mitigation or bot control within the WAF, but you don't have such things in AWS WAF. I will say there could have been better bot mitigation plans, there could have been better dealer mitigation plans, and there could be better-updated rule sets for every security issue which arises in web applications. In the next release, I would like to see if AWS WAF could take on DDoS protection within itself rather than being in a stand-alone solution like AWS Shield. I would also like a solution like a bot mitigation."
"AWS WAF should provide better protection to its users, and the security features need to improve."
"The technical support does not respond to bugs in the coding of the product."
"The setup is complicated."
"They have to do more to improve, to innovate more features. They need to increase the security. It has to be more active in detecting threats."
"I would like to see it more tightly integrated with other AWS services."
"The user experience, the interface, is lacking. Sometimes it's hard to find certain areas that it has alerted on."
"It needs to be improved every time there are new attacks."
"The salespeople tend to exaggerate its capabilities, which can cost you money if you don't verify the information."
"We had an issue when securing the web applications for DDoS protection."
"Analytics in the area of risk need to be improved to supply more information to the users for creating better environments."
"The weakest point of Imperva is their first level of support, which should be improved. They should also improve the access and security logs viewing directly on the portal. I would like to see better access and security logs through the portal and not only through a SIM solution. Currently, if you want to explore your access and security logs from Imperva, you need a SIM tool or a SIM infrastructure on your side to do it. You can't do it manually or directly through the portal, which is a big problem for us. I had a call yesterday with Imperva for the roadmap, and I just told them this. They agreed that this is an improvement point from their side."
"Its price could be improved. It is quite expensive. It will be good if we could export the configuration. Currently, to control the configuration, we need to go to each website, which is not very convenient."
"The log analytics interface within Incapsula isn't really good. For example, if you have to get all logs from there, it's a very cumbersome process."
"We would like them to hire people in Sweden because it's quite hard when people are sitting in the UK or Belgium because some of the customers really want them to be local."
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Imperva DDoS is ranked 18th in Web Application Firewall (WAF) with 74 reviews. AWS WAF is rated 8.0, while Imperva DDoS is rated 8.8. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Imperva DDoS writes "I like the content monitoring feature which I haven't seen in other WAF solutions". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, F5 Advanced WAF, Imperva Web Application Firewall and F5 Silverline Managed Services, whereas Imperva DDoS is most compared with Cloudflare, Akamai, Arbor DDoS, Radware DefensePro and Fastly. See our AWS WAF vs. Imperva DDoS report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.