Share your experience using CacheFly

My main use case for Imperva Application Security Platform is protecting public-facing websites, and I primarily used Imperva for the web application firewall, which was the principal use case for us.

I recall a time when Imperva's Web Application Firewall helped us detect threats and protect against specific attacks. We used it in a large banking group to avoid and detect threats and protect against OWASP Top 10 vulnerabilities in web application security. This helped us significantly in detecting those vulnerabilities while using custom rules in WAF, making it a very effective use case for our web applications.

In addition to that, we were using Imperva WAF for bot detection and DDoS attacks. We tweaked the firewall rules and added rate-limiting rules to help manage DDoS attacks to a certain level.

What I found most effective about Imperva's WAF is that it has predefined rules covering many use cases, including compliance rules for PCI DSS and local country compliance. The customized rules based on application threats proved to be very useful, along with a good dashboard that, although somewhat complicated for beginners, becomes easy to manage at an expert level with good API integration and effective threat intelligence to detect threats.

After discussing the WAF, I believe Imperva has made significant advancements in its Cloud WAF offerings, which can now effectively protect against bot and DDoS attacks. This showcases a good advantage of being part of the Thales cybersecurity group while expanding its product range in the Cloud WAF space.

Imperva Application Security Platform has positively impacted my organization by providing strong protection for web applications, as many big companies in the UK use Imperva WAF as an essential protection layer, illustrating its effectiveness.

To improve Imperva Application Security Platform, there is a necessity for enhancement in the threat layer, especially regarding DDoS protection and geographical DDoS attacks. Additionally, there is a need for more API integration within the environment, indicating room for improvement in those areas.

I rate this product eight out of ten because I believe there can still be improvements for the WAF, especially in terms of custom rules. I suggest that more rules could be added to the system instead of relying on SMEs for customization. The hardware being more expensive compared to other vendors poses a challenge, along with a need for improvement in the cloud WAF offerings.

I have been using Imperva Application Security Platform for nearly five to six years. I first used it in a large banking group before I joined my current company, where I used both the Imperva on-premise devices and Imperva Cloud.

In my experience, Imperva Application Security Platform is stable.

Regarding scalability, it is good in the cloud but not very strong for on-premise installations.

The customer support from Imperva has been great, with a single point of contact who catered to our company's needs effectively.

We did not use a different solution before adopting Imperva Application Security Platform.

We purchased Imperva Application Security Platform through a partner.

Although it is difficult to quantify the return on investment in monetary terms given that we cannot translate threats into monetary values, the use of Imperva was driven by compliance reasons and resulted in fewer incidents.

My experience with pricing, setup costs, and licensing has shown that the setup cost was high, with the hardware installation in the data center being particularly expensive. Additionally, the cost associated with the appliances used to load balance application traffic resulted in expensive licensing and a need for frequent license rotation. Configuring both hardware and software has also proven to be time-consuming and costly.

Before choosing Imperva Application Security Platform, we evaluated F5 as a WAF solution and also considered Cloudflare.

Although it is difficult to measure the success in commercial or monetary terms, we found that we could manage more threats within the environment, with Imperva flagging threats coming from the internet, resulting in few incidents. This illustrates how Imperva helped us.

I would highly recommend others to consider using Imperva Application Security Platform, and I rate this product eight out of ten.

Fastly serves as an Edge Cloud platform and CDN that we use for real-time Edge Caching and instant caching purging, allowing us to update data globally within seconds. It sits between our enterprise users and backend servers, caching content, specifically candidate data, so we do not need to load that data every time.

Fastly's caching and purging significantly improve our application performance and security by caching and delivering content from Edge locations closer to users, optimizing performance for our high traffic web app by caching static assets like candidate data and API responses at the Edge locations. When we call an API from the backend while requesting a page with candidate data, we initially store it in the Edge location after the first call, and subsequent calls use the cached content, blocking malicious traffic and filtering requests before they reach our servers.

We also use Fastly for cache purging to instantly update content across all Edge nodes, significantly reducing page load time, backend traffic, and improving the experience for our global users, especially in the European regions.

The best feature that Fastly offers is the Edge location, which reduces latency, making our applications work smoother because we do not have to constantly call the backend. Real-time Edge Caching is crucial for us as it enables efficient data retrieval without constant queries, while instant cache purging and powerful Edge computing capabilities instantly update data across all Edge nodes, reflecting changes globally in seconds.

Edge computing is excellent because it runs code closer to the user, utilizing WebAssembly for fast execution, and stands out with microsecond startup time, eliminating the need to hit backend APIs for logic execution. The key point is the secure, fast execution within microseconds.

Fastly positively impacts our organization by enhancing our application's performance through observability and Edge computing capability, as we needed to get data quickly, reducing latency for millions of users in European regions. We observed a 30 to 50% reduction in response time and a significant reduction in backend load of 40 to 60%, improving visibility through a real-time dashboard for monitoring traffic, errors, and performance.

We measure the 50% reduction in response time by checking the P95, where we assess how quickly 95% of APIs respond, after implementing Edge locations and caching data closer to users. Initially, we faced load time issues, but after deploying Fastly and optimizing our queries, we achieved a response time cut to less than 1 millisecond from an initial 3 to 4 seconds. We utilized a tool starting with S, specifically Sentry, to track API response times.

Fastly can be improved in certain areas such as VCL, which is powerful but has a steep learning curve for normal users. A more user-friendly, UI-based configuration could simplify the experience, alongside better templates for common use cases and dashboard improvements, as the current dashboard feels complex for beginners, and pricing can be hard to predict for smaller companies.

I chose 8 out of 10 because it has excellent performance and low latency delivery, making it suitable for larger applications, with strong Edge Caching and instant purging capabilities. However, VCL complexity and pricing predictability, especially for smaller companies, along with a user-friendly dashboard are areas impacting my score.

I have been currently working in my field for three years.

Fastly is quite stable according to my experience, being highly reliable for enterprise-scale applications with high uptime guarantees and strong global infrastructure, though no service can be 100% immune to outages.

Scalability-wise, Fastly proves very scalable, having supported our growth from 10,000 to 1 lakh users, seamlessly handling massive traffic without requiring backend changes due to its globally distributed Edge network and stateless API-driven design.

We have not needed customer support so far, but the 24/7 helpline is excellent for addressing critical issues, demonstrating the team's technical expertise in CDN and Edge architecture.

Previously, we used Cloudflare, which provided similar CDN and security features but lacked the Edge computing capabilities we needed. Fastly offers the performance and control we want over caching logic, whereas Cloudflare simplified setups but did not meet our growing performance requirements.

We purchased Fastly through the AWS Marketplace.

We see a clear return on investment with Fastly, mainly through improved performance, reduced infrastructure cost, and better user experience, realizing a 30 to 50% reduction in latency and page load time, ensuring users experience a seamless workflow, while reducing infrastructure costs by 40 to 60% because Edge Caching minimizes backend traffic, resulting in lower computing costs.

The pricing of Fastly can be hard to predict because it is primarily usage-based with minimal setup costs and flexible licensing. It operates on a pay-as-you-go structure, but costs scale with traffic, requiring monitoring to avoid unexpected spikes based on data transfers and the number of requests handled. Setup costs are low since no infrastructure needs provisioning, mainly focusing on DNS configurations, cache rules, and origin integration, with customized pricing for our enterprise needs including SLAs and support.

Before choosing Fastly, we evaluated Cloudflare, valuing its all-in-one solution for global coverage and security, but as we scaled, we found Fastly better suited our needs for more control over caching logic.

I advise others considering Fastly that if their application plans to grow significantly without increasing backend servers, this structure is very appropriate, making it ideal for startups building applications to enhance bandwidth over the years. I gave this product a rating of 8 out of 10.