Share your experience using CacheFly

My main use case is regarding API Security, specifically trying to do some schema enforcement. I would say that is my main use case, so having to make sure the schema enforcement is done and also some DDoS protection in the aspect of web application firewalls and making sure DDoS protection is done also for bot protection, as well as some of the use cases I have had in recent projects.

In a recent project, we had one of our clients, a major financial institution in Eastern Europe. They were trying to resolve some issues with bots having access to some tangible data in their application. They had an external firewall they were using, but it was not backing up whatever alerts that needed to be obtained to make sure things are well secured. We came in and configured Imperva Application Security Platform on the web application. We made sure the DDoS protection feature was activated, so the admin is also alerted to whatever attack is coming in and then they are able to do the right measures to make sure it is stopped.

Some of the best features are the policy tuning, where you are able to tune policies the right way without stress or much hassle. The DDoS protection, the OWASP Top 10 feature, and the bot protection feature are also excellent. The API security feature is particularly valuable because most attackers do not try to come in from where it is expected. Most attackers attack the API that is being used on a platform.

The policy tuning is one of the easiest features that I know. Once you are trying to customize a policy, you just need to understand what kind of policy you are trying to customize, go through the right place from the security to policies, then create a policy. For example, you might be trying to set a policy to make sure that it does not save credit cards on a particular platform or website. That is basically one of the simplest ways of ensuring policy tuning works fine. It is one of the easiest features and I believe it has done a great deal for me in the aspect of operating Imperva Application Security Platform.

From my research regarding the IAM space that Imperva Application Security Platform is trying to look into, I believe they still need to do a lot of modeling and modification to make sure that also helps. There are several competitors in the IAM space, so Imperva would do well if they can do some basic modeling and modifications from my own personal research and my own experience in the IAM space. Alternatively, they could actually just focus on trying to be stronger in the web application space and the database activity monitoring space.

The main reason it is not a perfect ten is regarding support. At times, having to reach the support team takes eight hours to ten hours maximum. There are times when clients could have urgent issues to attend to. The support team could do more by having a faster response rate.

I have been working for over three years in this space.

Imperva Application Security Platform is very stable, very, very stable.

The scalability of Imperva Application Security Platform is easy and well organized, so you can easily upgrade the version of the model you are using. It is easy to always scale to add more users. It is easy to always scale to add more endpoints and apps you are trying to secure.

For the customer support, the reason I rated Imperva nine over ten is basically because of the customer support. They need to work faster on the response time because of issues of urgent replies. They need to work perfectly on the faster response. Overall, it is a good customer experience with them. It has not really been hectic, but they can do better.

We did not use any previous solution regarding that. We were always on Imperva Application Security Platform because Imperva is one of the leading organizations regarding WAF and DAM.

Regarding licensing, it was a smooth experience. I had to reach out to the salesperson at Imperva who helped us with setting up costs and understanding what the client needs, and making sure the pricing and licensing is done. Licensing is always for a year. There are times when most of our clients do not actually remember where they do their licensing. The licensing certificate helps to understand the date and then gives the client the proper time to renew when necessary.

I was able to save over seven million dollars last year as return on investment in the company. Regarding fewer employees needed, we are able to employ more hands because we were one of the organizations that actually brought Imperva to Africa. We needed more Imperva engineers and from the way it is, Imperva engineers have not been that much in Africa. Training new employees and making sure they are attended to with Imperva is also an issue that we are trying to resolve in Africa.

We have noticed faster response times and fewer security alerts because after doing some custom policy tuning, everything seemed to be aligned and we have fewer attacks to monitor and fewer alerts to monitor. It was possible where we were able to integrate a SIEM solution that we were using with Imperva Application Security Platform. That is one of the features I enjoy about Imperva. You can stimulate and integrate whatever SIEM platform you are using to Imperva. Imperva sends over the logs and alerts to the SIEM, so it is easier for the blue team of your organization to read the alert and provide adequate measures to stop whatever is happening in the enterprise.

We evaluated Trendis and we also evaluated Check Point.

My basic advice would be to make your evaluations properly. It is okay to do demos as much as you can to fully see if it is going to work with whatever challenges you are trying to solve. I believe in thorough and proper evaluation of solutions. I can give a solid approval of Imperva Application Security Platform because it has really done a lot in helping my clients and giving them the best. Imperva is one of the best, if not the best. Almost every feature in Imperva Application Security Platform works really fine and it is what enterprises are battling, and what Imperva does in shaping the security culture of the digital world. Overall, I am going to rate Imperva Application Security Platform a nine out of ten, being one of the leading solution providers in the WAF space and the DAM space.

Hybrid Cloud

Amazon Web Services (AWS)

We are using Cloudflare for our DNS needs as well as for our WAF and security needs. We are hosting our main website on Cloudflare, managing all of our A records and MX records within Cloudflare, and we have created many security rules on Cloudflare to mitigate rate limiting and bot mitigation.

The best feature Cloudflare has is the CDN; the CDN is very good, and the cache feature is also good. We are really enjoying their WAF and bot mitigation feature.

With the CDN, it has increased the loading speed quite a lot, and with the cache, the websites are loading quite well.

Cloudflare has positively impacted our organization by giving us flexibility to manage the DNS part, being quite fast, and allowing us to manage everything from a single dashboard, which is quite handy. Since we can add multiple admins to the dashboard, it has become quite beneficial, and we are quite happy to use Cloudflare.

I think Cloudflare is already quite good; I do not feel any issues with Cloudflare at this time, as everything seems to be working fine. The dashboard is quite nice, the features are quite good, and it is quite easy to use.

The dashboard could be improved a bit to provide us with more insight about the security threats and alerts, and the email notification could also be improved.

In my current field, I have been working for over 15 years.

In my experience, Cloudflare is stable. Cloudflare's reliability and uptime has met my expectations; it has been quite good in general, apart from the recent few downtimes.

Cloudflare's scalability is quite good; it is very easy to scale whenever we want to include multiple domains, and it is very straightforward and easy.

Cloudflare's customer support is good; although we have not opened many cases, their customer support has been good whenever needed.

We did try using other solutions before Cloudflare, but at the end of the day, we were unable to replace Cloudflare with any other solution. Before choosing Cloudflare, we did evaluate other options, such as F5 Distributed Cloud and on-premises solutions, such as Akamai.

At this time, we are not integrating Cloudflare with any other solution, and since I have not used the integration capabilities, I do not have considerable insight about that feature.

The return on investment for me is significant as time is the critical aspect. Cloudflare does save time, and the time savings is the only thing I would like to add, as it saves a great deal of time.

The pricing, setup cost, and licensing for Cloudflare are a bit on the higher side overall.

The learning curve for new users adopting Cloudflare in my organization is quite good; it is a quite easy solution to learn with no difficult things, and the interface is quite user-friendly.

Cloudflare handles compliance and regulatory requirements for our organization by having all of the required compliances. We are using ISO 27001, which Cloudflare is also certified.

I find Cloudflare's documentation and resources very helpful, as we often use those documents to fine-tune our services and learn new features.

I feel that our environment is quite secure with Cloudflare in place; we have not faced any issues in the past, and we feel it is quite safe.

My advice to others looking into using Cloudflare is that it is quite easy to use, with an intuitive interface, a good learning curve, and good usability. I would rate this review a 9 out of 10.

Public Cloud

Microsoft Azure