Imperva and AWS WAF compete in the cybersecurity category, specifically addressing DDoS attacks. Based on user reviews, AWS WAF is seen as superior in features, making it more appealing despite higher costs, while Imperva is favored for its pricing and support.
Features: Imperva provides comprehensive DDoS protection with a robust WAF, including SQL injection prevention and bot attack recognition, supported by global distributed nodes for excellent DDoS protection and detailed traffic analysis. AWS WAF offers integration with AWS services, customizable rules, and ease of use, with layered defenses against web threats that best serve AWS environments.
Room for Improvement: Imperva DDoS could improve its limited first-level support, high-cost add-ons, and real-time insights. AWS WAF can enhance its automation and logging processes, improve integration with non-AWS services, and expand its attack protection features.
Ease of Deployment and Customer Service: Imperva, primarily operating in a public cloud environment, is noted for mixed support reviews, including issues with response times and transparency. AWS WAF, focused on public cloud applications, is praised for responsive support but could improve documentation and management of complex cases.
Pricing and ROI: Imperva is cost-effective in high traffic scenarios but considered expensive by some users. Its ROI is lower unless facing frequent attacks. AWS WAF's pay-as-you-go model is cost-effective for cloud-native applications but may be price-sensitive for high-traffic environments. Imperva offers robust protection, while AWS WAF provides scalable, integrated cybersecurity for AWS users.
Resolving issues can take time because the support personnel may lack product expertise, leading to delays.
In terms of reliability, I would rate AWS WAF about six out of ten due to the need for improved signature sets.
Compared to firewalls, WAFs generally provide limited stateful analysis capabilities.
Features like bot protection or DDoS mitigation, available with other WAF vendors, do not come natively with AWS WAF.
Due to our status as an AWS shop, AWS WAF is cost-effective for us, and we benefit from discounts due to our extensive use of AWS services.
I switched from other vendors to prioritize AWS WAF for better control within our infrastructure.
AWS WAF is not stateful, it offers a time-saving solution with its custom rulesets that enhance security and simplify management.
AWS Web Application Firewall (WAF) is a firewall security system that monitors incoming and outgoing traffic for applications and websites based on your pre-defined web security rules. AWS WAF defends applications and websites from common Web attacks that could otherwise damage application performance and availability and compromise security.
You can create rules in AWS WAF that can include blocking specific HTTP headers, IP addresses, and URI strings. These rules prevent common web exploits, such as SQL injection or cross-site scripting. Once defined, new rules are deployed within seconds, and can easily be tracked so you can monitor their effectiveness via real-time insights. These saved metrics include URIs, IP addresses, and geo locations for each request.
AWS WAF Features
Some of the solution's top features include:
Reviews from Real Users
AWS WAF stands out among its competitors for a number of reasons. Two major ones are its user-friendly interface and its integration capabilities.
Kavin K., a security analyst at M2P Fintech, writes, “I believe the most impressive features are integration and ease of use. The best part of AWS WAF is the cloud-native WAF integration. There aren't any hidden deployments or hidden infrastructure which we have to maintain to have AWS WAF. AWS maintains everything; all we have to do is click the button, and WAF will be activated. Any packet coming through the internet will be filtered through.”
Imperva DDoS is a solution that offers protection for web applications and websites and all their associated business-critical data from cyberattacks. The cloud-based application delivery service helps improve user experiences by improving their performance. Through its security platform, Imperva DDoS also provides DDoS mitigation, a web application firewall, and a global load balancer, and includes a content delivery network — all designed to maximize performance.
Imperva DDoS Features
Imperva DDoS has many valuable key features. Some of the most useful ones include:
Imperva DDoS Benefits
There are several benefits to implementing Imperva DDoS. Some of the biggest advantages the solution offers include:
Reviews from Real Users
Below are some reviews and helpful feedback written by Imperva DDoS users.
PeerSpot user, Etienne W., CDN & Cybersecurity Engineer - Web performance & security at CDN Tech / Ecritel, says, “It is a good solution that allows us to protect websites. It is stable, scalable, quick and easy to use.” He goes on to explain, “WAF protection works almost out-of-the-box. The Anti-DDoS mitigation in less than 1s, I saw it many times in production, I can say it works. CDN has high performances, and the Smart Caching mode is really "smart" (you can do some efficient caching even if you're not a specialist). Its unique interface for managing security performance and ease of use are the most valuable features of this solution."
An IT Senior Manager at an outsourcing company mentions, “The most valuable features are DDoS protection. The Incapsula [Imperva DDoS] environment helps us monitor all the web activity. All the web activity is passed through their WAF cloud services, then that can help us to monitor those activities. That can help protect against DDoS hacking.”
Another PeerSpot reviewer, Ben D., Sales Executive at EVVO LABS, comments, "Imperva Incapsula [DDoS] has many valuable features. One, it protects the top 10 OWASP vulnerability, the open web application software platform, this is standard. Secondly, it protects against broken authentication. As well, it has remote execution of code."
A Solutions Architect at a financial services firm states, “The solution's most valuable aspect is that it is easy to configure. The solution keeps itself up to date itself and there's no customization that we need to do. It makes it extremely easy and cuts back on the amount of work required, and saves us on man-hours.”
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
