Try our new research platform with insights from 80,000+ expert users

Barracuda Web Application Firewall vs HAProxy vs Imperva DDoS comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Mindshare comparison

Web Application Firewall (WAF)
Application Delivery Controllers (ADC)
Distributed Denial-of-Service (DDoS) Protection
 

Featured Reviews

Anne-Aimee Wollerich - PeerSpot reviewer
Managing bot traffic effectively enhances usability for non-technical users
Barracuda Web Application Firewall ( /products/barracuda-web-application-firewall-reviews ) lacks some of the more specified and structured features offered by solutions like Tenable. Although Tenable is more expensive and less easily deployable, its features are more deepened and chiseled, particularly for IT personnel. For example, Tenable provides more comprehensive dark web scanning capabilities, which Barracuda could improve upon.
Kaushlendra Singh - PeerSpot reviewer
Used for load balancing, but its dashboard and reporting could be improved
We use the solution for load balancing The solution's implementation and troubleshooting are not easy. The solution's dashboards and reports could be improved. I have been using HAProxy for 12 years. We didn’t face any issues with the solution’s stability. I rate the solution’s stability an…
DerrickAkankwasa - PeerSpot reviewer
Provide DDoS protection and better security at effective rate
It is expanding its number of data centers for scrubbing traffic. Currently, there is only one POP for cleaning in South Africa. They might add another POP in North Africa, possibly in Nigeria or Egypt. Latency concerns customers, especially in regions like East and West Africa, where traffic has to travel to South Africa before returning. Increasing the number of POPs across the continent would help address these latency issues and improve overall service. While the platform is already quite strong, there’s always room for improvement, especially in keeping up with emerging trends and new types of attacks. Enhancing security capabilities could be beneficial. Integrating more advanced AI features could significantly improve its effectiveness and help customers leverage these tools more effectively. It would be great to see more focus on AI integration to handle and analyze data more efficiently.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We run it with no downtime, because it has good support."
"The most valuable feature of this solution is the simplicity of configuration."
"Some of the most valuable features are the ease of deployment, the Barracuda support, the easy-to-use console, and the granularity of the reports."
"The most valuable feature is the ease of use and the signature base."
"The product's advanced bot and threat protection capabilities are valuable."
"We only need one subscription to be protected against both active DDoS and offline DDoS attacks."
"The updating and signature features are my primary use case for the solution. These features are beneficial to my organization."
"This product gives us visibility into what is going on in two servers, including connections and sessions, real-time alerts, very good reporting, and KPIs. It makes managing security of a critical server very easy, with a friendly GUI."
"It improves our scalability and responsiveness services to meet our demanding customer requirements."
"I can't speak to all of the HAProxy features because we don't use them all, but load balancing is very good."
"The features I find valuable in this solution are session control which automatically disconnects users that forget to log off, and the ability to write rules to either allow or block certain file requests."
"Stability is number one."
"Load balancing is valuable, and we are also using the WAF feature."
"The most valuable thing for me is TCP/IP Layer 4 stuff you can do with HAProxy. You can go down to the protocol level and make decisions on something."
"The feature that I have found the most valuable is that it works for my use case of application load balancing. I'm using it for PeerSense, and it's easy enough for PeerSense."
"The anti-DDOS PacketShield filtering solution (embedded in the physical appliances) as well as the BGP route injection are great features and heavily used."
"IncapRules is one of the most valuable features, as you can create your own security and access control rules on top of your security policy. Using IncapRules we were able to easily block Layer 7 DDoS attacks several times."
"Integration with IBM AS/400 and Db2 is okay."
"Simplifies putting everything in code."
"Technical support was very helpful."
"​Technical support provides good, quick responses."
"Setup was straightforward, very simple. I only entered the domain and Incapsula returned the DNS data that I needed to change for the protection to be configured."
"The solution has a very good interface."
"It is a stable solution."
 

Cons

"The solution needs to leverage some additional features to a broader scale of software-defined networks."
"There's potential for improvement in the platform's CMS integration."
"There are issues when upgrading firewalls and we experience different issues across customers."
"They could improve their performance, support, and their upgrades. Their updates used to be good. Their improvements were right on the money but nowadays, the updates are minor."
"An area for improvement in Barracuda Web Application Firewall is attack identification. Other banks identified attacks and tracked logs that the solution wasn't able to identify because of its ready-made rules pre-deployed by the vendor. My organization raised this issue with the technical support team. Another area to improve in Barracuda Web Application Firewall is its service desk. The team resorted to stonewalling because they couldn't accept that a feature was missing in the solution, and it was only after a lot of drilling down that the service desk team accepted that, and would be adding that feature in the future. My organization had to submit a report to the Reserve Bank of India with information on the logs identified and the attacks that happened, and that there was a failure on the part of the Barracuda Web Application Firewall. The Reserve Bank of India conducts a tri-monthly cyber risk audit in all Indian banks. Even smaller banks identified and caught attacks that my organization wasn't able to do, so I was looking into other solutions that competitor banks could be using because Barracuda Web Application Firewall failed to identify some of the attacks."
"I would like to see an improved capacity to store logs so that they will be available for a longer time."
"The incident reporting needs to be improved."
"They should improve their features, so they easily compare to the competition."
"Dynamic update API. More things should be possible to be configured during runtime."
"HAProxy is very weak in the logging and monitoring part and requires improvement."
"The basic clustering is not usable in our very specific setup. The clustering is mainly a configuration replication and is great in a case of active-passive usage. In the case of an active-active (or with more than two nodes) where the configuration is not fully identical, it cannot be used as-is."
"There are three main areas to improve: 1) Make remote management more modern by adding API. 2) Propose a general HA ​solution for HAProxy (no I'm using keepalived for this). 3) Thread option should be a bit more stable."
"​It needs proper HTTP/2 support.​"
"Improving the documentation with multiple examples and scenarios would be beneficial. Most users encounter similar situations, so having a variety of scenarios readily available on the tool's website would be helpful. For instance, if I were part of the HAProxy team, I'd create a webpage with different scenarios and provide files for each scenario. This way, users wouldn't have to start from scratch every time."
"Pricing, monitoring, and reports can be improved."
"The configuration should be more friendly, perhaps with a Web interface. For example, I work with the ClusterControl product for Severalnines, and we have a Web interface to deploy the HAProxy load-balancer."
"I am not sure if this application has a policy where you can create your custom policy and run it as our firewall. We should have some ability to also create some custom policy, then run it as a firewall."
"We had an issue when securing the web applications for DDoS protection."
"The solution needs to improve Integration with third parties for their on-prem deployment models. The integration is not that good yet."
"The salespeople tend to exaggerate its capabilities, which can cost you money if you don't verify the information."
"The product could use a broader scope in the area of policies."
"We would like them to hire people in Sweden because it's quite hard when people are sitting in the UK or Belgium because some of the customers really want them to be local."
"I miss being able to integrate the dashboard with other BI tools we are using. We have to export and import data to be able to present it, and doing so is a lot of work."
"Pricing can be improved, as it is quite expensive."
 

Pricing and Cost Advice

"They have competitive pricing."
"For small companies, the price is very expensive because the WAF is an enterprise-level application, not intended for smaller businesses. In my opinion, the price is right for enterprise-level use."
"The price of this solution is okay."
"The product is inexpensive."
"The pricing is reasonable."
"The solution is based on a licensing model and might be $360 for the hybrid version."
"Barracuda costs us $8,000 per year. Barracuda costs $20,000 for a full subscription, when you try to protect multi-site infrastructure, in different geographical zones and for different data centers. If you have only one site, Barracuda will be cheaper."
"The product pricing was competitive for the value it offers regarding security features."
"Very good value for the money. One of the simplest licensing schemes in this category of products."
"We are using HAProxy as an open-source."
"The tool is open-source."
"It is free of cost."
"When it comes to pricing HAProxy is free."
"HAProxy is free software. There are optional paid products (support/appliances)."
"The product is open source."
"HAProxy is free in the initial offer. However, pricing can be improved."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a five out of ten."
"Pricing could be more competitive."
"The data packages are higher than our needs so we end up paying for data that we don't use."
"It is expensive."
"The cost is somewhere around $10,000 a site. For every site, you pay individually. For every DNS entry, you have you pay."
"It is not expensive compared to the other similar solutions in this category."
"The solution's price is high for small companies."
"Imperva charges us based on bandwidth, which is better than other vendors that charge us according to data transfer."
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
857,162 professionals have used our research since 2012.
 

Comparison Review

it_user68487 - PeerSpot reviewer
Nov 6, 2013
CloudFlare vs Incapsula: Web Application Firewall
CloudFlare vs Incapsula: Round 2 Web Application Firewall Comparative Penetration Testing Analysis Report v1.0 Summary This document contains the results of a second comparative penetration test conducted by a team of security specialists at Zero Science Lab against two cloud-based Web…
 

Top Industries

By visitors reading reviews
Computer Software Company
20%
Financial Services Firm
10%
Educational Organization
6%
Government
6%
Computer Software Company
19%
Financial Services Firm
11%
Government
8%
Manufacturing Company
7%
Financial Services Firm
16%
Computer Software Company
14%
Manufacturing Company
8%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Barracuda Web Application Firewall?
It significantly improved our overall web security posture, addressing intrusions and enhancing control over web URLs...
What is your primary use case for Barracuda Web Application Firewall?
Our primary use case was to track the traffic on websites or webshops to identify potential malicious actors, such as...
What is your experience regarding pricing and costs for Barracuda Web Application Firewall?
The pricing for Barracuda is quite high compared to other OEMs. Each transaction requires my purchase team to negotia...
Do you recommend HAProxy?
I do recommend HAProxy for more simple applications or for companies with a low budget, since HAProxy is a free, open...
What do you like most about HAProxy?
The solution is effective in managing our traffic.
What do you like most about Imperva Incapsula?
We use Imperva DDoS to stop DDoS attacks and reduce the amount of unwanted queries against web services or web scraping.
What is your experience regarding pricing and costs for Imperva DDoS?
The pricing is rated a ten on a scale where ten is very expensive. The solution is only cloud-based and does not prov...
What needs improvement with Imperva DDoS?
Pricing can be improved, as it is quite expensive. Additionally, support response times for emails can sometimes be d...
 

Also Known As

No data available
HAProxy Community Edition, HAProxy Enterprise Edition, HAPEE
Imperva Incapsula
 

Overview

 

Sample Customers

Oracle, CBS, Pioneer, Hyundai, Publix, Barnes Noble, Calzedonia, Nordstrom, Samsung, Nascar
Booking.com, GitHub, Reddit, StackOverflow, Tumblr, Vimeo, Yelp
Hitachi, BNZ, Bitstamp, Moz, InnoGames, BTCChina, Wix, LivePerson, Zillow and more.
Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF). Updated: June 2025.
857,162 professionals have used our research since 2012.