Try our new research platform with insights from 80,000+ expert users

Barracuda Web Application Firewall vs HAProxy vs Imperva DDoS comparison

The compared Barracuda Networks and HAProxy solutions aren't in the same category. Barracuda Networks is ranked #17 in WAF , with an average rating of 8.4, and holds a 2.0% mindshare in the category. HAProxy is ranked #4 in ADC , with an average rating of 7.6, and holds a 12.3% mindshare. Additionally, 94% of Barracuda Networks users are willing to recommend the solution, compared to 91% of HAProxy users who would recommend it.
Barracuda Web Application F...
Read 44 Barracuda Web Application Firewall reviews
  • 1,527 Views
  • 759 Comparison Views
94% willing to recommend
HAProxy
Read 42 HAProxy reviews
  • 5,812 Views
  • 3,746 Comparison Views
91% willing to recommend
Imperva DDoS
Read 78 Imperva DDoS reviews
  • 1,202 Views
  • 719 Comparison Views
94% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Barracuda Web Application Firewall, HAProxy, and Imperva DDoS based on real PeerSpot user reviews.

Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF).

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Web Application Firewall (WAF) Report (Updated: June 2025).
Buyer's Guide
Web Application Firewall (WAF)
June 2025
Download the complete report
Helped 860,168 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Mindshare comparison

Web Application Firewall (WAF)
Application Delivery Controllers (ADC)
Distributed Denial-of-Service (DDoS) Protection
 

Featured Reviews

Anne-Aimee Wollerich - PeerSpot reviewer
Managing bot traffic effectively enhances usability for non-technical users
Barracuda Web Application Firewall ( /products/barracuda-web-application-firewall-reviews ) lacks some of the more specified and structured features offered by solutions like Tenable. Although Tenable is more expensive and less easily deployable, its features are more deepened and chiseled, particularly for IT personnel. For example, Tenable provides more comprehensive dark web scanning capabilities, which Barracuda could improve upon.
Read full review
Kaushlendra Singh - PeerSpot reviewer
Used for load balancing, but its dashboard and reporting could be improved
We use the solution for load balancing The solution's implementation and troubleshooting are not easy. The solution's dashboards and reports could be improved. I have been using HAProxy for 12 years. We didn’t face any issues with the solution’s stability. I rate the solution’s stability an…
Read full review
DerrickAkankwasa - PeerSpot reviewer
Provide DDoS protection and better security at effective rate
It is expanding its number of data centers for scrubbing traffic. Currently, there is only one POP for cleaning in South Africa. They might add another POP in North Africa, possibly in Nigeria or Egypt. Latency concerns customers, especially in regions like East and West Africa, where traffic has to travel to South Africa before returning. Increasing the number of POPs across the continent would help address these latency issues and improve overall service. While the platform is already quite strong, there’s always room for improvement, especially in keeping up with emerging trends and new types of attacks. Enhancing security capabilities could be beneficial. Integrating more advanced AI features could significantly improve its effectiveness and help customers leverage these tools more effectively. It would be great to see more focus on AI integration to handle and analyze data more efficiently.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Our customers value the solution's simplicity."
"The most valuable feature is the ease of use and the signature base."
"The customer service and support from Barracuda have been excellent."
"Even when we were upgrading to a new OS, we didn't have any difficulties with the product. The stability is good."
"The updating and signature features are my primary use case for the solution. These features are beneficial to my organization."
"Barracuda Web Application Firewall provides optimized performance, a user-friendly environment, helpful dashboards, and is simple to use."
"The most valuable features of Barracuda Web Application Firewall include advanced bot protection, DDoS protection, and addressing the top ten vulnerabilities."
"It's very simple and predictable, because Barracuda provides a vision of the current state of your application. It gives you an understanding of what is happening on your site and any attempts against you at your source. This is the main value that Web Application Firewall provides our company. These aspects are also the main reason for this documentation process."
More Barracuda Web Application Firewall pros
"​It has allowed us to evenly distribute the load across a number of servers, and check their health and automatically react to errors."
"We were able to use HAProxy for round robin with our databases, or for a centralized TCP connection in one host."
"We use it as a load balancer for our application servers."
"The support for all major Linux distros makes running and testing a breeze."
"It solves a problem for me where I can build files, not based on the health of the check, but rather the speed of the check."
"HAProxy Enterprise Edition has been rock solid. We have essentially had no downtime caused by our load balancers in the last 10 months, because they’ve worked so well. Previously, our load balancers caused us multiple hours per year in downtime."
"Advanced traffic rules, including stick tables and ACLs, which allow me to shape traffic while it's load balanced."
"HAProxy potentially has a good return on investment"
More HAProxy pros
"The three-second service level agreement is already better than the competition."
"​Technical support provides good, quick responses."
"There are quite a few useful Imperva Incapsula features. For example, one of them is the reports. The graphics are very good and it's easy to configure. The whole process is very fast and reliable too. They have good tech support as well."
"It is a stable solution."
"This product is a reliable defense from malicious attacks on a network environment."
"On the site security, I can see which countries have incidents, whether it was a robot attack, a real human user, or non-human user."
"They're quite easy to install and quite easy to set up. Clients really like that. Especially when you're dealing with the cloud, it's really easy."
"Real-time monitoring is also a great tool, as you may watch several parameters in real time."
More Imperva DDoS pros
 

Cons

"The usability of the interface could be improved."
"The solution could use more reports."
"The platform's pricing needs improvement."
"There are false positives that I am receiving when compared to other WAFs."
"Sometimes when we put it in action, we have some blogs that appear as false positives. I think that it's improving. Barracuda should minimize false positives."
"As most people are aware, the implementation is not easy."
"I have issues with the load balancing of the solution which is slow. The connection pooling in Barracuda also doesn't work. There is an issue when someone needs access to a site quickly. The issue is with HTTPS services. I am not sure if they have changed all these in the solution’s latest version."
"The policy updates could be improved."
More Barracuda Web Application Firewall cons
"There is room for improvement in HAProxy's dynamic configuration."
"There is no standardized document available. So, any individual has to work from scratch to work it out. If some standard deployment details are available, it would be helpful for people while deploying it. There should be more documentation on the standard deployment."
"Maybe HAProxy could be more modular."
"Dynamic update API. More things should be possible to be configured during runtime."
"The product does not have any new technologies."
"The GUI should be more responsive and show the detailed output of logs."
"​It needs proper HTTP/2 support.​"
"The solution's dashboards and reports could be improved."
More HAProxy cons
"The weakest point of Imperva is their first level of support, which should be improved. They should also improve the access and security logs viewing directly on the portal. I would like to see better access and security logs through the portal and not only through a SIM solution. Currently, if you want to explore your access and security logs from Imperva, you need a SIM tool or a SIM infrastructure on your side to do it. You can't do it manually or directly through the portal, which is a big problem for us. I had a call yesterday with Imperva for the roadmap, and I just told them this. They agreed that this is an improvement point from their side."
"I would like to have support for SSL management and secure DNS."
"Imperva now offers add-ons to add functionality, but I would like to see these included in the product, even if it would cost more."
"We faced issues regarding compliance with client procedures. The client had strict compliance rules, and Imperva needed to be on a VM, while the client required containerization, causing a conflict. They went with Imperva for the on-premise version but shelved the cloud project due to too many blockers."
"Users would benefit from better documentation. There is official documentation, but sometimes we need more detail. We have some use cases that are not so run of the mill. It would be great if there was a knowledge base that we could go to for more answers."
"The rules surrounding the making of web applications could be improved."
"Some maintenance must be performed by our IT team."
"The product could use a broader scope in the area of policies."
More Imperva DDoS cons
 

Pricing and Cost Advice

"Our licensing fees are paid annually and the cost is between €600 and €800 (approximately $665.00 to $885.00 USD)."
"They have competitive pricing."
"The price of the solution is a little expensive. There is a license for this solution and it can be purchased every one, two, or five years."
"The Barracuda Web Application Firewall is quite expensive."
"The product is inexpensive."
"While I would have to check on the price of the solution, I feel it to be okay and it matches the market price."
"Cost is a bit on the higher side. Big companies can afford it."
"The price of this solution is okay."
More Barracuda Web Application Firewall pricing and cost advice
"The only cost is for the image manager, who is responsible for uploading the image, and that is trivial."
"We are using HAProxy as an open-source."
"HAProxy is free in the initial offer. However, pricing can be improved."
"Test/lab virtual machines can be installed without a licence. They can't be used for performance testing but otherwise behave like production nodes."
"I think that the pricing is very fair, I would definitely recommend buying the Enterprise license."
"It is free of cost."
"HAProxy is free open-source software."
"HAProxy is a free open-source solution."
More HAProxy pricing and cost advice
"We have an issue with Imperva Incapsula in the Iraqi market because of the high price."
"Pricing could be more competitive."
"​Although the pricing can be a little high, it is worth the protection and security that it offers.​"
"We are satisfied with the pricing."
"The cost is on par with other solutions such as Cloudflare and Akamai."
"The solution's price is high for small companies."
"The license is on a yearly basis."
"It is a very expensive solution. The price is very high. A lot of customers tell us that they would love to use Imperva more. I have some customers who have 50 websites, but they have only 10 websites on Imperva because of the price. They would love to have all their websites running through Imperva, but they can't. They have to choose the more critical websites to protect because the price is very high. It is a very good product, but it is too expensive. If you buy a plan for 20 megabytes and you don't consume all of your 20 megabytes, it is okay, but if you consume more, you are charged for the superior traffic."
More Imperva DDoS pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
See recommendations
860,168 professionals have used our research since 2012.
 

Comparison Review

it_user68487 - PeerSpot reviewer
Nov 6, 2013
CloudFlare vs Incapsula: Web Application Firewall
CloudFlare vs Incapsula: Round 2 Web Application Firewall Comparative Penetration Testing Analysis Report v1.0 Summary This document contains the results of a second comparative penetration test conducted by a team of security specialists at Zero Science Lab against two cloud-based Web…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
20%
Financial Services Firm
10%
Educational Organization
6%
Manufacturing Company
6%
Computer Software Company
19%
Financial Services Firm
11%
Comms Service Provider
8%
Government
7%
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Barracuda Web Application Firewall?
It significantly improved our overall web security posture, addressing intrusions and enhancing control over web URLs...
See all answers
What is your primary use case for Barracuda Web Application Firewall?
Our primary use case was to track the traffic on websites or webshops to identify potential malicious actors, such as...
See all answers
What is your experience regarding pricing and costs for Barracuda Web Application Firewall?
The pricing for Barracuda is quite high compared to other OEMs. Each transaction requires my purchase team to negotia...
See all answers
Do you recommend HAProxy?
I do recommend HAProxy for more simple applications or for companies with a low budget, since HAProxy is a free, open...
See all answers
What do you like most about HAProxy?
The solution is effective in managing our traffic.
See all answers
What is your experience regarding pricing and costs for HAProxy?
HAProxy is an open-source solution.
See all answers
What do you like most about Imperva Incapsula?
We use Imperva DDoS to stop DDoS attacks and reduce the amount of unwanted queries against web services or web scraping.
See all answers
What is your experience regarding pricing and costs for Imperva DDoS?
The pricing, setup costs, and licensing of Imperva DDoS are reasonable for the amount of technical capabilities provi...
See all answers
What needs improvement with Imperva DDoS?
I would like to see improvements in the pooling of threats and attacks, possibly to enlarge the scale of indicators o...
See all answers
 

Comparisons

Fortinet FortiWeb vs Barracuda Web Application Firewall Logo
Fortinet FortiWeb vs Barracuda Web Application Firewall
Compared 23% of the time
F5 Advanced WAF vs Barracuda Web Application Firewall Logo
F5 Advanced WAF vs Barracuda Web Application Firewall
Compared 20% of the time
NetScaler vs Barracuda Web Application Firewall Logo
NetScaler vs Barracuda Web Application Firewall
Compared 8% of the time
Microsoft Azure Application Gateway vs Barracuda Web Application Firewall Logo
Microsoft Azure Application Gateway vs Barracuda Web Application Firewall
Compared 8% of the time
Radware Alteon vs Barracuda Web Application Firewall Logo
Radware Alteon vs Barracuda Web Application Firewall
Compared 4% of the time
More Barracuda Web Application Firewall Competitors
Microsoft Azure Application Gateway vs HAProxy Logo
Microsoft Azure Application Gateway vs HAProxy
Compared 14% of the time
NetScaler vs HAProxy Logo
NetScaler vs HAProxy
Compared 13% of the time
Istio vs HAProxy Logo
Istio vs HAProxy
Compared 11% of the time
Envoy vs HAProxy Logo
Envoy vs HAProxy
Compared 11% of the time
Kemp LoadMaster vs HAProxy Logo
Kemp LoadMaster vs HAProxy
Compared 10% of the time
More HAProxy Competitors
Cloudflare vs Imperva DDoS Logo
Cloudflare vs Imperva DDoS
Compared 25% of the time
Akamai vs Imperva DDoS Logo
Akamai vs Imperva DDoS
Compared 18% of the time
Arbor DDoS vs Imperva DDoS Logo
Arbor DDoS vs Imperva DDoS
Compared 8% of the time
Radware DDoS vs Imperva DDoS Logo
Radware DDoS vs Imperva DDoS
Compared 7% of the time
Prolexic vs Imperva DDoS Logo
Prolexic vs Imperva DDoS
Compared 2% of the time
More Imperva DDoS Competitors
 

Product Reports

Buyer's Guide
Barracuda Web Application Firewall
June 2025
Barracuda Web Application Firewall reportDownload Barracuda Web Application Firewall product report
Buyer's Guide
HAProxy
June 2025
HAProxy reportDownload HAProxy product report
Buyer's Guide
Imperva DDoS
April 2025
Imperva DDoS reportDownload Imperva DDoS product report
 

Also Known As

No data available
HAProxy Community Edition, HAProxy Enterprise Edition, HAPEE
Imperva Incapsula
 

Overview

Barracuda Web Application Firewall is a game-changing cloud-connected security solution that enables organizations to safeguard both their applications and their data from an ever-growing array of advanced cyber threats. It offers protection from cyber attacks that target not only data and applications stored on the cloud but also those that are housed on web servers. 43% of the time a breach takes place via a compromised application. Barracuda Web Application Firewall prevents these types of breaches from occurring.

Barracuda Web Application Firewall denies hackers the ability to penetrate your system by using a number of techniques to keep your organization safely insulated. The first method of protection consists of two parts. The first part involves a thorough scanning of all inbound web traffic. This solution monitors everything that comes into the system. It employs IP reputation intelligence, which filters all incoming data. If the source of the data has a bad reputation, it is blocked by the firewall. Administrators now have a way of locking out many common threats that could otherwise compromise sensitive networks. These scans can also allow administrators to protect their systems from within as DLP (Data Loss Prevention) protocols. If any sensitive data attempts to leave, administrators will automatically be alerted and the data will be blocked from exiting.

Barracuda Web Application Firewall can also be set up to apply the AAA (Authentication, Authorization & Accounting) framework to an organization’s network. If an intruder manages to get past the authentication stage, the authorization protocols kick in. After the authorization stage comes accounting, which works by tracking and logging users’ activities so that administrators will be in a position to prevent long-term damage from being done. This three-step process can be implemented without requiring administrators to make changes to their applications.

Key Features

Some of Barracuda Web Application Firewall’s key features include:

  • The ability to employ adaptive profiling. Administrators will have an easier time enforcing security policies once this feature is enabled. It takes data from safe sources and builds profiles that can be used to create whitelisting protocols that prevent unsafe actions from occurring on the system.
  • The ability to assess threats in real time. Barracuda Web Application Firewall uses machine learning to detect new threats and attacks as they emerge.
  • The ability to manage the Barracuda Web Application Firewall system from a single interface. Administrators can manage their Barracuda Web Application Firewall configurations from one centralized location.

Reviews from Real Users

Barracuda Web Application Firewall stands out among its competitors for a number of reasons. One of the main ones is the robustness of the solution. Users are given access to a vast variety of security features in a single product.

PeerSpot user Muhammed S., a Presales Solutions Architect at Hilal Computers, notes this when he writes, "The solution offers multiple security features. There are machine learning features and great URL encryption. It also offers multi-protocol support against DDoS attacks."

Other reviewers note that Barracuda Web Application Firewall is user-friendly, easy to set up, stable, and reliable.

Barracuda Networks

HAProxy is considered by many in the industry to be one of the fastest and most popular and trusted software load balancer products in the marketplace today. Organizations are able to immediately deploy HAProxy solutions to enable websites and applications to optimize performance, security, and observability. HAProxy solutions are available to scale to any environment.

HAProxy is an open-source product and has a robust, active, reliable community. The solutions are continually tested and improved on by the community. HAProxy offers a dynamic design to support the most modern architectures, microservices, and deployment environments (appliances, containers, virtual, and cloud).

HAProxy utilizes a cloud-native protocol, which makes it a complete solution for cloud services such as Red Hat OpenShift, OVH, Rackspace, Digital Ocean, Amazon Web Services (AWS), and more. It also can be used as the reference load balancer in OpenStack.

HAProxy Products

  • HAProxy One: This is a next-gen end-to-end application delivery platform created to secure and streamline modern application architectures. It offers a complete suite of solutions, such as application delivery software, turnkey, and appliance services observed and administered through a central control plane. The product supplies application acceleration, CDN, DDoS, bot management, WAF capabilities, and load balancing.
  • HAProxy Fusion Control Plane: This product enables organizations to streamline workflows, arrange traffic routing and security protocols, enhance the speed of delivery, and scale out of the organization’s applications. HAProxy Fusion Control Plane offers an intuitive user interface to observe and control the complete product lineup and API for administering numerous fleets of HAProxy Enterprise servers, either in the cloud or on premises.
  • HAProxy Edge: This product offering is an application delivery network (ADN) that provides a broad array of turnkey application services with amazing scale and complete visibility. Services include application and content acceleration, advanced security, and load balancing.
  • HAProxy ALOHA Hardware or Virtual Load Balancer: This product is a virtual load balancer or plug-and-play hardware constructed upon HAProxy Enterprise that is designed to support proxying at Layer 4 and Layer 7. It has a user-friendly GUI, simple deployment, and no limit on backend servers, making it a complete product for organizations desiring a reliable system to provide high-end load distribution for critical services.
  • HAProxy Enterprise Kubernetes Ingress Controller: This product is designed to facilitate smooth traffic flow into a Kubernetes cluster. It is able to automatically discover anomalies and changes in an organization's Kubernetes infrastructure and provide precise distribution of traffic to healthy pods, with no downtime caused by poor pod health or scaling changes. The product comes with an embedded WAF to optimize the security of an organization’s applications running in Kubernetes.
  • HAProxy Enterprise: This product is the enterprise-class edition of HAProxy offering a dynamic and sturdy code base with next-generation features, an enterprise suite of add-ons, professional services, and trusted support. 

    • Cluster-wide tracking and rate limiting
    • Advanced DDoS and bot management
    • Web application firewall
    • Reliable expert support
    • High performance modules
    • Device detection and geolocation
    • Real-time dashboard

Reviews from Real Users

Having the right load balancing solution – which is what HAProxy is – and protection in place gives organizations peace of mind.” - Nathanel S., Platform Architect at SES

“I use HAProxy for individuals who can not buy low balancers. I built NFV in a box and send individuals a pathway into an HAProxy VM. The setup was not difficult; it usually takes a day to complete for a VPC. When it comes to pricing, HAProxy is free.” - Nasir O., Network & Cloud Architect at Koala Compute Inc.

HAProxy

Imperva DDoS is a solution that offers protection for web applications and websites and all their associated business-critical data from cyberattacks. The cloud-based application delivery service helps improve user experiences by improving their performance. Through its security platform, Imperva DDoS also provides DDoS mitigation, a web application firewall, and a global load balancer, and includes a content delivery network — all designed to maximize performance.

Imperva DDoS Features

Imperva DDoS has many valuable key features. Some of the most useful ones include:

  • API security
  • Web application firewall
  • Bot management
  • Application delivery
  • Runtime protection (RASP)
  • Discovery and assessment
  • Data protection
  • Data risk analytics
  • Data privacy
  • Application delivery control (ADC)
  • Content delivery network (CDN)
  • DDoS mitigation
  • Global server load-balancing (GSLB)
  • Web application firewall (WAF)
  • Client-side protection
  • Runtime protection

Imperva DDoS Benefits

There are several benefits to implementing Imperva DDoS. Some of the biggest advantages the solution offers include:

  • Reduce web application risk: Imperva DDoS includes automatic policy creation and fast rule propagation that give your IT and security departments the ability to use third-party code without risk while working at the pace of DevOps.
  • Security from edge to database: Imperva DDoS’s WAF feature secures from edge to database, so the traffic you receive is only the traffic you want.
  • Safeguard sensitive and personal data: Imperva DDoS provides visibility into sensitive and personal data, with the controls to protect that data and the ability to unify management across cloud, on-premises, and in hybrid environments to help accommodate changing threats, new regulations, and challenging audits.

Reviews from Real Users

Below are some reviews and helpful feedback written by Imperva DDoS users.

PeerSpot user, Etienne W., CDN & Cybersecurity Engineer - Web performance & security at CDN Tech / Ecritel, says, “It is a good solution that allows us to protect websites. It is stable, scalable, quick and easy to use.” He goes on to explain, “WAF protection works almost out-of-the-box. The Anti-DDoS mitigation in less than 1s, I saw it many times in production, I can say it works. CDN has high performances, and the Smart Caching mode is really "smart" (you can do some efficient caching even if you're not a specialist). Its unique interface for managing security performance and ease of use are the most valuable features of this solution."

An IT Senior Manager at an outsourcing company mentions, “The most valuable features are DDoS protection. The Incapsula [Imperva DDoS] environment helps us monitor all the web activity. All the web activity is passed through their WAF cloud services, then that can help us to monitor those activities. That can help protect against DDoS hacking.”

Another PeerSpot reviewer, Ben D., Sales Executive at EVVO LABS, comments, "Imperva Incapsula [DDoS] has many valuable features. One, it protects the top 10 OWASP vulnerability, the open web application software platform, this is standard. Secondly, it protects against broken authentication. As well, it has remote execution of code."

A Solutions Architect at a financial services firm states, “The solution's most valuable aspect is that it is easy to configure. The solution keeps itself up to date itself and there's no customization that we need to do. It makes it extremely easy and cuts back on the amount of work required, and saves us on man-hours.”

Imperva
 

Sample Customers

Oracle, CBS, Pioneer, Hyundai, Publix, Barnes Noble, Calzedonia, Nordstrom, Samsung, Nascar
Booking.com, GitHub, Reddit, StackOverflow, Tumblr, Vimeo, Yelp
Hitachi, BNZ, Bitstamp, Moz, InnoGames, BTCChina, Wix, LivePerson, Zillow and more.
Buyer's Guide
Web Application Firewall (WAF)
June 2025
Download Free Report
Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF). Updated: June 2025.
DOWNLOAD NOW
860,168 professionals have used our research since 2012.