F5 BIG-IP Local Traffic Manager (LTM) vs Imperva DDoS comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between F5 BIG-IP Local Traffic Manager (LTM) and Imperva DDoS based on real PeerSpot user reviews.

Find out in this report how the two Application Delivery Controllers (ADC) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed F5 BIG-IP Local Traffic Manager (LTM) vs. Imperva DDoS Report (Updated: September 2020).
655,465 professionals have used our research since 2012.
Q&A Highlights
Question: F5 vs. Imperva WAF?
Answer: Firstly, implementing WAF is an excellent decision. With application logic and date being at the core of the technology stack value, WAF is the most reasonable place to monitor application traffic and defend from hacker's attacks. I have recently published a blog post on the issues one needs to consider when selecting a WAF. In addition, here are some thoughts on the specific questions you are asking Both F5 and Imperva are excellent WAF offerings with long track records and both will likely do a good job detecting known OWASP 10 threats. That said, both F5 and iMPERVA are signature based WAF technologies. For zero-day threats for which no signatures exist, no protection is provided until someone creates a signature and is able to write a rule for protection. For more agile 0 day threat protection you may want to consider a machine-learning driven solution which creates application-specific security rules automatically. As far as administration is concerned, F5 natively integrates with the application delivery system (ADC) which makes deployment & routing administration easier. The other aspect of the administration is addressing false positivies that WAF generates to avoid interfering with normal application operations. Because of false positives, many of the iMPERVA and F5 customers deploy these solutions in non-blocking mode with the main goal of providing visibility. Deciding which detected incidents require action is what requires the bulk of administration by security experts with deep knowledge of web application code and web application security. On the subject of costs and benefits, a lot of the benefits of the traditional WAF systems are centered around compliance. These are often hard to quantify but are the cost of doing business. Other than that, costs of WAF, as with most security solution, come less from the cost of the licenses and more from the cost of administering the solution and putting in integrations with other systems to derive real benefits. Again, machine learning-based system can help here with an automated and continuous approach. Essentially such system performs the jobs of a Red Team and a Blue Team in AI. Overall, both iMPERVA and F5 are good solutions, but before making your final decision consider if you want to go with a signature-based WAF or deploy a machine-learning driven solution like Wallarm.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"What we like best about this solution is its stability. It is extremely stable.""NetFlow balancing and traffic balancing are good features.""The support from F5 BIG-IP LTM is good.""I've worked a little bit with iRules and it is amazing.""The feature I find the most valuable is the support infrastructure.""The stability is excellent.""The tech support we got from F5 BIG-IP Local Traffic Manager directly was pretty good.""The most valuable feature is customization."

More F5 BIG-IP Local Traffic Manager (LTM) Pros →

"It fits our requirements, as well as our budget.""The solution is very good at intercepting traffic before it gets to our data centers.""Technical support was very helpful.""Its unique interface for managing security performance and ease of use are the most valuable features of this solution.""There are quite a few useful Imperva Incapsula features. For example, one of them is the reports. The graphics are very good and it's easy to configure. The whole process is very fast and reliable too. They have good tech support as well.""Integration with IBM AS/400 and Db2 is okay.""The three-second service level agreement is already better than the competition.""DDoS protection and WAF are the most valuable features. It is easy to deploy a service. It is easy and quick to deploy to a new website."

More Imperva DDoS Pros →

Cons
"An expensive solution for the minimal features we use.""There are not very many areas for improvement, but the price is high.""To improve the product, they could add more load balancing solutions in Kubernetes.""The cost of the solution is pretty high. It would be ideal if it was more reasonable.""My only point of contention would be that it is a little pricey.""Its price can be better. It is a bit expensive.""Technical support could be faster. It's something I'd like to see them work on in the future.""There are some aspects of F5 BIG-IP that could be improved, the main one being virtual machine support. We have seen that even with the virtual editions, there are some things that we would like to do that are currently not possible with virtual machines."

More F5 BIG-IP Local Traffic Manager (LTM) Cons →

"Users would benefit from better documentation. There is official documentation, but sometimes we need more detail. We have some use cases that are not so run of the mill. It would be great if there was a knowledge base that we could go to for more answers.""I would like to see automated reporting to improve visibility.""The weakest point of Imperva is their first level of support, which should be improved. They should also improve the access and security logs viewing directly on the portal. I would like to see better access and security logs through the portal and not only through a SIM solution. Currently, if you want to explore your access and security logs from Imperva, you need a SIM tool or a SIM infrastructure on your side to do it. You can't do it manually or directly through the portal, which is a big problem for us. I had a call yesterday with Imperva for the roadmap, and I just told them this. They agreed that this is an improvement point from their side.""Some maintenance must be performed by our IT team.""A limited tool if you're looking to customize.""The cost could be lower; our end clients need to have a high budget to purchase this solution.""The salespeople tend to exaggerate its capabilities, which can cost you money if you don't verify the information.""It would be beneficial to include vulnerability management in the solution, similar to what they have for their on-premise solution."

More Imperva DDoS Cons →

Pricing and Cost Advice
  • "When we purchased additional licenses for our other locations, we received a discount of between 20% and 25%."
  • "F5 BIG-IP can be expensive, although there are trial versions available which are helpful to find out if the solution is right for your company."
  • "The price should be reduced because it is expensive when compared to the competition."
  • "The solution is quite expensive if we compare it with the competition."
  • "It is a bit expensive product. Kemp Loadmaster is much cheaper than F5. Its licensing is on a yearly basis. It can be for one year or three years."
  • "The price of the solution is sometimes expensive."
  • "You can buy it on a yearly basis, or you can go for a subscription. For on-premise boxes, it is just the RMA."
  • "Compared to using open-source products, the prices are not cheap."
  • More F5 BIG-IP Local Traffic Manager (LTM) Pricing and Cost Advice →

  • "It is a very expensive solution. The price is very high. A lot of customers tell us that they would love to use Imperva more. I have some customers who have 50 websites, but they have only 10 websites on Imperva because of the price. They would love to have all their websites running through Imperva, but they can't. They have to choose the more critical websites to protect because the price is very high. It is a very good product, but it is too expensive. If you buy a plan for 20 megabytes and you don't consume all of your 20 megabytes, it is okay, but if you consume more, you are charged for the superior traffic."
  • "The cost is somewhere around $10,000 a site. For every site, you pay individually. For every DNS entry, you have you pay."
  • "It is expensive."
  • "Pricing could be more competitive."
  • "Imperva charges us based on bandwidth, which is better than other vendors that charge us according to data transfer."
  • "The license is on a yearly basis."
  • "Varies depending on the needs of the customer."
  • "We have an issue with Imperva Incapsula in the Iraqi market because of the high price."
  • More Imperva DDoS Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Application Delivery Controllers (ADC) solutions are best for your needs.
    655,465 professionals have used our research since 2012.
    Answers from the Community
    Anonymous User
    Syed Ubaid Ali Jafri - PeerSpot reviewerSyed Ubaid Ali Jafri (Habib Bank Limited)
    Real User

    In order to achieve the core objective of a WAF (Web Application Firewall) definitely you are focusing on the External Facing application, for external facing application IMPERVA INCAPSULA has a high ratio of payload collector which identify and capture the payload entered by the malicious user without tempering the original content of a Payload. Once the paylaod has been captured, you can easily block the content appeared in the payload and this can be done automatically as well. Another good feature of this WAF is even if a malicious user is using NAT environment or Proxy based environment it will show the A.S (autonomous System) of the last region and also in some cases reveals the NAT IP Address from where the payload is actually captured.

    it_user464574 - PeerSpot reviewerit_user464574 (System Engineer at a tech services company with 501-1,000 employees)
    Consultant

    Hi,

    Follow below.
    1. F5 has a protection to L7, but dont work as a sand-box.2. F5 has a nice GUI with many options to understand whats happen in real-time3. F5 isn't cheap but is cheaper than Imperva.
     Att,
    Fernando Camargo

    it_user558699 - PeerSpot reviewerit_user558699 (Network Administrator at a university with 1,001-5,000 employees)
    Vendor

    Hi!

    I don’t know anything about Imperva WAFs, but I can tell you that F5 makes security a high priority, and they respond quickly to threats with either recommendations on things to change or updates. Plus, F5’s products are very intuitive and have GUIs that make administration a breeze, as well as a large support community and KB to consult for command line stuff or more complicated administration via the GUI. F5 products do cost a lot, though, and I would say that’s the main drawback.

    Regards,

    ​​​​​Ethan McGuire

    it_user694383 - PeerSpot reviewerit_user694383 (SVP, Technical Operations at a tech vendor with 201-500 employees)
    Vendor

    You'll need to weigh your specific requirements and ideally POC both solutions. In our case, after having used both F5 and Imperva WAF solutions we found Imperva to be a more comprehensive fit for our needs.

    One of the primary issues with the F5 ASM solution was the performance implications on the load balancers for which it was enabled. If you have the option and budget, I'd suggest a review of Silverline vs. Incapsula to reduce the maintenance and administration overhead. This would have removed the performance issue from the equation for us.

    it_user186927 - PeerSpot reviewerit_user186927 (Director of Operations at a comms service provider with 10,001+ employees)
    Real User

    Hi There;

    Yes I can help !

    That's a really good question as the answer is always 'it depends'.

    There's really no obvious vendor answer between Imperva and F5 - more pros and cons that you need to match to your use case checklist so I can throw out a fairly standard scouting report of the two and hopefully you'll spot which one more suits your WAF needs.

    Ps The first question I'd ask as a precursor is 'why do you need a specific WAF ?

    Many UTM / NGFW vendors (eg the Fortinet, Palo Alto, Cisco, Checkpoint best of breed quartet) roll WAF as a standard service / feature and it's usually 'good enough'.

    Presuming you already have firewalls and a subset of their UTM sheet turned on - eg IPS, IDS, VPN,.....simply turn on WAF as the quickest and cheapest route to done.

    Second question is if starting from scratch why not look more at future state SDN solution like say Big Switch that offers a more flexible security policy workflow orchestration and automation approach to WAF and other services in your data scrubbing food chain.

    Back to F5 vs Imperva

    F5 Pros
    Cadillac - feature rich
    - highly programable, flexible
    - central APM suite extends to WAF
    - good for complex rules/policy
    - load balancing kingpin

    F5 Cons
    Overkill. - complicated to set up/maintain
    - high priced/skilled PS work
    - takes over your ecosystem and doesn't integrate well with others
    - expensive

    Imperva Pros
    Integrated Knitting - plays well in sandbox
    - good enough features for price
    - easier / cheaper

    Imperva Cons - service play vs product
    - more about ps team than polished product
    - unclear product roadmap, corporate longevity (ie buy out target)
    - lots of custom code, scripts to maintain in knitting

    There you go - it's a case of premium beer vs brew your own so depending on whether you are Fortune 500 or SME - budget vs on hand security design talent - that's dictates your direction on vendor vs any sort of Gartner MQ comparison....(IMHO)

    And please see questions 1 and 2....I see WAF as not existing in a couple of years - either absorbed as a commodity by UTM space or greatly improved by SDN space

    Karl

    it_user685098 - PeerSpot reviewerit_user685098 (Head of Business Development at Loadbalancer.org)
    Vendor

    Imperva are a market leading WAF vendor, whilst F5 are a market leading load balancer (ADC) vendor. That said, the F5 WAF is awesome, and will offer all the security functionality you're ever likely to need. My advice would be to do some homework on price, as both options will provide an intuitive interface and offer excellent threat response times.

    it_user444444 - PeerSpot reviewerit_user444444 (User)
    Vendor

    We really have experience in WAF solutions, but our main Partner is Akamai KSD(Kona Site Defender) and in our opinion is the more completed solution in these market

    About F5 and Imperva solution I can’t answer those questions.

    Regards

    Ricardo Zovaro

    it_user527007 - PeerSpot reviewerit_user527007 (Business Development Manager at a tech services company with 11-50 employees)
    Real User

    The answers are not so simply because seems to be.
    In very draft – for the moment I’ ll be back in details later – my answers :

    1) Security  Both are very good solutions, with a huge amount of successful cases. The “response” is something that we can discuss it. We have cases with the one is better than the other and reverse. If you discussing about the response when you are opening a ticket for example, our experience says F5.
    2) Depends on what experience the engineer has. I mean is not a crystal clear to say one or the other. The ways that F5 works is by far more powerful than IMPERVA.
    3) Well, if we would have this discussion 2 years before the answer would be IMPERVA. BUT F5 made a great job these two years, with a huge investment regarding the Cloud and also the functionality. The disadvantage is scaling license of F5 because the F5 upgrades the FQDNs in 5. On the other side IMPERVA upgrades in 1. Another disadvantage is that F5 has no less than 50 MBps license (regarding the SilverLine solution), when IMPERVA starts from 1MBps

    PLEASE SEE BELOW some details :

    1. F5 ASM - Web Application Firewall Solution

    F5® BIG-IP® Application Security Manager™ (ASM) is a web application firewall (WAF), deployed in more data centers than any enterprise WAF on the market. With advanced firewall capabilities, it secures applications against layer 7 distributed-denial-of-service (DDoS) attacks, malicious bot traffic, and application vulnerabilities where other WAFs fail. Built on F5’s industry-leading Application Delivery Controller with the F5 TMOS® operating system, BIG-IP ASM delivers flexible and comprehensive protections wherever apps reside and without compromising performance—all on a platform that consolidates application protection and access management.

    BIG-IP ASM is uniquely offered as an appliance, virtual edition, and as a managed service, providing automated WAF services that meet complex deployment and management requirements while protecting your apps with great precision. It is the most effective solution for guarding modern web applications and data from existing and emerging threats, and maintaining compliance with key regulatory mandates.

    Key Benefits

    F5 BIG-IP® Application Security Manager™ (ASM) is an advanced web application firewall that protects critical applications and their data by defending against application-specific attacks that bypass conventional firewalls.

    BIG-IP ASM is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments. It provides unmatched web application and website protection, helps secure deployed applications against unknown vulnerabilities, and enables compliance for key regulatory mandates—all on a platform that consolidates application delivery with data center firewall capabilities, and network and application access control.

    Deliver comprehensive security
    BIG IP ASM blocks web application attacks in minutes, to help protect against a broad spectrum of threats, including the latest distributed denial-of-service (DDoS) and SQL injection attacks. It also helps secure interactive web applications that use the latest coding, such as AJAX widgets and JSON payloads. Advanced vulnerability assessment integrations can scan web applications and BIG-IP ASM patches vulnerabilities in minutes to help protect against web threats. BIG-IP ASM stops hackers and attacks from any location and ensures that legitimate users can access applications.

    Achieve compliance cost-effectively
    Advanced, built-in security protection a demote auditing help your organization comply with industry security standards, including PCI DSS, HIPAA, Basel II, and SOX, in a cost-effective way—without requiring multiple appliances, application changes, or rewrites. Detailed PCI reporting determines if PCI DSS compliance is being met and it guides administrators through the necessary steps to become compliant.

    Get out-of-the-box protection
    Equipped with a set of pre-built and certified application security policies, BIG IP ASM gives you out-of-the box protection for common applications such as Microsoft Outlook Web Access, Lotus Domino Mail Server, Oracle E-Business Financials, and Microsoft Office SharePoint. A rapid deployment policy secures any internal or third-party application.

    Improve performance
    Unlike many other security solutions, with BIG IP ASM you don’t have to choose between security and performance. The F5 TMOS® architecture provides significant performance advantages, including SSL offload, caching, compression, TCP optimization, and more. BIG-IP® Local Traffic Manager™ integration enables protection from DDoS and other network attacks, and delivers data center firewall capabilities. And because BIG IP ASM works on the same platform with other BIG IP® modules, you can benefit from centralized, secure access control and even greater performance improvements.

    BIG-IP ASM Features and Specifications

    The volume and sophistication of attacks makes keeping up-to-date on security threat types and protection measures a challenge for application administrators and security teams. With industry-leading capabilities, predefined signatures, and superior flexibility, BIG-IP ASM delivers advanced, cost-effective security for the latest interactive Web 2.0 applications.

    BIG-IP ASM secures any parameter from client-side manipulation and validates login parameters and application flow to prevent forceful browsing and logical flaws. It also allows organizations to effectively guard against existing and emerging Layer 7 application attacks—preventing costly data breaches, thwarting DDoS attacks, and maintaining compliance. BIG-IP ASM is the first leading WAF that supports the transition from AJAX/HTTP to Web Sockets for greater efficiencies and less overhead with bi-directional streaming data. BIG-IP ASM uniquely provides visibility into Web Socket traffic—enabling companies to transition to protecting chat sessions and streaming information feeds (such as stock tickers) from data exposure, tampering, and theft. Users benefit from an extensive database of signatures, dynamic signature updates, DAST integration, and the flexibility of F5 IRules® scripting for customization and extensibility.

    Organizations rely on BIG-IP ASM to protect the world’s most visited web applications wherever they reside, with the highest level of security and without compromising performance. BIG-IP ASM enables organizations to detect and mitigate layer 7 threats including web scraping, web injection, brute force, CSRF, JSON web threats, DoS-heavy URLs, and zero-day attacks—providing early warnings, while mitigating threats per policy. It automatically defends against multiple, simultaneous, volumetric application-layer threats including stealthy, low-bandwidth DDoS attacks. BIG-IP ASM also prevents execution of fraudulent transactions, stops in-browser session hijacking, and reports regular and repeated attacks from IPs.

    Using automatic learning capabilities, dynamic profiling, unique anomaly detection methods, and risk-based policies, BIG-IP ASM can impose needed protections to prevent even the most sophisticated attacks from ever reaching servers.

    WAF Security

    L7 DoS and DDoS detection including: HASH DoS, Slowloris, floods, Keep dead, XML bomb

    Yes

    Web scraping prevention

    Yes

    OWASP Top 10 prevention

    Yes

    Automated attack defense and bot detection

    Yes

    Advanced protections against threats including: Web injections, data leakage, session hijacking, HPP attacks, buffer overflows, shellshock

    Yes

    Geolocation blocking

    Yes

    IP intelligence reputation services

    Yes - with F5 Intelligence Services

    SSL termination with re-encryption

    Yes

    Security incident and violation correlation

    Yes

    Client-side certification support

    Yes

    Client authentication

    LDAP, RADIUS

    Database security

    Yes – with Oracle Database Firewall

    Response checking

    Yes

    Violation risk scoring

    Yes

    Web service encryption and decryption

    Yes – and with signature validation

    Device-ID detection and finger printing

    Yes

    Live signature updates

    Yes

    WebSocket traffic filtering

    Yes
    Integrated XML Firewall Yes
    ICAP Support for SMTP and SOAP Yes
    PCI Reporting Yes
    Data Guard and Cloaking Yes
    CSRF Protection Yes

    HTTP protocol security
    – Header name with no header value: Specifies that the system checks requests for valueless header names, which are considered illegal.
    – Several Content-Length headers: Specifies that the system examines each request to see whether it has more than one content-length header, which is considered illegal.
    – Chunked request with Content-Length header: Specifies that the system examines chunked requests for a content-length header, which should not be permitted.
    – Null in request headers: Specifies that the system inspects request headers to see whether they contain a Null character, which is not allowed.
    – Content length should be a positive number: Specifies that the system examines requests to see whether their content length value is greater than zero.
    – Bad HTTP version: Specifies that the system inspects requests to see whether they request information from a client using a legal HTTP protocol version number (0.9 or higher).
    – Host header contains IP address: Specifies that the system verifies that the request’s host header value is not an IP address.
    – Unparsable request content: Specifies that the system examines requests for content that the system cannot parse, which is not permitted.
    – Bad host header value: Specifies that the system inspects requests to see whether they contain a non RFC compliant header value.
    – Check maximum number of headers: Specifies, when checked (enabled), that the system compares the number of headers in the requests against the maximum number you specify.
    – Request Checks: Examine lengths (URL, Query strings, Requests, Posts etc), allowed methods (get, put, post etc), disallowed files types, mandatory headers.

    CSRF Protection
    Cross-site request forgery (CSRF) attacks work by forcing the user to run unwanted actions on a website in which the user is currently authenticated.
    For example, an attacker may iframe code into a web object that forces the user to request a specific URL without the user's knowledge.
    When you enable the CSRF Protection feature in the security policy, the BIG-IP ASM system differentiates between legal requests and forged requests by generating and storing a unique session token in the BIG-IP ASM cookie. The BIG-IP ASM system then verifies the ingress requests, and attempts to match the HTTP parameter value with the BIG-IP ASM cookie value in the request.

    Web Scraping
    Web scraping is a technique for extracting information from web sites that often uses automated programs, or bots (short for web robots), opening many sessions, or initiating many transactions. You can configure Application Security Manager™ (ASM) to detect and prevent various web scraping activities on the web sites that it is protecting.

    Data Guard
    In some web applications, a response may contain sensitive user information, such as credit card numbers or social security numbers (U.S. only). The Data Guard feature can prevent responses from exposing sensitive information by masking the data (this is also known as response scrubbing).
    Note: When you mask the data, the system replaces the sensitive data with asterisks (****). F5 Networks recommends that you enable this setting especially when the security policy enforcement mode is transparent. Otherwise, when the system returns a response, sensitive data could be exposed to the client.
    Using Data Guard, you can configure custom patterns using PCRE regular expressions to protect other forms of sensitive information, and indicate exception patterns not to consider sensitive. You can also specify which URLs you want the system to examine for sensitive data.
    The system can examine the content of responses for specific types of files that you do not want to be returned to users, such as ELF binary files or Microsoft Word documents. File content checking causes the system to examine responses for the file content types you select, and to block sensitive file content (depending on the blocking modes), but it does not mask the sensitive file content.

    Reporting and Analytics

    Customizable charts and reports

    Yes

    Security overview report
    Yes – drill down capabilities to granular details

    Combined network and application attack report

    Yes – with combined BIG-IP AFM and BIG-IP ASM deployment

    WAF health monitoring

    Yes

    Compliance support

    PCI-DSS, HIPAA, SOX, Basel II

    Automatic policy sync between WAF devices

    Yes

    Layer 7 DDoS Protection

    – Proactive Bot Defense during attacks (this feature requires JavaScript support from the browsers): defense against bot attacks by detecting and stopping them before the attacks start to grow, by performing the following:
    • The system sends a client-side JavaScript challenge to the browser.
    • If the challenge is met, the system adds a cookie to the second request. This cookie is active until the session ends, and the system does not add any more cookies to further requests during that session.
    • The system drops requests sent by browsers that do not answer the system’s initial JavaScript challenge, assuming they are bots that do not support JavaScript.

    – Bot Signatures: Allow requests from legitimate (benign) bots and malicious bots to bypass the proactive bot defense and give them visibility in the reports.

    – TPS-based DoS Detection. Configures the detection of DoS attacks based on high volume of incoming traffic.

    – Stress-based DoS Detection. The system automatically detects an increase in server stress and mitigate DoS attacks causing it.

    – Client Side Integrity: Τhe system determines whether the client is a legal browser or an illegal script by sending a JavaScript challenge to each new session request from the detected IP address, and waiting for a response. (Legal browsers are able to respond, while illegal scripts cannot.) Client Side Integrity can be enabled in several attack types whenever TPS is suspiciously increased.

    – Behavioral protection: Enables the system to automatically detect Layer 7 DoS attacks using behavioral data, characterize the offending traffic, and automatically mitigate the offending traffic.

    – Heavy URLs protection: This feature allows protecting Heavy URLs during DoS attacks. Heavy URLs are a small number of site URLs that might consume considerable server resources per request, even with a low TPS count. Heavy URLs respond with low latency most of the time, but may easily reach high latency under specific conditions. Heavy URLs are not necessarily heavy all the time, but are potentially heavy, especially during DoS attacks.

    – Brute Force Protection: The system considers it to be an attack if either the detection interval exceeds the history interval by a relative amount specified on this screen, or the failed logon rate reaches a specific number specified on this screen

    Questions from the Community
    Top Answer:F5 BIG-IP LTM can improve on the SSL loading which includes the authentication of certificates. Although, most of these issues have been solved there are still some issue that persists. In a feature… more »
    Top Answer:F5 BIG-IP LTM is used for delivering applications and protecting the application from web attacks.
    Top Answer:Apart from throughout consideration. Radware license charges based on throughput and F5 charges based on features only. For example, if you buy F5 with an appliance throughput of 10g that throughput… more »
    Top Answer:The three-second service level agreement is already better than the competition.
    Top Answer:The solution is very affordable. It's based on the traffic utilization, the average traffic utilization, not the DDoS traffic. Therefore, if you're being DDoSed, you don't pay extra for the absorption… more »
    Top Answer:It’s hard to think of an improvement. The three-second service level agreement is already better than the competition. You would ordinarily say something like API protection. However, they've got that… more »
    Ranking
    Views
    25,394
    Comparisons
    20,818
    Reviews
    41
    Average Words per Review
    439
    Rating
    8.2
    Views
    12,135
    Comparisons
    8,143
    Reviews
    11
    Average Words per Review
    507
    Rating
    8.5
    Comparisons
    Also Known As
    F5 BIG-IP, BIG-IP LTM, F5 ASM, Viprion, F5 BIG-IP Virtual Edition , Crescendo Networks Application Delivery Controller, BIG IP
    Imperva Incapsula
    Learn More
    Overview

    F5 BIG-IP LTM optimizes the speed and reliability of your apps via both network and application layers. Using real-time protocol and traffic management decisions based on app and server and connection management conditions, and TCP and content offloading, BIG-IP LTM dramatically improves application and infrastructure responsiveness. BIG-IP LTM's architecture includes protocol awareness to control traffic for the most important applications. BIG-IP LTM tracks the dynamic performance levels of servers and delivers SSL performance and visibility for inbound and outbound traffic, to protect the user experience by encrypting everything from the client to the server.

    BIG-IP LTM provides enterprise-class Application Delivery Controller (ADC). You get granular layer 7 control, SSL offloading and acceleration capabilities, and advanced scaling technologies that deliver performance and reliability on-demand. The highly optimized TCP/IP stack combines TCP/IP techniques and improvements in the latest RFCs with extensions to minimize the effect of congestion and packet loss and recovery. Independent testing tools and customer experiences show LTM's TCP stack delivers up to a 2x performance gain for users and a 4x increase in bandwidth efficiency.

    Imperva DDoS is a solution that offers protection for web applications and websites and all their associated business-critical data from cyberattacks. The cloud-based application delivery service helps improve user experiences by improving their performance. Through its security platform, Imperva DDoS also provides DDoS mitigation, a web application firewall, and a global load balancer, and includes a content delivery network — all designed to maximize performance.

    Imperva DDoS Features

    Imperva DDoS has many valuable key features. Some of the most useful ones include:

    • API security
    • Web application firewall
    • Bot management
    • Application delivery
    • Runtime protection (RASP)
    • Discovery and assessment
    • Data protection
    • Data risk analytics
    • Data privacy
    • Application delivery control (ADC)
    • Content delivery network (CDN)
    • DDoS mitigation
    • Global server load-balancing (GSLB)
    • Web application firewall (WAF)
    • Client-side protection
    • Runtime protection

    Imperva DDoS Benefits

    There are several benefits to implementing Imperva DDoS. Some of the biggest advantages the solution offers include:

    • Reduce web application risk: Imperva DDoS includes automatic policy creation and fast rule propagation that give your IT and security departments the ability to use third-party code without risk while working at the pace of DevOps.
    • Security from edge to database: Imperva DDoS’s WAF feature secures from edge to database, so the traffic you receive is only the traffic you want.
    • Safeguard sensitive and personal data: Imperva DDoS provides visibility into sensitive and personal data, with the controls to protect that data and the ability to unify management across cloud, on-premises, and in hybrid environments to help accommodate changing threats, new regulations, and challenging audits.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Imperva DDoS users.

    PeerSpot user, Etienne W., CDN & Cybersecurity Engineer - Web performance & security at CDN Tech / Ecritel, says, “It is a good solution that allows us to protect websites. It is stable, scalable, quick and easy to use.” He goes on to explain, “WAF protection works almost out-of-the-box. The Anti-DDoS mitigation in less than 1s, I saw it many times in production, I can say it works. CDN has high performances, and the Smart Caching mode is really "smart" (you can do some efficient caching even if you're not a specialist). Its unique interface for managing security performance and ease of use are the most valuable features of this solution."

    An IT Senior Manager at an outsourcing company mentions, “The most valuable features are DDoS protection. The Incapsula [Imperva DDoS] environment helps us monitor all the web activity. All the web activity is passed through their WAF cloud services, then that can help us to monitor those activities. That can help protect against DDoS hacking.”

    Another PeerSpot reviewer, Ben D., Sales Executive at EVVO LABS, comments, "Imperva Incapsula [DDoS] has many valuable features. One, it protects the top 10 OWASP vulnerability, the open web application software platform, this is standard. Secondly, it protects against broken authentication. As well, it has remote execution of code."

    A Solutions Architect at a financial services firm states, “The solution's most valuable aspect is that it is easy to configure. The solution keeps itself up to date itself and there's no customization that we need to do. It makes it extremely easy and cuts back on the amount of work required, and saves us on man-hours.”

    Offer
    Learn more about F5 BIG-IP Local Traffic Manager (LTM)
    Learn more about Imperva DDoS
    Sample Customers
    Riken, TransUnion, Tepco Systems Administration, Daejeon University, G&T Bank, Danamon, CyberAgent Inc.
    Hitachi, BNZ, Bitstamp, Moz, InnoGames, BTCChina, Wix, LivePerson, Zillow and more.
    Top Industries
    REVIEWERS
    Comms Service Provider23%
    Financial Services Firm15%
    Computer Software Company12%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Comms Service Provider16%
    Financial Services Firm12%
    Government7%
    REVIEWERS
    Financial Services Firm17%
    Non Tech Company11%
    Marketing Services Firm8%
    Media Company8%
    VISITORS READING REVIEWS
    Computer Software Company22%
    Comms Service Provider14%
    Financial Services Firm13%
    Insurance Company6%
    Company Size
    REVIEWERS
    Small Business32%
    Midsize Enterprise16%
    Large Enterprise52%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise16%
    Large Enterprise65%
    REVIEWERS
    Small Business49%
    Midsize Enterprise14%
    Large Enterprise38%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise16%
    Large Enterprise63%
    Buyer's Guide
    F5 BIG-IP Local Traffic Manager (LTM) vs. Imperva DDoS
    September 2020
    Find out what your peers are saying about F5 BIG-IP Local Traffic Manager (LTM) vs. Imperva DDoS and other solutions. Updated: September 2020.
    655,465 professionals have used our research since 2012.

    F5 BIG-IP Local Traffic Manager (LTM) is ranked 1st in Application Delivery Controllers (ADC) with 46 reviews while Imperva DDoS is ranked 3rd in Distributed Denial of Service (DDOS) Protection with 13 reviews. F5 BIG-IP Local Traffic Manager (LTM) is rated 8.2, while Imperva DDoS is rated 8.6. The top reviewer of F5 BIG-IP Local Traffic Manager (LTM) writes "Great support, helpful documentation, and is user-friendly". On the other hand, the top reviewer of Imperva DDoS writes "Reliable with an impressive three-second SLA and reasonable pricing". F5 BIG-IP Local Traffic Manager (LTM) is most compared with Microsoft Azure Application Gateway, NGINX Plus, Citrix NetScaler, Fortinet FortiADC and HAProxy, whereas Imperva DDoS is most compared with Cloudflare, Akamai, Imperva Web Application Firewall, AWS WAF and Arbor DDoS. See our F5 BIG-IP Local Traffic Manager (LTM) vs. Imperva DDoS report.

    We monitor all Application Delivery Controllers (ADC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.