I would like to see improvements in the pooling of threats and attacks, possibly to enlarge the scale of indicators of compromise. For example, the initiation of an attack on the endpoint level could be combined into a big denial of service. Maybe Imperva DDoS could use endpoints to get information about the attacks before they commence from the endpoint level or establish cooperation with endpoint vendors to share this information.

Support is one thing I wish Imperva could improve. They follow the phone model and keep rotating you from one customer service person to another. The layer one support isn't very clear about the workings of the product.

My feedback is primarily about Imperva Cloud, not on-premise. On-premise is a whole new story.

Support is the issue for Imperva Cloud. It's also a bit pricey. It's a premium service and very expensive. The licensing model is not very straightforward. Every feature is priced separately, and to enjoy maximum protection, you'll have to spend a lot of money. The licensing model is a bit complex, and each feature is very pricey. For example, API security and web application protection are two separate license packages.

Pricing can be improved, as it is quite expensive. Additionally, support response times for emails can sometimes be delayed, which is an area that could use improvement.

It is not a personal firewall, however, I can log my traffic to the Web Application Firewall if my hardware is available on-premise. I am satisfied with all the features available. There is nothing specific where the application firewall is falling short.

Could you please describe the deployment process, initial setup process, and what challenges were faced?

There's always room for improvement. Occasionally, there might be false-positive alerts.  

The only disadvantage of Imperva is that it is a pretty costly solution. 

We faced issues regarding compliance with client procedures. The client had strict compliance rules, and Imperva needed to be on a VM, while the client required containerization, causing a conflict. They went with Imperva for the on-premise version but shelved the cloud project due to too many blockers.

The product's customization capabilities are a bit problematic, requiring support cases for backend modifications. 

Additionally, the handling of high-traffic volumes could be better, as it doesn't cut you off if you exceed your purchased traffic. Our clients like the guarantee that they won't be charged for exceeding traffic during peak periods. Users also need to be more attentive to false alerts, as the marketing might give a false sense of trust.

I would prefer AI integrations for user administration, visualization, log analytics, and risk analysis. If they can bring in generative AI features, that would be useful.

The signature updates could be faster. Sometimes we have to upload signatures to the Imperva portal for checking and analysis before we can use them.

Imperva's product is very good, but when it comes to procuring the software in my country it can be somewhat expensive. I don't recall the exact amount, but in comparison with other countries it is a huge investment.

They recently separated the WAF and the DAM management gateways in order for each of these to be managed from different areas, so I believe it now requires additional investments for what was previously a single complete solution.

Although the vendor support from Imperva is not bad, getting a response from them can be a lengthy process at times.

At the moment, I am okay with the product. I haven't found something that needs to be improved yet.

I am not physically busy with any implementations associated with the product, but I will share the details of what is required in the solution with my team as soon as I figure out what is required in the solution.

Sometimes, it takes a bit of time for the technical staff of the solution to get back to our company with a resolution for our problems. The aforementioned area related to the product can an be considered for improvement.

One potential improvement for Imperva is enhancing its alert system. While the core functionality isn't a problem, there is room for improvement in terms of the alerts' depth and comprehensiveness. Specifically, having more detailed and informative alerts could be beneficial, especially for mobile users and individuals. This would enable better visibility into security issues and facilitate more effective troubleshooting, ensuring that critical information doesn't get overlooked. Additionally, Imperva could see improvement in its integrations with other solutions. Integrations, such as those with QRadar, can sometimes be a bit challenging, falling between not being extremely difficult but also not very easy. Simplifying and enhancing these integration processes could be valuable.

It is expanding its number of data centers for scrubbing traffic. Currently, there is only one POP for cleaning in South Africa. They might add another POP in North Africa, possibly in Nigeria or Egypt. Latency concerns customers, especially in regions like East and West Africa, where traffic has to travel to South Africa before returning. Increasing the number of POPs across the continent would help address these latency issues and improve overall service.

While the platform is already quite strong, there’s always room for improvement, especially in keeping up with emerging trends and new types of attacks. Enhancing security capabilities could be beneficial. Integrating more advanced AI features could significantly improve its effectiveness and help customers leverage these tools more effectively. It would be great to see more focus on AI integration to handle and analyze data more efficiently.

Apart from predefined templates, it would be helpful if the solution provided an option to customize any new rules or additions based on the requirement.

The solution should integrate with something that looks at continuous security management.

Imperva Web Application Firewall can improve by adding more features to the dashboard. increasing the visibility of the real-time events, besides configuring the administration itself. 

The automatic reporting system is good, but it needs more templates. For example, better made for the management and for system admins, and monitoring teams. This would be great. 

 We want to send any configuration change automatically to the management. However, I think the automatic reporting feature is not enabled on Imperva. We had to instead look at the audit log for the last 24 hours, check and generate the report to send to the management. 

The tool needs to include artificial intelligence and machine learning. It also needs to improve profiling. 

It’s hard to think of an improvement. The three-second service level agreement is already better than the competition.

You would ordinarily say something like API protection. However, they've got that with another product. It's not that DDoS protection does everything. It's that within their family of products, they've got a solution for everything. That's what I like about it, the whole integrated service. There’s nothing that’s missing in terms of features.

I don't really use it and therefore can't speak to areas of improvement. 

In terms of what could be improved, I would say reporting on the cloud side.

Additionally, I am looking for more data enrichment. We should have the ability to add our own custom data to the system, to the live traffic.

In the next release I would like to see more API security.

Imperva DDoS does not provide version control. After I make any changes on any portal, I would want to roll back my changes and go back to a stable version if something goes wrong. That particular feature is not there on the UI portal.

They have this roundabout way wherein I can use different tools to integrate, do the versioning, and manage it on my own. It's not directly available, but I can use it indirectly.

The Imperva Web Application Firewall automations are good, but there is still room for improvement with them. Fast rule propagation could also be improved.

Imperva Web Application Firewall could improve the API integration. It was complex for us. Additionally, The onboarding could be better.

Imperva Web Application Firewall could improve the console by making it easier to use. 

Imperva always needs to adjust to new versions of cyber attacks, it needs to be faster, improve the resiliency of the software of the solution.

It should be more user-friendly. Like other web solutions, it would be helpful to be able to easily do policy configuration and identification inside the application. Understanding the in-depth configuration of a policy is somewhat difficult for an engineer, and they can improve that. 

Some maintenance must be performed by our IT team.

Pricing could be more competitive.

It would be beneficial to include vulnerability management in the solution, similar to what they have for their on-premise solution.

This is a very limited tool if you're looking to customize. It would be helpful if Imperva would provide additional resources for Terraform that can easily be deployed. There are some cases where we're currently unable to use Terraform.

I loved the approach of the cloud. The cloud has a lot of new features, like advanced web protection and DDoS protection. If those could also be on-boarded onto the on-prem versions, that would be ideal. They need to pay attention to both deployment options and not just favor one. 

Its price could be improved. It is quite expensive.

It will be good if we could export the configuration. Currently, to control the configuration, we need to go to each website, which is not very convenient.

The process to upgrade from one version to another can be a lot simpler than it is currently.

We did have a major complaint, however, they fixed it after about a year and a half of complaining. It's not a problem anymore. I don't recall really having any issues with the solution beyond what they have fixed.

The salespeople tend to exaggerate its capabilities, which can cost you money if you don't verify the information.

The weakest point of Imperva is their first level of support, which should be improved. 

They should also improve the access and security logs viewing directly on the portal. I would like to see better access and security logs through the portal and not only through a SIEM solution. Currently, if you want to explore your access and security logs from Imperva, you need a SIEM tool or a SIEM infrastructure on your side to do it. You can't do it manually or directly through the portal, which is a big problem for us. They agreed that this is an improvement point from their side.

I do not see any big problems with the product. Imperva has had a lot of experience developing this product platform and it seems appropriate for my use cases. There are a few places where it can be improved.  

An area of improvement that I was looking for in Incapsula at this moment is enhancing the policy levels. For my purposes, I think there are too few policies. The product and what is included may be good, but it has to be improved further in the area of policies.  

Another area that could do with improvement is certificate management. I do not like the way that incapsula handles certificates very much. It needs to be changed or drastically improved to be more fluid.  

We have to be conscious of the architecture updates. Updates for the application architecture may break the existing protection application if we have made any changes. It does not seem that this should be so big of a concern for the end-user and could be handled better.  

The solution needs to be improved every time there are new attacks. They need to add new features and techniques to prevent the attacks.

I would like the solution to improve its support response time. 

It is complicated to integrate the solution's on-cloud version with other platforms. 

The solution works for particular zones but isn't always the best solution for all zones. 

The solution's pricing could be improved. 

An improvement for Imperva WAF would be to reduce the number of false positives and create more strong use cases based on AI/ML or behavioral analytics. In the next release, Imperva WAF should include more use cases for Advanced Persistent Threats and next emission sophisticated attacks.

I'd like the option to pick your bot protection.

I would like to see automated reporting to improve visibility.

Imperva Web Application Firewall can improve by providing better features, such as improved prevention of zero-day attacks. Additionally, it should include a VR meta-analysis.

The cost could be lower; our end clients need to have a high budget to purchase this solution.

Every product has a room for improvement, and in Imperva Web Application Firewall, we found a limitation when we need to check which email IP traffic is coming from, e.g. we cannot find it.

Imperva Web Application Firewall is a good system, but we found that the visibility of the diverse-path server, e.g. where the traffic is coming from, the different IPs, etc., needs improvement. If we can populate those information, we can block them in our firewalls, and that would make this solution better.

Though the cloud interface of Imperva Web Application Firewall is good, the interface of the on-premises version is not as appealing, and it's what I'd like to see improved in the next release of this solution.

It would be nice to have more security control over mobile applications so I would suggest adding more mobile security features. 

It would also be beneficial to see improvements in regards to interface bandwidth performance, CPU time, and RAM size.

Learning capability of the device is quite weak.

Users would benefit from better documentation. There is official documentation, but sometimes we need more detail. We have some use cases that are not so run of the mill. It would be great if there was a knowledge base that we could go to for more answers.

The price could also be more reasonable. The price should at the very least be adjusted for different parts of the world. For example, here in Latin America, our budgets are very different than those for projects in the United States or Europe. It would be really positive if we could get the product at a more affordable price as we are customers with lower budgets without sacrificing features or capabilities of the solution.

The visibility of the actual traffic needs to be improved. 

We are only monitoring the traffic if there are any issues and the alerts are being triggered. 

We don't log the real-time traffic. We only log the real-time attacks and not the normal traffic that is passing through the device.

The main concern for our customers is to improve the visibility of the actual traffic. Customers feel that is the one feature that will greatly improve Imperva. 

They would like to have the complete network traffic passing through the device. Currently, we are only being alerted for the attack that has passed through the device instead of the genuine traffic.

We would like to see logs of the genuine traffic that passes through the device. It can be optional to enable it for certain customers and certain applications but should be included.

The support for the on-premises version needs improvement.

In the past, I have bugs on the WAF. I've contacted Imperva about them. Future releases should be less buggy.

Until now, it is good. There are no issues. As an analyst, I simply monitor. I don't really get too far into the technical aspects of the solution.

Occasionally, I've noticed that the web application firewall was down. If we are not using proper storage, proper memory, proper CPU, and if multiple attacks happen at one time, they will be detected by our web application firewall. Sometimes our web application firewall will slow down. In that sense, it needs some improvement. We do have a precaution for if the solution goes down. We basically, need to increase the memory and the storage and the CPU utilization, so that we can prevent our company from malicious activity. 

I cannot say which type of memory or storage should be improved. The requirements depend on the organization. What organizations need and which type of configurations would work best as per their requirements depend completely on that.

They can provide an option to create a report, automatically import the entire report, and create rules again. In a real-life crisis, it would be helpful to be able to import a report and generate security rules from that report. I should be able to create a simple query and import the reports automatically. It can maybe also tell us the format of the report.

I think the product could be improved by reducing the price. It would help if they came up with pricing options because as it is now if you're a big company and use the site often, it's more expensive. 

The log analytics interface within Incapsula isn't really good. For example, if you have to get all logs from there, it's a very cumbersome process.

The solution doesn't seem to come with any other additional features. There are other products in the market today that give you an overall network perimeter protection. Incapsula is good for what it is, but it can expand its horizon a lot if it decides to include more network perimeter protection features and capabilities. It needs items, for example, at endpoints and some sort of firewall that can work at multiple levels. Items of that nature will really bump up the security and make it a much better product.

The user interface could be better.

I would like to have support for SSL management and secure DNS.

If I had the opportunity to recommend an enhancement to Imperva it would be to have more POP (Point of Presence) in East and West Africa, and in Central Africa as well. There is only one POP in South Africa. There are other ones are in Europe, America, and Asia and sometimes the latency can be an issue because for your traffic to hit the website — say in East Africa. First, it has to first go to the nearest point of presence. Because of the distance, there can be some problems. So if they have a POP closer to manage customers around Africa this could be a better service to clients.  

The rules surrounding the making of web applications could be improved.

When you want to move to a higher version of the platform, it is not in the GUI and not very easy to do. I expect that this will be available in the next version.

I think that better bot protection is needed in this solution. Bot protection is one of the features in Imperva that lets you recognize if their request is coming from a human or coming from a bot. In this context, a bot is a mechanism being used by the attacker. Good bot protection will reduce a lot of the attacks coming into the applications.

It would be useful if the solution used more intelligence in attack protection. For example, firewalls are to be dependent on the configuration, but if they could have some data science around it the solution would be even better. The profiling of the traffic, and making decisions surrounding that should be intelligence-based, instead of being based on the configuration of the firewall itself.

Most of the clients are new to this solution and don't have an in-depth knowledge of the solution. It's not so well-known in Ethiopia. Imperva has only been around for a year. 

Licensing should be improved. Most of the clients aren't happy. It's expensive. 

Some of the features should be included in the next release is a file integrating monitoring tool. This feature should be improved. Also, it should have a privileged account option. In the solution, if you put it there, that would be a very nice feature so that the clients could get all those solutions in one box. It will be easier for support and for clients. 

I think the pricing needs some tweaks. 

The firewall aspect of the solution needs improvement.

The GUI is not as intuitive enough. It should be more user-friendly, especially for end-users. 

The initial setup could be simplified. Every time you have to install the solution you have to get in touch with support or somebody that can to do that for you. 

The solution needs to ensure they are compliant and can show the customer in a visual way, like a ticked box, that they are protected. They need to ensure their solution is showcasing if their system is getting attacked so clients know if or when they are under attack.

Clients also often complain about the cost of the solution. They should consider adjusting their pricing models.

We would like them to hire people in Sweden because it's quite hard when people are sitting in the UK or Belgium because some of the customers really want them to be local.

In the next version, they could include more products or more solutions in this solution that you can add on. They need to build more features that they can add so they can help the customers who don't have a particular solution in hand. Most of the end-users are looking for an easy way to manage all of their solutions. Today we're selling a lot of smaller solutions, and they need to have a lot of different management solutions that we can offer to clients. 

One thing that they really could improve on is the depth of the analytics. The company needs to think more about the risk and analytic side of the application to supply the user with more information to evaluate and use in resolving issues. It is good to be able to depend on the product to provide a reliable solution, but it is better to take steps to resolve issues overall. This means giving information to the user that will help them identify exactly what the issues are. Risk analytics need to improve and this can be done easily.

The dashboard of the solution is complex. It is complex in the sense that there are too many options. There are two types of Incapsula dashboards. One is the on-prem version and one is cloud-based. Cloud-based is okay. The on-prem one needs some work.

The solution needs to improve Integration with third parties for their on-prem deployment models. The integration is not that good yet.

The visibility provided by this solution can be improved. I often tell my customers that "You can't fight what you can't see". I can recall a time when I did a presentation after a deployment, and it prompted them to put the solution into enforcement mode immediately. Normally, we wait one week with the solution in monitoring mode. However, once they saw the types of vulnerabilities they had, they wanted to take action right away. It gave them a great deal of knowledge, and knowing that they are protected from these types of attacks has boosted their confidence.

This solution has a lot of features, and some of the students were confused when I was discussing them. It would be helpful to have a "recommended deployment", or even a list of basic features that should either be used or turned on by default. If somebody has installed the product several times but is doing the same thing incorrectly, then they get experienced in doing the wrong thing. You should be able to specify which assets you need to be protected, and the solution will tell you the minimum in terms of features that need to be turned on. If you need more advanced protection then the others will become relevant.

Imperva partner training is something that I would be interested in if it ever came my way. There should be partner-specific webinars, meetings, and other training provided to us,

I would like to see more support available for this product online. Some customers find this to be a real limitation.

The virtual processing could be improved.

Their portal is very limited and needs improvement.

I just need it to be a stable and normal version. I'd want to hear about the new features to see which I would need.

There could be some limitations rom the converged infrastructure perspective: when you want to converge with everything and you want Imperva to get there easily, because it's not a cloud component. For example, when you want to build servers and you're using OneView to manage your software-defined networks, implementing Imperva right away is not that simple. But if you're doing just a simple cloud infrastructure with servers in there, you're good to go.

Also, we are not able, with Imperva, to block by signatures. Imperva by itself needs to be complemented with another service to do URL filtering. That's why you need Incapsula.

Imperva now offers add-ons to add functionality, but I would like to see these included in the product, even if it would cost more.

I am not sure if this application has a policy where you can create your custom policy and run it as our firewall. We should have some ability to also create some custom policy, then run it as a firewall. Maybe it is not relevant, but I think this would be a good option.

Some things previously happened where we moved one of our websites to a new host and new server, then we had difficulty putting in our user credentials to Incapsula because we could not find them. My boss was aggravated with the issue. I believe he contacted Incapsula and found out how to use the credentials for the website. They had changed the user interface a couple months ago. It was different than now. We had to put some information from the website domain to Incapsula login order to activate it, because they had changed the user interface.

Acquire it for all the benefits that this solution brings to organizations, especially nowadays, when we live in a technological era where the speed and response times of the different websites are valued so much.

The reporting is missing some features, such as: only two export formats, and the time period does not include the last day, week, year.

At that moment, I miss being able to integrate the dashboard with other BI tools we are using. We have to export and import data to be able to present it, and doing so is a lot of work.

It would be better if we were able to manage and apply changes to multiple websites/web applications, and search WAF logs for multiple websites, via the Incapsula dashboard.

Reporting and the main Sites dashboard could use refinement. We have a lot of sites, and scrolling through the dashboard becomes cumbersome.

They could improve by minimizing false positive results. Although this occurs less with Imperva, we would like to see some further improvements.

We have been using this product for last 1 years, it's result is very impressive. But due to the excessive load on the Web site where thousands of requests‎ are generated from legitimate users, however the request in which any sequential or specialised characters are requested would be directly blocked by impreva . Currently imperva blocks the special character request generated from the user, as I conduct a test where I am parsing the encoded html values of the same special characters to the input field, imperva bypasses these encoded values for example : ' i.e. %27 or / i.e %2F, the WAF bypasses these encoded characters. I hope that this device should have a capability to detect the pattern which is associated with Xss or Xsrf, rather then by not blocking the request which contains any special characters.

Many features are buried under not-straight-forward options and, at times, hard to find screens. Very few import features have clearly defined format requirements. Agent installation for data usage/blocking activities on target boxes requires the involvement of OS admins and DBA’s, which complicates coordination of installation and delays implementation. The discovery feature does not accurately discover the instances and instead identifies auxiliary end points (SQL – 1434) and TCP listeners (Oracle – 1521).

An Incapsula website configuration instance can be in a "Pending DNS changes" state, where further work is needing to be done by the customer, while website access is otherwise fully functional. While in this state, the PCI Compliance Report for the website in question, which I have set to email me monthly, doesn't get generated and sent. Imperva should decouple the "Pending DNS changes" state from the process that periodically emails the PCI Compliance Report. Until that happens, the workaround is to manually generate the report monthly.

The default service is great!

Management of policies and rules can be complicated and the physical setup of the product has implications on HA.

The dashboard is not accessible on occasion. This is probably due to a high load. However, the sites’ protection seems intact.

The management interface needs improving. Even with a recent version of the interface, you cannot do all the changes that you would like. As an example, if you want to change one of your protected public IP addresses, you need to request this from support, and it takes a long time.

Improve reporting interface and filtering.

Incapsula:

• Allow easier scripting of firewall rules.
• Enable more custom actions to trigger turning on/off Incapsula settings (current actions are quite limited).
• Allow setting up of user groups to manage different groups of sites with viewer/operations/admin levels of privileges. This is quite a typical requirement for enterprise clients who will have multiple teams taking care of different sites, plus an overall IT security team who oversees everything.

CloudFlare:

• Improve the strength of WAF/DDoS.
• Reduce the rate of false positives.

I have found some issues with caching; seems to be inconsistent

More products, especially for smaller companies that could benefit them.

HTML minification could be improved. The actual HTML minification does not provide the maximum HTML minification nor provides the best result. 

• Maybe another pricing tier for home uses with a few more features above the free version.
• An appliance for large enterprise customers.

Delivery services and information security.

I'd like it to work with Let's Encrypt.

Incapsula has a built-in monitoring module, but it is a paid feature; I would expect that for the price we pay for the basic service, we would be able to integrate a monitoring solution, even a simple one.

In addition to that, Incapsula doesn't feature the option to add/remove available SSL protocols and/or ciphers.

• Customer service: Their customer service sometimes has different responses for similar requests. We sometimes need to explain the issue many times before they understand. Their CS staff is not well trained according to a consistent standard. For the same requests, some of them can perform well, but some of them might do it wrong.
• Network management: Their network department sometimes doesn’t take the responsibility to improve network latency until we raise the problem many times or to top management. Sometimes, we encounter latency issues. Only sometimes does their network staff update their routing to improve the performance. Other times, they will not do so and they push the responsibility to another carrier.

They once terminated a free account without warning, resulting in a few days downtime. But you get what you pay for.

The API is lackluster but especially for 'customers'. The only thing we wanted to use the API for was only available to resellers.

• Its firewall should be made less penetrable so that if an IP is blocked once, it doesn't penetrate again.
• The IP analytics should show trends and potential problem areas so that We can take action to minimize the occurrence of more hits from malicious IPs.
• The process of reporting, analysis, and clearance could be improved.

Although we're only using it for the accelerator part, the purging of files and the way this feature functions could use improvement. It requires the user to either purge everything or go through specific files, but if you do, the latter doesn’t always work. So with the single files sometimes there is more difficulty.

There is nothing as of now that I could suggest.

The interface seems a bit outdated and simplistic.

It would be nice to get a feed from Incapsula to import into our system. We have to have multiple dashboards open at the same time, and it would be nice to have one single dashboard with all our information.

Its user interface could be improved, as the competition looks better, but it doesn’t really need improvements in its functionality. We would like to have more reports and real-time views. Basically, the core functionality is great.

Caching rules are really basic now and lots of space for improvement here.

- For example, Incapsula does not check the protocol (HTTP vs. HTTPS) when serving cached pages.

- There is no possibility to create a caching rule based on a regular expression.

It would be nice to have a mobile app as a dashboard interface instead of the web administration, but the service is really great. The product is the best at what it does.

With the way that protection works, there is no such thing as pure protection, but as soon as Incapsula knows what a problem looks like, they fix it. They have to stay on top of the data intelligence game.

More features to help fine tune it. In general, more features for the platform would be nice.

I needed some support and according to the SLA and I couldn’t get telephone support and it took a little while till they got back to me. We’re an enterprise company so I think I would be happier for a bit more support to pick the phone up and ask a question. There was not as much back office help as we would have liked.

We’ve had a few, short outages that didn't have an impact on the business. One outage lasted a couple of hours, so the reliability could be improved.

At times, we can prove the service is not running, but technical support doesn’t reflect that fact. We appreciate that nothing is 100% reliable, but we'd appreciate more information during an outage and not after the fact.

Also, reporting could be improved. We shouldn’t have to look on Twitter to see if others are experiencing a similar issue. Greater transparency is needed when there is an issue.

I guess the GUI could be improved a little, as it’s not always simple to get. The most important aspect to me that needs improvement though, is that, by default, if you put activate and protect a server group you created, all the web applications lying on the same group of physical machines, inherit the same policy rule set. This means it’s not so easy to different policies and cut them on a specific application (maybe I’ll ask the vendor support).

The UI interface needs improvement. 

The tool needs to improve CPU and storage memory. 

We had an issue when securing the web applications for DDoS protection.

When using protection for some web applications, the customer may encounter a few issues.

The tool's UI is complicated. It would be best to have a more accessible UI dashboard to make the job easier. 

My clients raised a concern that even if they need the tool only for DDoS protection, they still have to buy the WAF license. It’s difficult to position the tool if the client already has a WAF solution and needs Imperva only for DDoS protection.

I would like to improve the tool's turnaround time in terms of support.