IT Central Station is now PeerSpot: Here's why

Imperva Web Application Firewall Room for Improvement

Team Lead Senior Technical Engineer at a tech services company with 51-200 employees

The visibility of the actual traffic needs to be improved. 

We are only monitoring the traffic if there are any issues and the alerts are being triggered. 

We don't log the real-time traffic. We only log the real-time attacks and not the normal traffic that is passing through the device.

The main concern for our customers is to improve the visibility of the actual traffic. Customers feel that is the one feature that will greatly improve Imperva. 

They would like to have the complete network traffic passing through the device. Currently, we are only being alerted for the attack that has passed through the device instead of the genuine traffic.

We would like to see logs of the genuine traffic that passes through the device. It can be optional to enable it for certain customers and certain applications but should be included.

The support for the on-premises version needs improvement.

View full review »
Senior Software Developer at a computer software company with 1,001-5,000 employees

Until now, it is good. There are no issues. As an analyst, I simply monitor. I don't really get too far into the technical aspects of the solution.

Occasionally, I've noticed that the web application firewall was down. If we are not using proper storage, proper memory, proper CPU, and if multiple attacks happen at one time, they will be detected by our web application firewall. Sometimes our web application firewall will slow down. In that sense, it needs some improvement. We do have a precaution for if the solution goes down. We basically, need to increase the memory and the storage and the CPU utilization, so that we can prevent our company from malicious activity. 

I cannot say which type of memory or storage should be improved. The requirements depend on the organization. What organizations need and which type of configurations would work best as per their requirements depend completely on that.

View full review »
SumedhSalve - PeerSpot reviewer
GA Consultant Cyber Security at a tech services company with 51-200 employees

It should be more user-friendly. Like other web solutions, it would be helpful to be able to easily do policy configuration and identification inside the application. Understanding the in-depth configuration of a policy is somewhat difficult for an engineer, and they can improve that. 

View full review »
Buyer's Guide
Imperva Web Application Firewall
June 2022
Learn what your peers think about Imperva Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
610,190 professionals have used our research since 2012.
CTO at a tech services company with 11-50 employees

They can provide an option to create a report, automatically import the entire report, and create rules again. In a real-life crisis, it would be helpful to be able to import a report and generate security rules from that report. I should be able to create a simple query and import the reports automatically. It can maybe also tell us the format of the report.

View full review »
Security Engineering at a computer software company with 5,001-10,000 employees

In the past, I have bugs on the WAF. I've contacted Imperva about them. Future releases should be less buggy.

View full review »
Technical Account Manager at a tech services company with 201-500 employees

I loved the approach of the cloud. The cloud has a lot of new features, like advanced web protection and DDoS protection. If those could also be on-boarded onto the on-prem versions, that would be ideal. They need to pay attention to both deployment options and not just favor one. 

View full review »
Application Security Engineer at a insurance company with 10,001+ employees

In terms of what could be improved, I would say reporting on the cloud side.

Additionally, I am looking for more data enrichment. We should have the ability to add our own custom data to the system, to the live traffic.

In the next release I would like to see more API security.

View full review »
SOAR Consultant at a tech services company with 1,001-5,000 employees

Every product has a room for improvement, and in Imperva Web Application Firewall, we found a limitation when we need to check which email IP traffic is coming from, e.g. we cannot find it.

Imperva Web Application Firewall is a good system, but we found that the visibility of the diverse-path server, e.g. where the traffic is coming from, the different IPs, etc., needs improvement. If we can populate those information, we can block them in our firewalls, and that would make this solution better.

Though the cloud interface of Imperva Web Application Firewall is good, the interface of the on-premises version is not as appealing, and it's what I'd like to see improved in the next release of this solution.

View full review »
Akhilesh Mishra - PeerSpot reviewer
Sr.I-Security Engineer at M.Tech

Imperva Web Application Firewall can improve by providing better features, such as improved prevention of zero-day attacks. Additionally, it should include a VR meta-analysis.

View full review »
Fairuz Zazli - PeerSpot reviewer
Lead Client Service Manager at Nexagate Sdn Bhd

I don't really use it and therefore can't speak to areas of improvement. 

View full review »
Manager for Implementation and Administration at Commercial Bank of Ethiopia

Imperva Web Application Firewall can improve by adding more features to the dashboard. increasing the visibility of the real-time events, besides configuring the administration itself. 

The automatic reporting system is good, but it needs more templates. For example, better made for the management and for system admins, and monitoring teams. This would be great. 

 We want to send any configuration change automatically to the management. However, I think the automatic reporting feature is not enabled on Imperva. We had to instead look at the audit log for the last 24 hours, check and generate the report to send to the management. 

View full review »
Tesfa Alazar - PeerSpot reviewer
Chief Information Security Consultant at V-Tech

It would be nice to have more security control over mobile applications so I would suggest adding more mobile security features. 

It would also be beneficial to see improvements in regards to interface bandwidth performance, CPU time, and RAM size.

Learning capability of the device is quite weak.

View full review »
Acquisitions Leader at a healthcare company with 10,001+ employees

The process to upgrade from one version to another can be a lot simpler than it is currently.

View full review »
Buyer's Guide
Imperva Web Application Firewall
June 2022
Learn what your peers think about Imperva Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
610,190 professionals have used our research since 2012.