Coming October 25: PeerSpot Awards will be announced! Learn more

Imperva Web Application Firewall OverviewUNIXBusinessApplication

Imperva Web Application Firewall is #7 ranked solution in top Web Application Firewalls. PeerSpot users give Imperva Web Application Firewall an average rating of 8.6 out of 10. Imperva Web Application Firewall is most commonly compared to AWS WAF: Imperva Web Application Firewall vs AWS WAF. Imperva Web Application Firewall is popular among the large enterprise segment, accounting for 63% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 19% of all views.
Imperva Web Application Firewall Buyer's Guide

Download the Imperva Web Application Firewall Buyer's Guide including reviews and more. Updated: September 2022

What is Imperva Web Application Firewall?

Web application attacks deny services and steal sensitive data. Imperva Web Application Firewall (WAF) analyzes and inspects requests coming in to applications and stops these attacks.

Protect your applications in the cloud and on-premises with the same set of security policies and management capabilities. Safely migrate apps while maintaining full protection.

Deploy Imperva WAF on-premises, in AWS and Azure, or as a cloud service itself. Easily meet the specific security and service level requirements of individual applications.

Imperva WAF protects against the most critical web application security risks: SQL injection, cross-site scripting, illegal resource access, remote file inclusion, and other OWASP Top 10 and Automated Top 20 threats. Imperva security researchers continually monitor the threat landscape and update Imperva WAF with the latest threat data.

Imperva Web Application Firewall Customers

BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens

Imperva Web Application Firewall Video

Archived Imperva Web Application Firewall Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
PeerSpot user
Senior Security Engineer at a agriculture with 11-50 employees
Reseller
Top 20
Provides good network transparency and integrates well with other products
Pros and Cons
  • "If you are using the appliance as opposed to the virtual deployment, it can stand as the network layer-two and provide real transparency."
  • "The user interface could be better."

What is our primary use case?

We are a solution provider and Imperva is one of the products that we implement for our clients. They use it as an application firewall.

What is most valuable?

If you are using the appliance as opposed to the virtual deployment, it can stand as the network layer-two and provide real transparency. This is better than the competitors.

Imperva SecureSphere integrates well with other tools.

What needs improvement?

The user interface could be better.

For how long have I used the solution?

I have been working with Imperva SecureSphere for about four years.

Buyer's Guide
Imperva Web Application Firewall
September 2022
Learn what your peers think about Imperva Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
632,611 professionals have used our research since 2012.

What do I think about the stability of the solution?

Imperva solutions are the best in terms of stability.

What do I think about the scalability of the solution?

I have not faced any trouble with scalability because you can easily upgrade the appliance. 

How are customer service and support?

I am regularly in contact with Imperva support and I am satisfied with them.

How was the initial setup?

The initial setup is very basic and really easy to do. I wouldn't say that everybody, such as non-technical, people can do the setup and configuration. However, people with a mid-level of experience in application firewalls can do it easily.

What's my experience with pricing, setup cost, and licensing?

The price of this solution is a little bit high compared to competitors.

What other advice do I have?

My advice to anybody who is considering this solution is that if they want a stable product with good scalability then they can choose Imperva. The price is a little bit higher than that of the competitors, which largely impacts whether customers choose Imperva. In fact, if you don't care about budget then Imperva is the only solution for an application firewall.

My only complaint is that the user interface could be better.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
CTO - Consulting Services at a tech services company with 51-200 employees
Real User
Dual perspective of positive and negative security makes for optimal protection
Pros and Cons
  • "Compared to other web application firewalls in the market, Imperva does things in the most accurate way."
  • "I think that better bot protection is needed in this solution."

What is our primary use case?

For some time now, I have been the CTO of a consulting company and our main issue is web application security. We also handle database security.

This is one of the solutions that we implement for our clients.

The primary use of this solution is the protection of applications.

What is most valuable?

This product has a logical perspective of negative and positive security. Negative meaning all of the blacklisted websites, and the positive is the profiling of the website itself. Impera can see and activate the policy, based on what it has learned. Imperva learns things like how dynamic content is dealt with, and what the permitted values are. When you combine these two perspectives, the negative and the positive, you get the optimal protection of the application.

What needs improvement?

When you want to move to a higher version of the platform, it is not in the GUI and not very easy to do. I expect that this will be available in the next version.

I think that better bot protection is needed in this solution. Bot protection is one of the features in Imperva that lets you recognize if their request is coming from a human or coming from a bot. In this context, a bot is a mechanism being used by the attacker. Good bot protection will reduce a lot of the attacks coming into the applications.

For how long have I used the solution?

I have been using this solution for about eight years.

What do I think about the stability of the solution?

This solution is pretty stable.

What do I think about the scalability of the solution?

If you build this solution properly then you have scalability.

How are customer service and technical support?

We do not use technical support very often. It is only in cases where we get something that looks like a bug. Their team is good.

How was the initial setup?

The initial setup of this solution is user-friendly and pretty straightforward.

However, the setup, in order to bring the application into inspection, is kind of complex. You need to know what you're doing. It takes approximately four hours to install, setup, and configure this platform.

What about the implementation team?

My team and I handle the integration of this solution for our clients.

The number of people required depends on the environment. Sometimes it is one person, whereas other times there are two.

We have three people who take care of maintaining this solution for our customers.

What's my experience with pricing, setup cost, and licensing?

The cost of this solution depends on the platform. For example, you may be buying virtual or you may be buying appliances. It also depends on the number of environments and the bandwidth that is required.

Which other solutions did I evaluate?

Compared to other web application firewalls in the market, Imperva does things in the most accurate way.

What other advice do I have?

Overall, Imperva is a pretty good product.

I am working with the development team for Imperva in Israel, and I have submitted some feature requests for things that I think should be changed. Everything that should be fixed, we have a discussion on it and it is probable that these things will be fixed.

My advice to anybody who is implementing this solution is to first go and learn the attack surfaces because you need to protect the assets from attack. In order to do this, you need to understand the attacks. Let's say that a good defense is a good offense.

The biggest lesson that I have learned from working with this solution is to back up the system all of the time. Do it step by step, and be very precise. Have plans for each and every move, all of the time.

I would rate this solution a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Imperva Web Application Firewall
September 2022
Learn what your peers think about Imperva Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
632,611 professionals have used our research since 2012.
Head of IT at a tech services company with 11-50 employees
Real User
A solution with great dynamic profiling, good technical support, and a straightforward setup
Pros and Cons
  • "The dynamic profiling of websites is the solution's most valuable feature. The security is also good."
  • "It would be useful if the solution used more intelligence in attack protection. For example, firewalls are to be dependent on the configuration, but if they could have some data science around it the solution would be even better. The profiling of the traffic, and making decisions surrounding that should be intelligence-based, instead of being based on the configuration of the firewall itself."

What is most valuable?

The dynamic profiling of websites is the solution's most valuable feature. The security is also good.

What needs improvement?

It would be useful if the solution used more intelligence in attack protection. For example, firewalls are to be dependent on the configuration, but if they could have some data science around it the solution would be even better. The profiling of the traffic, and making decisions surrounding that should be intelligence-based, instead of being based on the configuration of the firewall itself.

For how long have I used the solution?

I've been using the solution for two to three years.

What do I think about the scalability of the solution?

The solution is scalable, however, in terms of scalability, you're required to change the appliance, as it's not like a cloud, which is easier to scale. I would not rate it very well when it comes to scalability, because a model of license-based upgrades would be better. They could give you a bigger box to make it easier to grow if you needed to.

How are customer service and technical support?

The solution's technical support is good.

How was the initial setup?

The initial setup is straightforward. However, when you move to more advanced configurations, you require more expertise.

What other advice do I have?

We are an integration company, so we are providing this as a solution to other customers. They're mostly enterprise-level clients.

I would recommend the solution. I'd rate it eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Tesfa Alazar - PeerSpot reviewer
Chief Information Security Consultant at V-Tech
Real User
Has good monitoring and you get what you expect from this solution
Pros and Cons
  • "Data masking is the most valuable feature of this solution."
  • "Some of the features should be included in the next release is a file integrating monitoring tool. This feature should be improved."

What is most valuable?

Data masking is the most valuable feature of this solution. 

What needs improvement?

Most of the clients are new to this solution and don't have an in-depth knowledge of the solution. It's not so well-known in Ethiopia. Imperva has only been around for a year. 

Licensing should be improved. Most of the clients aren't happy. It's expensive. 

Some of the features should be included in the next release is a file integrating monitoring tool. This feature should be improved. Also, it should have a privileged account option. In the solution, if you put it there, that would be a very nice feature so that the clients could get all those solutions in one box. It will be easier for support and for clients. 

For how long have I used the solution?

I have been using Imperva for the last two to three years.

What do I think about the stability of the solution?

It's a relatively new product but from the information I got from the Bank of Ethiopia, the stability is okay. They are getting what they are expecting from the product.

What do I think about the scalability of the solution?

Scalability is good especially compared to IBM. It's not so easy to integrate with another solution from another vendor. 

How was the initial setup?

The initial setup was complex. 

What other advice do I have?

The company has to deeply work on it. Also, with regard to support for the distributor, distributors have a big problem. We got the wrong consigning. It was kept for more than three months in a customs warehouse because of the issue of the problems on the distributor side. That is a big problem.

I would rate it an eight out of ten. Imperva is good because it doesn't also only monitor but it also does acquisition.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
OluwoleOlajide - PeerSpot reviewer
Cloud Solutions Architect at Snapnet Limited
Reseller
A highly scalable solution with good stability and great data marking capabilities
Pros and Cons
  • "The solution is very scalable. It is one of the most important features. You can also expand resources and features as well."
  • "The initial setup could be simplified. Every time you have to install the solution you have to get in touch with support or somebody that can to do that for you."

What is most valuable?

Data marking is the solution's most valuable feature.

What needs improvement?

The firewall aspect of the solution needs improvement.

The GUI is not as intuitive enough. It should be more user-friendly, especially for end-users. 

The initial setup could be simplified. Every time you have to install the solution you have to get in touch with support or somebody that can to do that for you. 

For how long have I used the solution?

I've been using the solution for a year or two.

What do I think about the stability of the solution?

The core functionality of the solution has been met. We find it stable enough.

What do I think about the scalability of the solution?

The solution is very scalable. It is one of the most important features. You can also expand resources and features as well.

How are customer service and technical support?

Customers actually require a lot of support. They want an easier channel that can provide support. The solution should offer a monthly check-in with clients. Other solutions offer this, and it's helpful for the clients, just to make sure everything is running okay.

In general, however, technical support has been good.

How was the initial setup?

The initial setup required a lot of help. It took a month or two to deploy so it wasn't exactly straightforward. However, it was not as difficult as other solutions either.

What other advice do I have?

I handle the on-premises deployment model. We have the latest version of the solution. We also sell the product.

I would rate the solution nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
JohnTamakloe - PeerSpot reviewer
Solution Architect at Ostec
Real User
Top 5
Useful out-of-the-box threat protection, not too complex, and has good technical support
Pros and Cons
  • "There are some features that are configured by default, so even without doing much, it can still provide a level of protection."
  • "It would be helpful to have a "recommended deployment", or even a list of basic features that should either be used or turned on by default."

What is our primary use case?

This is one of the solutions that we provide to our customers.

We use this solution for application-level security, above layer four protection where the firewall cannot reach.

I have worked with both on-premises and cloud deployments.

What is most valuable?

The most valuable feature is the out-of-the-box detection engine. It has the ability to detect some of these things without being configured. There are some features that are configured by default, so even without doing much, it can still provide a level of protection.

What needs improvement?

The visibility provided by this solution can be improved. I often tell my customers that "You can't fight what you can't see". I can recall a time when I did a presentation after a deployment, and it prompted them to put the solution into enforcement mode immediately. Normally, we wait one week with the solution in monitoring mode. However, once they saw the types of vulnerabilities they had, they wanted to take action right away. It gave them a great deal of knowledge, and knowing that they are protected from these types of attacks has boosted their confidence.

This solution has a lot of features, and some of the students were confused when I was discussing them. It would be helpful to have a "recommended deployment", or even a list of basic features that should either be used or turned on by default. If somebody has installed the product several times but is doing the same thing incorrectly, then they get experienced in doing the wrong thing. You should be able to specify which assets you need to be protected, and the solution will tell you the minimum in terms of features that need to be turned on. If you need more advanced protection then the others will become relevant.

Imperva partner training is something that I would be interested in if it ever came my way. There should be partner-specific webinars, meetings, and other training provided to us,

For how long have I used the solution?

I have been using this solution for about two years.

What do I think about the stability of the solution?

So far, I don't think that we've had any issues with this solution in terms of stability. People discussing this solution have given the same remark.

This solution is used on almost a daily basis.

What do I think about the scalability of the solution?

Scalability of this solution is based on the design. If you get your design right, then you shouldn't have a problem with the scalability.

How are customer service and technical support?

While we were installing this solution, we had contact with technical support and they were good. I have referenced information that is on their site and it is helpful, as well.

During the initial installation, there was a warning that was not part of the known CVEs. When I checked with support, they told me that this type of problem is blocked out-of-the-box. However, if I wanted to be really sure, they showed me how to create a custom policy, or custom rule, to specifically deal with it.

Which solution did I use previously and why did I switch?

I have used other solutions, but I usually follow the Gartner reports and their suggestions. My previous solution had not been doing too well.

Also, as I became more familiar with this solution, it became easier for me to identify issues. I had also read research on Imperva blocking denial-of-service attacks, and I like practical evidence of issues such as this. By reading these articles, and about other people's experiences, it is like seeing it for myself. With other solutions, you are not privy to such visibility.

Complexity and cost are two important factors when it came to choosing this solution.

Unless the client has as serious issues and does not want Imperva, this is my first choice.

How was the initial setup?

The initial setup of this solution was not too straightforward. We did have to contact Imperva during the deployment. The length of time for deployment depends on the experience of the people performing the installation, as well as the environment.

What about the implementation team?

My team and I performed the implementation of this solution. To make sure that we were on track, we contacted Imperva support for some clarification. Most of the things that we do, we follow best practices.

What's my experience with pricing, setup cost, and licensing?

Everybody complains about the price of this solution. 

What other advice do I have?

This is a security device, and it is used almost every day. It is not just used when there is an issue. Based on what the dashboard or the reports say, you can change policies to meet your security requirements or business needs.

Based on my experience, and what I know this product can do, I would never recommend another solution. I advise most of my customers to go for this.

I would rate this solution a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
George Ondego - PeerSpot reviewer
Manager, IS Security & Infrastructure at Fintech Kenya Limited
Real User
User-friendly with good performance and helps to secure digital assets
Pros and Cons
  • "It mitigates all of the availabilities of risks around web applications."
  • "Their portal is very limited and needs improvement."

What is our primary use case?

We are a reseller and integration partner, and we have customers who are using this solution in on-premises deployments.

How has it helped my organization?

This solution has helped in securing our clients' assets, which is key. It mitigates all of the availabilities of risks around web applications.

What is most valuable?

The most valuable feature of this solution is web application security.

This is a user-friendly solution.

This solution has good performance ratings.

What needs improvement?

I would like to see more support available for this product online. Some customers find this to be a real limitation.

The virtual processing could be improved.

Their portal is very limited and needs improvement.

For how long have I used the solution?

We have been using this solution for close to five years.

What do I think about the stability of the solution?

This is a very stable solution.

What do I think about the scalability of the solution?

The solution is very scalable, but of course, the scalability comes with a cost.

How are customer service and technical support?

I think that technical support needs to be improved by making it more localized, or regionalized. Our support is currently coming from the US, and it is not very good. They need to take care of their global customers.

Which solution did I use previously and why did I switch?

We previously used Fortinet, but this solution has better performance ratings.

How was the initial setup?

I don't want to say that the initial setup is straightforward, but it is manageable. It requires a bit of technical knowledge.

What other advice do I have?

This is a solution that I highly recommend.

The biggest lesson that I have learned from this solution is that Imperva is not a one-house solution. They create a specialized solution, and that comes with a lot of value.

I would rate this solution a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Specialist Engineer at Entel Networks S.A
Reseller
Valuable compliance features and has good stability

What is our primary use case?

The primary use was to cover the database. Imperva we recognized on the market as the best solution for techs on databases. The banks here in Chile always ask for these types of solutions.

What is most valuable?

The compliance is the most valuable aspect.

What needs improvement?

I just need it to be a stable and normal version. I'd want to hear about the new features to see which I would need.

For how long have I used the solution?

I've been using the solution for 2 years.

What do I think about the stability of the solution?

I find this solution stable. We have 2,000 users in financial services.

What do I think about the scalability of the solution?

The solution is scalable.

How was the initial setup?

The setup initially was simple, but when we tried to run it we had problems with the log parameters and it was complicated to use. The operation was complicated to use, but that is just the experience of my team. It took two months to deploy. The setup and installation of the technologies took one week, and after that, one month to set up the parameters and after that, in order to set up the logs, it took about two weeks. So two months total. We have three engineers, including an architect and a security engineer. We also had a fourth engineer that knew the application.

What's my experience with pricing, setup cost, and licensing?

We have a yearly license, but I'm unsure of the pricing.

Which other solutions did I evaluate?

We didn't evaluate other options, just Imperva.

What other advice do I have?

I would rate the solution as an 8 out of 10, simply because of the difficulty of operation management. It's a complicated tool to keep.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
Omar Sánchez (Mr.Tech) - PeerSpot reviewer
Information Security Advisor, CISO & CIO, Docutek Services at Docutek Services
Consultant
Leaderboard
Gives me peace of mind, blocks everything we need it to block
Pros and Cons
  • "It has threat intelligence and we are using Incapsula. With threat intelligence, we can separate HTTP and HTTPS traffic. We can use Incapsula to send all the threat intelligence to the WAF."
  • "There could be some limitations that from the converged infrastructure perspective: when you want to converge with everything and you want Imperva to get there easily because it's not a cloud component. For example, when you want to build servers and you're using OneView to manage your software-defined networks, implementing Imperva right away is not that simple. But if you're doing just a simple cloud infrastructure with servers in there, you're good to go. Also, we are not able, with Imperva, to block by signatures. Imperva by itself needs to be complemented with another service to do URL filtering."

What is our primary use case?

Our primary use case is to protect our cloud production environment.

How has it helped my organization?

We have a co-location that we do with our QA and Dev and our pre-production environment. We do everything there. We built it for the production environment so we deploy everything in the cloud. We have the web application firewall in the cloud, after the proxy.

What is most valuable?

It has threat intelligence and we are using Incapsula. With threat intelligence, we can separate HTTP and HTTPS traffic. We can use Incapsula to send all the threat intelligence to the WAF.

The interface is very user-friendly. You get used to it. It's very convenient.

What needs improvement?

There could be some limitations rom the converged infrastructure perspective: when you want to converge with everything and you want Imperva to get there easily, because it's not a cloud component. For example, when you want to build servers and you're using OneView to manage your software-defined networks, implementing Imperva right away is not that simple. But if you're doing just a simple cloud infrastructure with servers in there, you're good to go.

Also, we are not able, with Imperva, to block by signatures. Imperva by itself needs to be complemented with another service to do URL filtering. That's why you need Incapsula.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

No issues with stability. It has never crashed.

What do I think about the scalability of the solution?

Scalability is affordable. There are no issues with the process of scaling.

They have centralized management, in terms of scalability. They have centralized policy control, they have centralized application profile information. On the dashboard they have Signature Update, Monitoring, Reporting. They clearly thought about the large-scale when they made this product.

How are customer service and technical support?

We use a partner here in Puerto Rico for Imperva. We have a guy in our shop every day, full-time.

Which solution did I use previously and why did I switch?

We used Fortigate. We switched because it's not a WAF. When you have a WAF, you want that WAF to do all kinds of configurations, to promote the firewall, to work the way you want it. Imperva came with everything, the whole package.

How was the initial setup?

The initial setup was a little bit complex. But a third-party took care of everything. It's not like putting milk on cereal when you are working with these kinds of configurations. The effectiveness of a web application is going to come from the analysis of what your organization needs. If you don't have that information before you go into Imperva, you're going to have a lot to do when you get there. You need to know what you're doing. It's not something you can take out of the box and put in your infrastructure. It's somewhat hardcore to deal with these kinds of solutions. 

What's my experience with pricing, setup cost, and licensing?

Make sure you understand the way that Imperva charges. It's very affordable. However, I would like to see a package with the Virtual Patching included. You get to do patching separately.

Which other solutions did I evaluate?

We had F5, Akamai, Fortinet, Barracuda. We may have looked at Juniper as well, I don't remember. Not too many companies have a WAF. Not all the firewall companies are WAF makers.

What other advice do I have?

I think it's perfect. It's a very good application. When you do large-scale deployment you want to protect your physical web application with Imperva, trust me. It gives me peace of mind.

These are guys are from Israel and you should see that place. These guys are the best I have ever seen. They do all kinds of stuff and there is nothing that they cannot do. These people are incredible. They can configure and develop anything, customized, if you want it. Everything has a price, but they can do it right now. They don't have a "no."

We use Imperva with Incapsula so we have web security, we have DDoS protection, we have content delivery networking, we have load-balancing. We do everything with Incapsula cloud. For example, if you have an internet threat, that threat is trying to access your web application. Depending on the threat that you are receiving, the activity monitor is going to be triggered. Once that activity monitor gets triggered, the vulnerability management is going to defend you. It doesn't work for everything the same way. It's very intelligent.

Without tuning, it blocked 88 percent of the vulnerabilities, and when we tuned it, it blocked 98 percent. Whatever was not blocked didn't harm us. We use a third-party for tuning. We tell them what to do it and they do it. They get it done fast, sometimes in two to three days. It depends on what you're asking for. If you're asking for more accuracy, they go the distance to solve your problem. For example, the other day I had some keywords, some attack signatures that they were looking at for false-positives and false negatives, which are two different things. One of the main reasons we got Imperva is that we wanted to block attacks while limiting the number of false positives. I wanted the application scanner not to generate false positives by creating violations. I gave them the information, and the next day it was solved.

To put it in a high-level perspective, you are paying to see the things that are important, but you get a lot of noise. I wanted to reduce that noise. They allowed me to do that. 

Make sure you have the right testing methodology for Virtual Patching. If you want to take your patching to under 30 days, this is the product for you. We reduced it to five days. I think we are the only company where the patching is under five days. We are only doing it at the database-level right now. But we took it down to five days. 

There are proper ways to test a WAF, but the main advice I can give you is that you should not just generate attack traffic. The most effective method, for me, would be to generate both attack and legitimate traffic. That kind of approach will give you a way to rate the ability of the WAF to detect malicious traffic and to distinguish malicious traffic from good traffic. Provide real-world testing scenarios, in which the WAF must block attacks and avoid blocking good traffic at the same time. You will be able to measure how many false positives you're getting. That is the best way to test a WAF: Don't only to generate attack traffic.

Another piece of advice, and here I will jump  to the main fears of this environment - SQL injections, cross-site scripting, which I hate, DT's (Directory Traversals) - is that you need to provide another layer here which is IPS. IPS products will all rely on signatures. They are going to be created by the scanner to stop anything, that's just the basics of threat prevention. If these signatures are easy to circumvent, by using comments and encoding at the same time, they will be available for the WAF to stop any kind of session or cookie tampering. What I'm saying is that there should be technical attack protection. You should be thinking not only about WAF but combining WAF and IPS.

You need to find an IPS that works with it. Imperva has something similar to an IPS, it's not an IPS per se. For example, an IPS cannot detect or stop fraud malware. For that, you need to add certain other levels of security and combine it with employee training. If you get the web application, which is called SecureSphere, the WAF, it will protect you against web page fraud because they go by black IPs. So you can help the IPS on that side and the IPS can help you letting you know what to block from the internal network. You should be considering a combination of WAF and IPS.

Another thing to take into consideration for people who are starting, with respect to deploying a WAF, is that they should validate the accuracy of the solution and the ability it has to protect any application and help you with monitoring and management. It's not just technical stuff.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user663045 - PeerSpot reviewer
Cyber and Information Security Officer at a energy/utilities company with 10,001+ employees
Real User
We can define custom policies, apply real-time changes and granular configuration
Pros and Cons
  • "Learning mode and custom policies are helpful features."
  • "Very intuitive and granular configuration - It does not require much time, or advanced knowledge, for configuration and maintenance."
  • "The reporting is missing some features, such as: only two export formats, and the time period does not include the last day, week, year."

How has it helped my organization?

Protects and secures all our web sites.

What is most valuable?

  • Learning mode.
  • Custom policies.
  • Very intuitive and granular configuration - It does not require much time, or advanced knowledge, for configuration and maintenance.

What needs improvement?

The reporting is missing some features, such as: only two export formats, and the time period does not include the last day, week, year.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

No issues with stability.

What do I think about the scalability of the solution?

No issues with scalability.

How is customer service and technical support?

10 out of 10 for local support, seven out of 10 for Imperva Professional Services.

How was the initial setup?

Straightforward. Easy to install and config.

Which other solutions did I evaluate?

F5.

What other advice do I have?

I rate it a 10 out of 10 because of the ability to apply real-time changes or creations, export and import applications learned, and it's very easy to use. It also features system logs or incidents, granular configuration in relation to a SIEM. It is the best product on the market, in my opinion. Cyber security leader.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Sr. Consultant at a tech services company with 51-200 employees
Consultant
Scan policies allow us to group multiple targets and standardize our database scanning. Technical support is probably the biggest drawback.

What is most valuable?

The most valuable feature is the grouping of multiple targets via the scan policy. It is valuable because of the large number of targets and governmental requirements to conduct periodic scans.

How has it helped my organization?

With acquisition of a license to use the product, we received the ability to standardize database scanning and data protection across the enterprise around one product.

What needs improvement?

Many features are buried under not-straight-forward options and, at times, hard to find screens. Very few import features have clearly defined format requirements. Agent installation for data usage/blocking activities on target boxes requires the involvement of OS admins and DBA’s, which complicates coordination of installation and delays implementation. The discovery feature does not accurately discover the instances and instead identifies auxiliary end points (SQL – 1434) and TCP listeners (Oracle – 1521).

For how long have I used the solution?

I’ve used and administered Imperva SecureSphere for 2 years.

What do I think about the stability of the solution?

Periodically, the site stops functioning and the appliance requires a reboot to restore functionality.

What do I think about the scalability of the solution?

Scalability capabilities are well thought through by product development. Installation of additional MX servers and gateways on remote networks ensures coverage of scanning and data usage monitoring/data protection capabilities.

How are customer service and technical support?

Technical support is probably the biggest drawback. No contact with technical support ever results in an immediate response and the solution is usually preceded with series of emails, going on for up to a week, before a live person gets on the phone. But, even then, their task is to observe the manifestation of the problem and request a collection of additional information (logs, traces, etc.) without any attempt to solve the problem during the call/WebEx session. Their technical support staff has at most two or three engineers that have a good working knowledge of the product, but most of the time, a level one technician is running the case. When support staff finally gets on the phone, their first statement is a disclaimer that they are on the call ONLY to collect information and that the customer should not expect any resolution.

This pattern of providing technical support greatly differs from what IBM offers for their Guardium product (competitor solution).

Which solution did I use previously and why did I switch?

We attempted to use several previous solutions. One was Tenable SecurityCenter with its custom, XML-like scripting where each check had to be written by the Database Security Specialist (myself). We also attempted to use AppDetectivePRO, though its performance, lack of customization, scalability, and licensing costs prevented us from continuing with it.

How was the initial setup?

The setup is very straightforward considering that it’s either a physical or virtual (OVF template) appliance. The wizard-like initial setup and configuration are somewhat awkward, but can be completed after reviewing the instructional videos available to the customers.

What's my experience with pricing, setup cost, and licensing?

Licensing should be chosen based on the current infrastructure setup and growth plans. Purchasing appliances of different types may lead to unnecessary/unjustified expenditures and ultimately lead to complications in administration.

Which other solutions did I evaluate?

The product that was evaluated and was chosen as the recommendation was IBM Guardium. Unfortunately, its licensing cost was a lot higher. Therefore, the management decided not to proceed with the purchase.

What other advice do I have?

Be prepared to obtain every piece of documentation that comes with the product. Thoroughly research it to obtain a clear understanding of how to implement the product and ensure you have a dedicated Imperva first-response engineer that can answer your questions without going through a normal support channel. Be patient when encountering a bug or a feature failure, as well as discrepancies between the product interface and/or behavior with the accompanied documentation. Their support is not prepared to jump in and start working on a fix or update the documentation.

In many cases, the documentation remains outdated referring to old releases regardless how long you’ve been asking for an update. Their instructional videos are also out of date, but references to them are consistently sent by their support whenever you may have a question. And finally, thoroughly document your deployment and license-related information, because every email to technical support is responded with an automated reply requesting this information. Not replying to this automated email with correct info will lead to further delays.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
it_user577338 - PeerSpot reviewer
it_user577338Sr. Consultant at a tech services company with 51-200 employees
Consultant

A much more mature product in this regard is BeyondInsight. Highly customizable and flexible when it comes to scanning.

it_user561657 - PeerSpot reviewer
Systems & Infrastructure Architect at a insurance company with 1,001-5,000 employees
Vendor
Provides bad-IP blocking and signature-based blocking. Management of policies and rules can be complicated.

What is most valuable?

  • Bad-IP blocking and signature-based blocking for web application security

How has it helped my organization?

  • Security compliance and temporary remediation of application vulnerabilities

What needs improvement?

Management of policies and rules can be complicated and the physical setup of the product has implications on HA.

For how long have I used the solution?

I have used SecureSphere for 3-4 years.

What do I think about the stability of the solution?

Performance of the smaller boxes can be sluggish depending on the load.

What do I think about the scalability of the solution?

We haven’t had any scalability issues.

Which solution did I use previously and why did I switch?

We did not have a previous solution.

How was the initial setup?

Initial setup was straightforward, but ongoing management of rules and policies are time-consuming and complicated.

What's my experience with pricing, setup cost, and licensing?

Try to use a cloud-based and/or managed solution instead of managing a WAF internally; that should be the first preference.

Which other solutions did I evaluate?

Before choosing, we also evaluated F5 ASM.

What other advice do I have?

While implementation is not hard, the process and resources for ongoing management should be thought through and agreed to before implementation.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user259980 - PeerSpot reviewer
Network Security Engineer at a tech services company with 501-1,000 employees
Consultant
The GUI could be improved a little, but the profiling section is the most valuable and fresh aspect about SecureSphere.

Valuable Features

I really like the profiling section. I mean that signature based policies are ok and they are maybe the most widespread and common kind of security policy in security appliances, but, the profiling policies are custom tailored on a specific web application. I guess it’s the most valuable, and fresh, aspect about SecureSphere.

Improvements to My Organization

It has helped a lot with working among, and creating a link between, different teams in my organization, of course I’m referring to security, networking and system application teams. It’s important to find the right collaboration in order to secure the applications from the beginning of the deployment process.

Room for Improvement

I guess the GUI could be improved a little, as it’s not always simple to get. The most important aspect to me that needs improvement though, is that, by default, if you put activate and protect a server group you created, all the web applications lying on the same group of physical machines, inherit the same policy rule set. This means it’s not so easy to different policies and cut them on a specific application (maybe I’ll ask the vendor support).

Use of Solution

It’s been one-and-a-half years.

Deployment Issues

Not in particular, once I understand the network behavior and the different types of the WAF deployment it was pretty simple and fast.

Stability Issues

Not so far. It must be said, though, that It’s a relatively a new installment in our infrastructure, and maybe it’s too soon to say.

Scalability Issues

It’s an ongoing process day to day, working alongside systems and application engineers to adapt the WAF to better meet the applications characteristics. I guess it depends a lot on the application features and software implementation.

Customer Service and Technical Support

Customer Service:

I would say that they are pretty available.

Technical Support:

They are reliable and ready to solve your issues.

Initial Setup

To be honest, we have been supported by a professional services engineer who showed us the peculiarities during the initial setup, so it was a good experience. I would say that it’s straightforward if you are in good hands.

Other Advice

I would say to focus on the most convenient area for positioning the WAF in order to take the get the best out of it. In my case, we chose a WAF appliance, and it’s crucial where to put it. For instance, we chose to deploy it downstream from the load balancing network infrastructure for various reasons. One of them was to enable the WAF to see the private IP addresses that a vulnerability assessment tool in the private DMZ would see in order to use the WAF as an application firewall and as a virtual patching tool either.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user

This review was helpful because you took the time to write it.

it_user255885 - PeerSpot reviewer
Senior Security Analyst at a tech services company with 501-1,000 employees
Consultant
We can quickly see the attacks that the environment is suffering and take action to mitigate the threat(s).

Valuable Features

I was involved in the deployment and found that all the features in this product are fantastic, especially the correlated attack validation, threat radar (reputation, fraud), and virtual patching. Those are features that are very useful in day to day operations.

Improvements to My Organization

Using WAF in an organization means we can quickly see the attacks that the environment is suffering and take action to mitigate the threat(s). It is possible to view traffic and analyze it to determine if it is legitimate traffic or not, using features such as threat radar and geolocation, helping the security team in the company.

Use of Solution

I've been using the WAF component for over a year.

Deployment Issues

I had no issues with deployment.

Stability Issues

I had no issues with stability.

Scalability Issues

I had no issues with scalability.

Customer Service and Technical Support

Customer Service:

I didn't use the customer service, but all the teams in Imperva have a deep knowledge about the product to support customers for any issues they have.

Technical Support:

The technical support team at Imperva have a deep knowledge of all their solutions, and they are ready to support any customer with any problem.

Initial Setup

The initial setup is different for each environment. You need knowledge of the environment and application, to make a good schedule of activities. Make sure you validate the requirements, and the setup will be simpler to do

Implementation Team

I work as a System Engineer and part of my role is to help the partners do deployments for our customers. I participated in some deployments, and I can say the partners I have worked with have good knowledge about deployment and support for all solutions.

Other Advice

All products are good, and I believe narrowing the choice of manufacturer is best done when you do proof of concepts in-house and you can see which of your choices is best matched to your needs.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Imperva Web Application Firewall Report and get advice and tips from experienced pros sharing their opinions.
Updated: September 2022
Buyer's Guide
Download our free Imperva Web Application Firewall Report and get advice and tips from experienced pros sharing their opinions.