I use Imperva Application Security Platform for API security, which has a cloud solution where normal traffic flows horizontally, and a copy of the traffic goes to the cloud to be inspected. If there is something suspicious, it could be blocked depending on the action configured. Imperva Application Security Platform also has a solution for Database Activity Monitoring (DAM) as well as API security. I have been working with these solutions for around one and a half years, more than one year, as a partner collaborating with the vendor. The communication from the vendor flows through us, then to the clients, particularly the financial institutions and banks.

The data center for the bank is usually the headquarter, where the main data center is located in our country, and there are branches at every street. For the branches, every access is through the firewall and the core banking application server, and there is an integration between banks from different institutions. In this case, every communication is done through the API, necessitating API inspection and API security.

The main benefit is the use case my clients find valuable. For the product and security, there is good API inspection. If any abnormal API appears or there are any similarities due to changes, the API security features will catch that because there is access for third-party applications from one bank to another. This setup ensures there is segmentation, and allowed APIs will get access while others will be blocked. It serves as the main channel for third-party application integration, and without API security, any similar URL related access could affect core banking, which is vital for every financial transaction.

For real-time analysis, the deployment is arranged so as not to interrupt transactions. The normal traffic flow will continue, while a copy of the API traffic will be mirrored to Imperva Application Security Platform for deep inspection. If any abnormalities are detected, even unusual behaviors for transactions, checks are done continuously, and actions are sent accordingly if any suspicious traffic is found.

For the fast response of signature-based comparisons, traffic will be matched against the solutions stored in the database to release actions if similarities occur. However, the main drawback for signature-based approaches happens when there is a new zero-day attack that is not in the database. Solutions usually include integrity with lab environments so that zero-day attack signatures are sent through subscriptions to provide the latest updates.

The comparison for API protection varies across solutions. For F5, API protection is part of WAF, and similarly for Fortinet. While Imperva Application Security Platform has basic features as part of WAF, its dedicated API protection solution is a strong point.

On the negative side, API security mainly supports cloud-based solutions, while most of my customers prefer on-prem setups, so achieving high performance with on-prem solutions would be beneficial. The attractiveness of Imperva Application Security Platform is that not all data is exposed to the cloud. Only a mirrored copy goes to the cloud and is inspected, allowing actions to be taken on-prem. To convince my clients, a purely on-prem solution would be ideal since they are financial institutions.

I have been using the solution for more than one year.

I am more than happy with the technical support from Imperva Application Security Platform regarding data security and API security. For the support, however, one notable drawback is that, unlike Fortinet, which offers fast track labs and continuous enablement, Imperva Application Security Platform lacks lab access and fast track labs for enablement and product advertising. This weakness has shifted the marketplace toward other vendors. When creating a ticket for support during deployment, the response is satisfactory, though the gaps in enablement and lab sessions are clear.

I find Imperva Application Security Platform to be a scalable product, as long as I subscribe and pay for the application I wish to use. It is scalable, and for about one and a half years, I have experienced no challenges in this area. I have not even needed support after deployment, since it has remained stable.

When creating a ticket for support during deployment, the response is satisfactory, though the gaps in enablement and lab sessions are clear. Overall, I would rate support around an eight or nine, and my overall experience with security products spans around four years, with my particular engagement with Imperva Application Security Platform mainly during project deployment and client training.

For installation, it primarily involves a cloud-based service, and I was using that as an operator. For database activity monitoring, I have deployed it, and while it is somewhat complex, there is a support channel where I communicate with vendors to resolve issues. The main challenge during installation is not unique to Imperva Application Security Platform. It is faced by many on-prem and virtual appliance products, particularly ensuring integrity with the virtualization environment and integration with third-party applications.

I am not using CyberArk, as it is only a proposal for identity and access management that I have proposed for my clients.

Apart from One Identity, I am working with SentinelOne for AI, and I was looking for that. For Purple AI, I was communicating with the vendors and the distributor, and I have considered proposing it for my clients. Currently, I am using the load balancer Radware as an application load balancer. For the on-prem WAF, I am using Fortinet, regarding the WAF and the load balancer, Radware and Fortinet.

I am not working with some email security products, some EDR, or endpoint protection as an implementation. I was just looking into it and have proposed it for my clients, and I am waiting for the financial evaluation for FortiMail. For Fortinet, I am involved more with FortiMail, WAF, ADC, FortiGate firewall, NAC, WAF, and FortiClient EMS.

Regarding Check Point and WatchGuard, I have worked with Check Point for the firewall, specifically the perimeter firewall. For Check Point, I have already worked with the firewall only, which is a next-generation firewall, using a physical appliance on-prem. Most of my customers, particularly financial institutions, even if they invest their resources in the cloud, need an on-prem solution. It could be a virtual appliance deployed on a server or a physical appliance, but they mostly need on-prem.

Regarding the price, I find Imperva Application Security Platform affordable, with moderate pricing. My overall rating for this solution is eight out of ten.

I prefer not to do a review for EDR since it is a new product that I am using. Instead, I would like to review other products I have worked with before, such as Imperva products, Imperva Web Application Firewall, or Imperva DAM.

I worked as a consultant for the customer and was part of a design and deployment team for Imperva API Security.

Could you please describe the deployment process, initial setup process, and what challenges were faced?

I would need to check with my manager and run this by the legal team in the US before I would be able to share this information.

Please repeat the question.

That would be fine.

The technical support team would be rated 5 out of 10, where 10 represents the best support and 1 represents very poor support.

I would prefer to receive the form via email so I can fill it out manually myself. Additionally, I want this review to be anonymous, with neither my name nor my company's name appearing anywhere.

We can schedule a call in two hours to discuss this further.

Please describe the deployment process, initial setup process, and what challenges were faced.

I would need to check with my manager and run this by the legal team in the US before sharing more information. We can schedule a call in two hours to discuss this further.

The solution functions just like a firewall, but it operates in the cloud. It is designed to protect web applications and environments hosted on the cloud.

It helps protect applications from DDoS attacks and other types of attacks. I handle a wide range of business requirements with it.

The solution can be configured in just a couple of minutes. It ensures 99.7% availability for my applications. It provides an additional layer of security for web applications and other applications, including mobile applications. It protects my environment and helps maintain my reputation in the market.

It is not a personal firewall, however, I can log my traffic to the Web Application Firewall if my hardware is available on-premise. I am satisfied with all the features available. There is nothing specific where the application firewall is falling short.

I have been working with Imperva solutions personally since last month.

I would rate the solution ten out of ten in terms of stability.

The solution is highly scalable. I can configure this firewall to expand based on my needs and revert to my basic configuration when traffic is over.

Technical support is divided into two categories: partner side and OEM side. It is easy to contact them, and my queries are resolved efficiently.

The initial setup is very easy. I just need to route the traffic, similar to configuring an IP on the application firewall. It typically takes no more than a day and is easy, rated at nine out of ten.

The pricing is competitive in the market. The solution helps improve my security posture and operational costs.

There are other solutions available in the market, however, Imperva Web Application Firewall is a good solution.

I would recommend Imperva Web Application Firewall to others.

Overall, I would rate it eight out of ten as it is a good solution. However, there are other solutions in the market.

We are a premier partner with Imperva. We usually recommend Imperva Web Application Firewall (WAF) more because our customers sometimes get a better deal, and many already have Imperva solutions on-premises. We help them move to the cloud and other related tasks.

Customers enjoy the rules implemented in Imperva WAF, which are updated automatically any time a new breach is discovered. This eliminates the need for backend changes or manual updates, making the system straightforward.

The valuable features of Imperva WAF include its effective security breach prevention through automatically updating rules. The support team answers cases quickly as well.

The product's customization capabilities are a bit problematic, requiring support cases for backend modifications.

Additionally, the handling of high-traffic volumes could be better, as it doesn't cut you off if you exceed your purchased traffic. Our clients like the guarantee that they won't be charged for exceeding traffic during peak periods. Users also need to be more attentive to false alerts, as the marketing might give a false sense of trust.

I have been dealing with Imperva for three years, while my company has been involved for more years.

Imperva WAF does not appear to handle high traffic volumes optimally during peaks as it only notifies clients if they exceed their purchased amount of traffic. However, it does not immediately cause any issue unless the excess persists over time.

Their technical support is rated nine out of ten. Support cases are answered quickly.

The setup is straightforward. Clients often manage it themselves, and no action is required on their end for implementation.

On occasion, we help our clients get on the cloud as part of our partnership with Imperva.

The pricing tends to be expensive. As premier partners, we get good deals, however, without such deals, it is usually quite costly. The cost also varies based on the plan that clients choose.

Imperva Web Application Firewall is recommended for companies needing a robust cloud-based solution. For on-premises versions, it might be considered outdated.

I'd rate the solution nine out of ten.

We use Imperva for our web applications that we have hosted to protect them.

With our deployment setup, the benefit is regarding the security and how threats have been blocked. It's not studied in terms of resources or speed. The threat prevention is the aspect we are monitoring.

Empower administration is user-friendly, and we do not need much for managing day-to-day operations. It is easy to use and has good security. Also, it is very customizable, especially for controlling web browsers and devices.

I would prefer AI integrations for user administration, visualization, log analytics, and risk analysis. If they can bring in generative AI features, that would be useful.

I am working with Imperva at the moment and have been using it for maybe six to seven years.

It's very stable. We haven't had any issues.

Scalability is not a problem since we have enough resources as it's an on-premises version.

We have escalated to tech support and it's quite good. I would rate them a seven point five out of ten.

We didn't use any WAF product before Imperva.

The initial deployment was seamless, and there weren't many complexities.

The deployment was done by a separate company within the company.

I do not have much understanding about F5 yet as I am currently evaluating their solution.

I suggest looking for a cloud-based solution rather than on-premises, which might improve availability, stability, and security.

I'd rate the solution nine out of ten.

We use Imperva DDoS protection to safeguard our network from multiple attacks. It is especially useful to protect websites or applications by redirecting traffic to eliminate threats.

Imperva DDoS increases our uptime to 99.99% by filtering and managing traffic to ensure only genuine traffic reaches our site. It optimizes and guides data centers to enhance network security.

The bot management features are very effective, as they help filter unwanted traffic using keywords. Imperva's ability to filter out non-genuine traffic provides a significant improvement to security and performance.

Pricing can be improved, as it is quite expensive. Additionally, support response times for emails can sometimes be delayed, which is an area that could use improvement.

We have used Imperva DDoS for a couple of months.

On a scale of one to ten, I rate the stability at eight. It is quite stable, but there might be some room for it to be even better.

Technical support is rated at seven out of ten due to sometimes delayed response times.

The initial setup is easy and quick to deploy.

We typically handle the deployment ourselves, as we are partners and not the end customers.

The pricing is rated a ten on a scale where ten is very expensive. The solution is only cloud-based and does not provide on-premises services.

Imperva offers multiple services with a very high uptime guarantee of 99.99%. It is a valuable solution for network security.

I'd rate the solution eight out of ten.

We are primarily a customer for Firewall. We're also moving into the managed security space, but we are primarily a customer here.

So, it is primarily used for web application firewalls. Protecting web applications against application-layer attacks. There is advanced bot protection and DDoS Protection.

It's very simple to implement. It works right out of the box once you integrate the application. It does the learning for you and starts applying relevant signatures.

It's effective in protecting against different kinds of attacks. For example, it can mitigate DDoS attacks and block application layer attacks like SQL injection, HTTP, and cross-site scripting attacks. The latency is pretty low.

Support is one thing I wish Imperva could improve. They follow the phone model and keep rotating you from one customer service person to another. The layer one support isn't very clear about the workings of the product.

My feedback is primarily about Imperva Cloud, not on-premise. On-premise is a whole new story.

Support is the issue for Imperva Cloud. It's also a bit pricey. It's a premium service and very expensive. The licensing model is not very straightforward. Every feature is priced separately, and to enjoy maximum protection, you'll have to spend a lot of money. The licensing model is a bit complex, and each feature is very pricey. For example, API security and web application protection are two separate license packages.

For WAF, I have been using it for about four years now.

The solution is generally stable, but there are sometimes where a link degradation does not involve a failover to another port where you're able to enjoy the service. So your availability is affected because of link degradation. It will not automatically take you to another port. But otherwise, it's generally stable.

The capacity and everything is managed by Imperva. We don't really get to know much about the back end.

It does a good job because we have very busy applications that seem to work well without any issues. The only issue that we experienced recently is that if there's an issue on the uplinks, the traffic does not automatically fail over to another region or another POP. You're still directed to a POP where there's degradation in service. So, if you're affected, you'll have to bear the pain until the issue is resolved before you're able to access the services again. So, there's no automatic failover between POPs from one POP to another in the event of a link degradation along the path.

We have tried out Radware as a POC just a couple of months ago. There is also Cloudflare .

I'd prefer Cloudflare because of its presence on the Internet, the number of services it offers, and the level of automation that it gives you.

I'd look up to Cloudflare because it's more stable. Because of its points of presence everywhere in the world, you're in a better place to enjoy better availability than being on Imperva.

And the level of protection from my test, I think it's pretty good. It's next-generation application firewall. So it's something that I look up to.

The deployment was easy. We have quite a number of sites, more than 300. Per site, it can take about ten minutes to integrate, to move your application to the cloud, before you can achieve maximum protection or before you can achieve protection on your site. So, it's a very seamless process.

We had challenges integrating with our on-premise tools, our SIEM tools and SOAR tools. Integration is a bit complex. There's no capability to integrate with our on-premise tools, or if there is, it's very limited.

It's a SaaS service, so everything's maintained by Imperva. It's something that is managed by Imperva.

So, there is a return on investment in terms of achieving protection for our public-facing portals. We have seen quite a number of DDoS attacks being mitigated by Imperva. We have also seen a few web application attacks that have been blocked.

In terms of time savings, we don't have to go to the data center to do upgrades and other mundane things, so we can focus on more important things.

The licensing model is a bit complex and very complicated model.

We operate a hybrid cloud and on-premise as well, and we're looking for a solution that would suit all of our needs. Right now, for API security, we don't have anything. But for others, for WAF, we do have something. We use Imperva as our WAF, for example.

We carry out research, which is the first step when we're looking to source a product. We do market research, obviously, and an assessment. So it starts with reviewing PeerSpot or what people say about different products, and then we call vendors in. They give us a demo. They give us a POC. Then, we draft the required set of requirements, and then we eventually pick a product based on what we need.

AI functionality in Imperva does do quite a bit of learning, but Imperva can do more. There's little interaction. There's basically just the machine learning bit. So it basically baselines the application and then analyzes traffic towards the application. But in terms of capability to interact with large language models, that is still not at the level where the competitors are.

Overall, I would rate it an eight out of ten.

We use the solution to protect applications.

Imperva has a complete picture of how the applications are utilizing it. It is handy. DDoS is good. It has an internally managed database. It is very easy to integrate. We have integrated it with SIEM services.

Apart from predefined templates, it would be helpful if the solution provided an option to customize any new rules or additions based on the requirement.

I have been using Imperva Web Application Firewall for three years.

I rate the solution’s stability an eight out of ten.

The tool is pretty scalable. Around 1,000 users are using this solution.

I rate the solution’s scalability an eight out of ten.

We have used Barracuda. We switched to Imperva because Barracuda was not user-friendly and didn't offer predefined data.

The initial setup is simple.

The product's pricing is flexible.

I rate the product's pricing a seven out of ten, where one is cheap and ten is expensive.

I recommend the solution.

Overall, I rate the solution an eight out of ten.