I prefer not to do a review for EDR since it is a new product that I am using. Instead, I would like to review other products I have worked with before, such as Imperva products, Imperva Web Application Firewall, or Imperva DAM.

I worked as a consultant for the customer and was part of a design and deployment team for Imperva API Security.

Could you please describe the deployment process, initial setup process, and what challenges were faced?

I would need to check with my manager and run this by the legal team in the US before I would be able to share this information.

Please repeat the question.

That would be fine.

The technical support team would be rated 5 out of 10, where 10 represents the best support and 1 represents very poor support.

Positive

I would prefer to receive the form via email so I can fill it out manually myself. Additionally, I want this review to be anonymous, with neither my name nor my company's name appearing anywhere.

We can schedule a call in two hours to discuss this further.

Please describe the deployment process, initial setup process, and what challenges were faced.

I would need to check with my manager and run this by the legal team in the US before sharing more information. We can schedule a call in two hours to discuss this further.

Usually, I work with web DDoS Protection on the website.

DDoS protection of web requests on the website is the most common use case.

Companies that are working through the site, selling through the site, and so forth.

The most valuable feature of Imperva DDoS is to make our website available for our customers' requests 24 hours a day. This feature may be the most interesting for the financial sector, for banks.

Over the seven years, the most valuable features of Imperva DDoS that I have found are related to DDoS attacks, which are a group of attacks, and not all of them can be resolved on the endpoint level before the website. Using the web firewall before the website is a common use case to protect against malicious requests to the website.

I have utilized Imperva's Intelligent Traffic Filtering feature. This feature helps me understand how the attack is progressing and what is happening inside the requests to our website. It allows me to granularly grant or deny access to certain parts of our website. This helps when we know our customers and the types of requests that can be sent from them, enabling us to block some malicious requests.

Imperva DDoS has User Behavior Analytics and Threat Intelligence on its board, and this helps us to be protected proactively. Imperva DDoS connects to its database of threats, storing whole information about attacks all over the world in one simple engine. Everyone can use this feature, which can connect to this engine and get information about what is going on at the world level. That is the way to be protected at the company's level.

The integration capabilities of Imperva DDoS are very easy and simple. We can run it in 2 hours.

I would like to see improvements in the pooling of threats and attacks, possibly to enlarge the scale of indicators of compromise. For example, the initiation of an attack on the endpoint level could be combined into a big denial of service. Maybe Imperva DDoS could use endpoints to get information about the attacks before they commence from the endpoint level or establish cooperation with endpoint vendors to share this information.

I have been working with Imperva DDoS for about 7 years.

The stability of Imperva DDoS is very good, as it seems they have a lot of servers around the world.

The scalability of Imperva DDoS is very easy to manage. 99% of customers are using the cloud version of Imperva DDoS protection, so they just purchase the new license and scale as needed.

A popular use case for scalability challenges is when customers want to move from on-premise infrastructure to the cloud, having a transmission period where they use both a copy of infrastructure in the cloud and the current infrastructure in the on-premise offices. This means they need to use double capabilities to protect both connections to the cloud and to the on-premise part of the whole infrastructure. During this period, customers can buy a subscription with double the scale of the needed throughput of protection.

I have interacted with the technical support of Imperva DDoS, and it is very easy. They are very professional, and communication goes through the technical support site. It's quite easy to register a support case and track the solution of your support ticket.

I would rate the technical support of Imperva DDoS as ten.

Before Imperva DDoS, I used a different solution that was Unix-based and not commercial versions of products.

I switched from the previous solution to Imperva DDoS because we started to integrate the products, and we saw that the capabilities were much greater than what we used to have. We also had a technical engineer on board who can manage these solutions easily and has a deep understanding of what is happening with our websites during attacks.

The initial setup and deployment of Imperva DDoS was quite easy. Customers just needed to provide the public IP address or the public name of their site, and we gave this information to Imperva DDoS to protect those sites. After the system is working, our technical engineer usually connects to configure some threat protection, role-based access control capabilities, reporting, and other minor configurations.

I work as an integrator.

I have calculated return on investment with Imperva DDoS, particularly in the financial sector with bank accounts, where the calculation is straightforward. Banks usually calculate their loss when they are not working. They know how much money they are losing while the system is down, so by increasing the possibility of not having a down website or web application, return on investment can be calculated easily.

The pricing, setup costs, and licensing of Imperva DDoS are reasonable for the amount of technical capabilities provided.

I would rate the pricing of Imperva DDoS as five, where one is very cheap and ten is very expensive.

I evaluated other options and vendors before choosing Imperva DDoS. We considered Akamai, but it was too expensive for us.

I don't remember the last version of Imperva DDoS I am currently working with.

When customers change their DDoS protection to Imperva DDoS or integrate Imperva DDoS as a new single DDoS protection product, they achieve full satisfaction with international standards like PCI DSS and GDPR. This is a seamless integration with international standards.

I don't see any improvements needed for Imperva DDoS, because it is a very niche product with niche capabilities. It's not a technical thing, because it is continuously approved. Some features appear, but it's more about small improvements. The attacks Imperva DDoS is constructed to protect against are very well-known, and the solution is effective in protecting against them. The system can protect against even zero-day attacks.

We get Imperva DDoS free as part of an MSSP approach, but for our customers, the average deal size for one year could be around 10,000 dollars.

On a scale from one to ten, I rate Imperva DDoS a nine.

The solution functions just like a firewall, but it operates in the cloud. It is designed to protect web applications and environments hosted on the cloud. 

It helps protect applications from DDoS attacks and other types of attacks. I handle a wide range of business requirements with it.

The solution can be configured in just a couple of minutes. It ensures 99.7% availability for my applications. It provides an additional layer of security for web applications and other applications, including mobile applications. It protects my environment and helps maintain my reputation in the market.

It is not a personal firewall, however, I can log my traffic to the Web Application Firewall if my hardware is available on-premise. I am satisfied with all the features available. There is nothing specific where the application firewall is falling short.

I have been working with Imperva solutions personally since last month.

I would rate the solution ten out of ten in terms of stability.

The solution is highly scalable. I can configure this firewall to expand based on my needs and revert to my basic configuration when traffic is over.

Technical support is divided into two categories: partner side and OEM side. It is easy to contact them, and my queries are resolved efficiently.

Positive

The initial setup is very easy. I just need to route the traffic, similar to configuring an IP on the application firewall. It typically takes no more than a day and is easy, rated at nine out of ten.

The pricing is competitive in the market. The solution helps improve my security posture and operational costs.

There are other solutions available in the market, however, Imperva Web Application Firewall is a good solution.

I would recommend Imperva Web Application Firewall to others. 

Overall, I would rate it eight out of ten as it is a good solution. However, there are other solutions in the market.

We are a premier partner with Imperva. We usually recommend Imperva Web Application Firewall (WAF) more because our customers sometimes get a better deal, and many already have Imperva solutions on-premises. We help them move to the cloud and other related tasks.

Customers enjoy the rules implemented in Imperva WAF, which are updated automatically any time a new breach is discovered. This eliminates the need for backend changes or manual updates, making the system straightforward.

The valuable features of Imperva WAF include its effective security breach prevention through automatically updating rules. The support team answers cases quickly as well.

The product's customization capabilities are a bit problematic, requiring support cases for backend modifications. 

Additionally, the handling of high-traffic volumes could be better, as it doesn't cut you off if you exceed your purchased traffic. Our clients like the guarantee that they won't be charged for exceeding traffic during peak periods. Users also need to be more attentive to false alerts, as the marketing might give a false sense of trust.

I have been dealing with Imperva for three years, while my company has been involved for more years.

Imperva WAF does not appear to handle high traffic volumes optimally during peaks as it only notifies clients if they exceed their purchased amount of traffic. However, it does not immediately cause any issue unless the excess persists over time.

Their technical support is rated nine out of ten. Support cases are answered quickly.

Positive

The setup is straightforward. Clients often manage it themselves, and no action is required on their end for implementation.

On occasion, we help our clients get on the cloud as part of our partnership with Imperva.

The pricing tends to be expensive. As premier partners, we get good deals, however, without such deals, it is usually quite costly. The cost also varies based on the plan that clients choose.

Imperva Web Application Firewall is recommended for companies needing a robust cloud-based solution. For on-premises versions, it might be considered outdated.

I'd rate the solution nine out of ten.

I use the service for protection due to the fact that it has profile functionality.

Protection is the best solution since it has profile functionality.

Interesting alternatives are Akamai and some cloud solutions do exist.

We use Imperva for our web applications that we have hosted to protect them.

With our deployment setup, the benefit is regarding the security and how threats have been blocked. It's not studied in terms of resources or speed. The threat prevention is the aspect we are monitoring.

Empower administration is user-friendly, and we do not need much for managing day-to-day operations. It is easy to use and has good security. Also, it is very customizable, especially for controlling web browsers and devices.

I would prefer AI integrations for user administration, visualization, log analytics, and risk analysis. If they can bring in generative AI features, that would be useful.

I am working with Imperva at the moment and have been using it for maybe six to seven years.

It's very stable. We haven't had any issues.

Scalability is not a problem since we have enough resources as it's an on-premises version.

We have escalated to tech support and it's quite good. I would rate them a seven point five out of ten.

We didn't use any WAF product before Imperva.

The initial deployment was seamless, and there weren't many complexities.

The deployment was done by a separate company within the company.

I do not have much understanding about F5 yet as I am currently evaluating their solution.

I suggest looking for a cloud-based solution rather than on-premises, which might improve availability, stability, and security.

I'd rate the solution nine out of ten.

We use Imperva DDoS protection to safeguard our network from multiple attacks. It is especially useful to protect websites or applications by redirecting traffic to eliminate threats.

Imperva DDoS increases our uptime to 99.99% by filtering and managing traffic to ensure only genuine traffic reaches our site. It optimizes and guides data centers to enhance network security.

The bot management features are very effective, as they help filter unwanted traffic using keywords. Imperva's ability to filter out non-genuine traffic provides a significant improvement to security and performance.

Pricing can be improved, as it is quite expensive. Additionally, support response times for emails can sometimes be delayed, which is an area that could use improvement.

We have used Imperva DDoS for a couple of months.

On a scale of one to ten, I rate the stability at eight. It is quite stable, but there might be some room for it to be even better.

Technical support is rated at seven out of ten due to sometimes delayed response times.

Neutral

The initial setup is easy and quick to deploy.

We typically handle the deployment ourselves, as we are partners and not the end customers.

The pricing is rated a ten on a scale where ten is very expensive. The solution is only cloud-based and does not provide on-premises services.

Imperva offers multiple services with a very high uptime guarantee of 99.99%. It is a valuable solution for network security.

I'd rate the solution eight out of ten.

We are primarily a customer for Firewall. We're also moving into the managed security space, but we are primarily a customer here. 

So, it is primarily used for web application firewalls. Protecting web applications against application-layer attacks. There is advanced bot protection and DDoS Protection. 

It's very simple to implement. It works right out of the box once you integrate the application. It does the learning for you and starts applying relevant signatures. 

It's effective in protecting against different kinds of attacks. For example, it can mitigate DDoS attacks and block application layer attacks like SQL injection, HTTP, and cross-site scripting attacks. The latency is pretty low.

Support is one thing I wish Imperva could improve. They follow the phone model and keep rotating you from one customer service person to another. The layer one support isn't very clear about the workings of the product.

My feedback is primarily about Imperva Cloud, not on-premise. On-premise is a whole new story.

Support is the issue for Imperva Cloud. It's also a bit pricey. It's a premium service and very expensive. The licensing model is not very straightforward. Every feature is priced separately, and to enjoy maximum protection, you'll have to spend a lot of money. The licensing model is a bit complex, and each feature is very pricey. For example, API security and web application protection are two separate license packages.

For WAF, I have been using it for about four years now. 

The solution is generally stable, but there are sometimes where a link degradation does not involve a failover to another port where you're able to enjoy the service. So your availability is affected because of link degradation. It will not automatically take you to another port. But otherwise, it's generally stable.

The capacity and everything is managed by Imperva. We don't really get to know much about the back end.

It does a good job because we have very busy applications that seem to work well without any issues. The only issue that we experienced recently is that if there's an issue on the uplinks, the traffic does not automatically fail over to another region or another POP. You're still directed to a POP where there's degradation in service. So, if you're affected, you'll have to bear the pain until the issue is resolved before you're able to access the services again. So, there's no automatic failover between POPs from one POP to another in the event of a link degradation along the path.

Neutral

We have tried out Radware as a POC just a couple of months ago. There is also Cloudflare .

I'd prefer Cloudflare because of its presence on the Internet, the number of services it offers, and the level of automation that it gives you. 

I'd look up to Cloudflare because it's more stable. Because of its points of presence everywhere in the world, you're in a better place to enjoy better availability than being on Imperva. 

And the level of protection from my test, I think it's pretty good. It's next-generation application firewall. So it's something that I look up to.

The deployment was easy. We have quite a number of sites, more than 300. Per site, it can take about ten minutes to integrate, to move your application to the cloud, before you can achieve maximum protection or before you can achieve protection on your site. So, it's a very seamless process.

We had challenges integrating with our on-premise tools, our SIEM tools and SOAR tools. Integration is a bit complex. There's no capability to integrate with our on-premise tools, or if there is, it's very limited.

It's a SaaS service, so everything's maintained by Imperva. It's something that is managed by Imperva. 

So, there is a return on investment in terms of achieving protection for our public-facing portals. We have seen quite a number of DDoS attacks being mitigated by Imperva. We have also seen a few web application attacks that have been blocked.

In terms of time savings, we don't have to go to the data center to do upgrades and other mundane things, so we can focus on more important things. 

The licensing model is a bit complex and very complicated model. 

We operate a hybrid cloud and on-premise as well, and we're looking for a solution that would suit all of our needs. Right now, for API security, we don't have anything. But for others, for WAF, we do have something. We use Imperva as our WAF, for example.

We carry out research, which is the first step when we're looking to source a product. We do market research, obviously, and an assessment. So it starts with reviewing PeerSpot or what people say about different products, and then we call vendors in. They give us a demo. They give us a POC. Then, we draft the required set of requirements, and then we eventually pick a product based on what we need.

AI functionality in Imperva does do quite a bit of learning, but Imperva can do more. There's little interaction. There's basically just the machine learning bit. So it basically baselines the application and then analyzes traffic towards the application. But in terms of capability to interact with large language models, that is still not at the level where the competitors are.

Overall, I would rate it an eight out of ten. 

We have details on the protection available in two key ways. We primarily see the use of WAF, specifically the CloudWAF, which is always active for application security. This ensures that everyone attempting to update the customer environment must go through the CloudWAF.

We often see customers opting for the on-demand option for DDoS protection as it’s more cost-effective. When a DDoS attack is detected, traffic is redirected through Imperva’s servers to be cleaned before being sent to the client. This on-demand option is particularly popular in my region. However, customers with the budget can choose Orizon, where traffic is continuously routed through Imperva’s scrubbing centers, which are among the largest in the world. 

For Linux protection, the most important feature is layer seven DDoS protection, which focuses on application-level threats. Imperva does offer layer three DDoS protection, but that's less common in my region. 

It is expanding its number of data centers for scrubbing traffic. Currently, there is only one POP for cleaning in South Africa. They might add another POP in North Africa, possibly in Nigeria or Egypt. Latency concerns customers, especially in regions like East and West Africa, where traffic has to travel to South Africa before returning. Increasing the number of POPs across the continent would help address these latency issues and improve overall service.

While the platform is already quite strong, there’s always room for improvement, especially in keeping up with emerging trends and new types of attacks. Enhancing security capabilities could be beneficial. Integrating more advanced AI features could significantly improve its effectiveness and help customers leverage these tools more effectively. It would be great to see more focus on AI integration to handle and analyze data more efficiently.

I rate the solution's stability a nine-point five out of ten.

Scalability is quite good. Imperva has an extensive global network with over fifty data centers, which supports their cloud platform's load balancing. As you increase the number of web servers, you can adjust your license to accommodate more throughput. Licensing is based on throughput, so as your needs grow, you can quickly expand your coverage accordingly.

Support is solid because it's a managed service. Everything runs smoothly, and I haven't encountered any issues with it.

It’s also available as a managed service, meaning local IT teams need less involvement. Through the managed services, most management is handled on the server side. This approach is effective and reduces the total cost of ownership by requiring fewer resources to handle attacks and related events.

Generally, it provides better security and offers more relief for security teams managing their applications. It simplifies things for architects, as layer seven protection is more reliable than traditional next-generation solutions, which may not cover this level of detail. With Imperva’s managed service, there's no need to worry about the payload size or complex settings, as the service handles these aspects effectively. 

The cloud platform excels in interface design, reporting, and support. It offers both executive and technical reports that are highly usable.

Overall, I rate the solution as ten out of ten.