Imperva Review
What do you like best about the product?
Good Threat protection.
various CDN's can be integrated
What do you dislike about the product?
I am not aware of any major issues with Imperva
What problems is the product solving and how is that benefiting you?
Securing our web application from threats
This tool has strong capabilities
What do you like best about the product?
As a user of Imperva WAF, I am satisfied with the timely and level of response from the imperva team given that everytime I log a ticket, I am given clear and concise instruction of what to do and also the imperva team is able to analyze and provide the needed solution to resolve the issue.
What do you dislike about the product?
The support during escalation issues. But I like it.
What problems is the product solving and how is that benefiting you?
Provide Security at the application level
One of the best WAFs in the market
What do you like best about the product?
Easy to configure,Customer support, use and manage, and report is excellent.
What do you dislike about the product?
Pricing model was bit expensive but still better than other competitors.
What problems is the product solving and how is that benefiting you?
PCI compliance and minimising the risk while taking time to remediate vulnerabilities
Hosts a complete range of features and gives a comprehensive overview of network traffic
What is our primary use case?
At my previous workplace in the banking sector, we used Imperva WAF for the monitoring of our internet banking traffic, and we also used Imperva's DAM for the database activity monitoring.
Our deployment of Imperva WAF was situated on-premises and it was in use throughout the whole organization, which included around 3,500 clients.
How has it helped my organization?
Imperva Web Application Firewall has improved security of my organization through enhanced visiblity as well protecting malicious IPs, applications and unknown users as well.
What is most valuable?
The WAF itself has been very valuable to me because it has such a complete range of features. Another reason why I like it is because it also takes care of the total overview of the traffic over the network.
What needs improvement?
Imperva's product is very good, but when it comes to procuring the software in my country it can be somewhat expensive. I don't recall the exact amount, but in comparison with other countries it is a huge investment.
They recently separated the WAF and the DAM management gateways in order for each of these to be managed from different areas, so I believe it now requires additional investments for what was previously a single complete solution.
Although the vendor support from Imperva is not bad, getting a response from them can be a lengthy process at times.
For how long have I used the solution?
I have used Imperva WAF for about three years.
What do I think about the stability of the solution?
The stability is mature enough, in my experience. In fact, I would give it a 5/5 for stability.
What do I think about the scalability of the solution?
Scalability-wise, there is one issue we encountered that I want to mention. At some point, Imperva, moved their account takeover prevention features from the on-premises edition to the cloud-based edition, and we discovered that this step would take yet another integration, seeing that we were using Imperva on-premises. These account takeover prevention features, however, were already part of our subscription, but since the features moved to the cloud, we missed out on them. So, in this sense, I would say the scalability strategy isn't as solid as it should be, and for this reason I would rate the scalability a 3.5/5.
On the other hand, when it comes to how many users we were able to scale up to, we actually had the whole organization using it, including around 3,500 clients in total.
How are customer service and support?
The support from the vendor side could be improved because their response times weren't great and the process of obtaining the proper support was a long process sometimes. That said, the support itself was not bad.
How would you rate customer service and support?
How was the initial setup?
The setup was actually quite an advanced process. It was a good experience, but all in all it took about one year to get everything fully set up, when you take all the fine-tuning activities and such into account.
What about the implementation team?
We deployed the Imperva WAF with the help of organizations in South Africa who acted as consultants and implementation partners for Imperva. Our experience with them was good, and the full implementation required two professionals from the consultant's side and about five people from our own organization. The vendor itself was not part of the implementation process.
What's my experience with pricing, setup cost, and licensing?
The pricing is somewhat expensive. It is actually a huge investment when compared to other countries.
Not only that, but Imperva went on to separate the WAF and DAM management gateways, making it so that each would have to be managed and licensed separately, incurring the cost of additional investments.
On a related note, there was another licensing issue we encountered where we had a subscription for account takeover prevention features, but these features had been moved by Imperva from the on-premises instance to the cloud. Since we had not moved to the cloud at that point, we did not have access to these features anymore.
What other advice do I have?
I can highly recommend Imperva WAF for financial institutions. It's a good solution and I think it's important for financial institutions, particularly those who conduct online banking, to make use of a solid WAF such as this.
I would rate Imperva WAF a nine out of ten.
Which deployment model are you using for this solution?
On-premises
This product is good enough for web application protection, also it is very user friendly.
What do you like best about the product?
modification will be done by single click
What do you dislike about the product?
Till a date it has no dislike points for imperva waf.
What problems is the product solving and how is that benefiting you?
Vulnerability closure, web application integration for web protection.
Great application security firewall.!
What do you like best about the product?
Its simple to make policy in imperva waf to mitigate any vulnerability plus its threatradar policy gets updated automatically so do not need to put every vulnerability policy manually.
What do you dislike about the product?
It lags if mulitple application is integrated in it as per its capacity and some gui improvements can also be done.
What problems is the product solving and how is that benefiting you?
Its simple to make policy to mitigate any vulnerability.
Best WAF Solution
What do you like best about the product?
The best thing I like about Imperva WAF is that as an Administrator, it makes our life easy. If you have thousands of web applications so you don't need to integrate manually one by one. Instead, we can the scan the subnet and add the required web applications. It's only possible with Imperva.
What do you dislike about the product?
I'm not sure if it's a downside of Imperva, but I think the Solution should be but cost friendly.
What problems is the product solving and how is that benefiting you?
We have inhouse applications which are available publically to open internet. We wanted a Solution which gives us the Control as well as it prevents the attacks on applications. Imperva completely fulfills our requirement.
Recommendations to others considering the product:
As already mentioned scanning and adding the web applications is USP of Imperva WAF and not available with other Vendors. So it's very useful for Administrators.
Easy to use, and quick to set up.
What do you like best about the product?
Imperva makes it easy to setup, provided you know how to change the DNS settings for your site/application.
What do you dislike about the product?
License recovery is annoying. If we deploy a license count to one site, removing that site and reusing the license on another domain is difficult.
What problems is the product solving and how is that benefiting you?
DDOS protection, and blocking attempts from unfriendly IP addresses
Recommendations to others considering the product:
Make sure you have a DNS individual on your implementation team, who understands the types of records, and how to change them.
