Overall Satisfaction with Imperva Web Application Firewall (WAF)
The Imperva WAF acts as our go-between (proxy) for our public-facing websites. They intercept known bad actor IPs, and we can also block certain countries that have shown to be problematic and we don't do business in. More dynamic attacks are also detected and blocked, making this largely a "fire and forget" tool. We rarely even need to log into the tool, except to pull our weekly reports.
- Block some dynamic attacks such as SQL injection.
- Block unfriendly accesses based on geographic source.
- Helps us implement SSL in cases where the original server can't (yet).
- The UI can use a little work (but is largely decent)
- Our on-prem firewall has less work to do, allowing it more cycles for other tasks.
- We have better web traffic visibility and control over what actors are doing outside our network.
Ultimately, it was the easiest to work with that was still a "known" company (we've been burned too many times by up-and-comers). We needed something that gave us a lot of control but then didn't need its handheld on a daily basis. Imperva gives us a lot of that and we are still able to navigate it with ease.
There are just a couple of points that are hard to find, that probably could be elsewhere. But these are minor; everything else is right where you'd expect it to be.
We haven't needed support from Imperva since implementation. But during that time, their personnel were very quick to respond to questions. Since then, it's been largely doing its thing for us (which is exactly what we'd hoped).
Do you think Imperva Web Application Firewall (WAF) delivers good value for the price?
Are you happy with Imperva Web Application Firewall (WAF)'s feature set?
Did Imperva Web Application Firewall (WAF) live up to sales and marketing promises?
Did implementation of Imperva Web Application Firewall (WAF) go as expected?
Would you buy Imperva Web Application Firewall (WAF) again?
Imperva web application firewall does a great job in giving us control over access to our public web servers. With our regular hosting provider, we couldn't block access based on geography, or really anything. So we had to rely on traditional access controls to protect the data. But with the WAF, we can block countries such as North Korea, or we could stop any SQL Injection attempts, or even do a temporary block of IP in the case of detected brute-forcing.