We performed a comparison between Barracuda Web Application Firewall and Imperva Web Application Firewall based on real PeerSpot user reviews.
Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Parameter Protection is a valuable feature."
"We run it with no downtime, because it has good support."
"The solution is user-friendly and easy to set up."
"One of the strongest points is its robust issue discovery capabilities. Barracuda invests significant efforts in identifying and resolving issues. They have multiple products that work in tandem to perform these checks, which is beneficial because it automates security updates. This is the primary reason I recommend it to my customers."
"Barracuda Web Application Firewall provides optimized performance, a user-friendly environment, helpful dashboards, and is simple to use."
"The most valuable feature is the rule set."
"Even when we were upgrading to a new OS, we didn't have any difficulties with the product. The stability is good."
"It allows us to scale out to multiple phase servers."
"The features I have found most valuable with Imperva Web Application Firewall are account takeover protection, advanced bot protection, and API security."
"It mitigates all of the availabilities of risks around web applications."
"The solution can scale."
"I am impressed with the product's scalability, availability, easy management, and security. We were able to integrate the product with Azure and Sentinel."
"Its inline transferring mode is the most valuable because it is 100% transparent. When you change the IP, there is no change on the network side. If you can't and want to try to reach an IP, you can reach the server IP. There are many other advanced security features in it. The smallest appliances of Imperva can handle the highest traffic at a customer site. For example, a smaller appliance from Imperva can provide you the same security as an F5 product."
"The most valuable feature of Imperva, in addition to its strong knowledge base, is its effective protection for web applications."
"The solution is scalable."
"Imperva WAF's strongest features are the detection of web application threats and vulnerabilities in the source code."
"An area for improvement in Barracuda Web Application Firewall is attack identification. Other banks identified attacks and tracked logs that the solution wasn't able to identify because of its ready-made rules pre-deployed by the vendor. My organization raised this issue with the technical support team. Another area to improve in Barracuda Web Application Firewall is its service desk. The team resorted to stonewalling because they couldn't accept that a feature was missing in the solution, and it was only after a lot of drilling down that the service desk team accepted that, and would be adding that feature in the future. My organization had to submit a report to the Reserve Bank of India with information on the logs identified and the attacks that happened, and that there was a failure on the part of the Barracuda Web Application Firewall. The Reserve Bank of India conducts a tri-monthly cyber risk audit in all Indian banks. Even smaller banks identified and caught attacks that my organization wasn't able to do, so I was looking into other solutions that competitor banks could be using because Barracuda Web Application Firewall failed to identify some of the attacks."
"I would like to see an improved capacity to store logs so that they will be available for a longer time."
"As most people are aware, the implementation is not easy."
"I think the main area for improvement in this product is learning it, as can be seen when comparing it to the F5 web application firewall. F5 has a very powerful learning phase when you start using your web application firewall against your site. Barracuda has something like this, but not with the same functionality from my point of view."
"Its interface can be better. It is not very friendly."
"We get false positives about phishing emails."
"There are issues when upgrading firewalls and we experience different issues across customers."
"The reporting aspect of the solution needs improvement. I don't find that it's very good. They could do some work on it to make it much better. It's not that the reporting isn't secure. It's just that I would prefer to store my reports for an extended period of time. Right now, that's not possible and I'd prefer it if that could change. I also would say that the reports themselves are expensive."
"Their portal is very limited and needs improvement."
"The Imperva Web Application Firewall automations are good, but there is still room for improvement with them."
"There's always room for improvement. Occasionally, there might be false-positive alerts."
"It would be useful if the solution used more intelligence in attack protection. For example, firewalls are to be dependent on the configuration, but if they could have some data science around it the solution would be even better. The profiling of the traffic, and making decisions surrounding that should be intelligence-based, instead of being based on the configuration of the firewall itself."
"The tool's UI is complicated. It would be best to have a more accessible UI dashboard to make the job easier."
"They recently separated the WAF and the DAM management gateways in order for each of these to be managed from different areas, so I believe it now requires additional investments for what was previously a single complete solution."
"The user interface could be better."
"It would be nice to have more security control over mobile applications so I would suggest adding more mobile security features. It would also be beneficial to see improvements in regards to interface bandwidth performance, CPU time, and RAM size. Learning capability of the device is quite weak."
More Barracuda Web Application Firewall Pricing and Cost Advice →
More Imperva Web Application Firewall Pricing and Cost Advice →
Barracuda Web Application Firewall is ranked 15th in Web Application Firewall (WAF) with 38 reviews while Imperva Web Application Firewall is ranked 6th in Web Application Firewall (WAF) with 47 reviews. Barracuda Web Application Firewall is rated 8.2, while Imperva Web Application Firewall is rated 8.6. The top reviewer of Barracuda Web Application Firewall writes "Provides strong issue discovery capabilities; enhance the security parameters of web applications and suitable for medium to large enterprises". On the other hand, the top reviewer of Imperva Web Application Firewall writes "Offers simulation for studying infrastructure and hybrid infrastructure protection". Barracuda Web Application Firewall is most compared with Fortinet FortiWeb, F5 Advanced WAF, Microsoft Azure Application Gateway, HAProxy and Citrix NetScaler, whereas Imperva Web Application Firewall is most compared with AWS WAF, F5 Advanced WAF, Microsoft Azure Application Gateway, Fortinet FortiWeb and Azure Web Application Firewall. See our Barracuda Web Application Firewall vs. Imperva Web Application Firewall report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Really depends on your requirement, budget and IT resources you have. If you are after an advanced WAF, imperva is the clear winner in my opinion. Comprehensive feature set, quite matured. But you will need proper training and experience to manage and get the best out of it. Mind you they are the only leader in Gartner MQ. But the price tag can be high. If you are looking for another good contender, look at Radware AppWall. Their product is good and the fully managed service offering is ideal for someone who has no expertise in WAF, in day today managing and making sure the rule set is optimized.
BTW Like any security solution, WAF is also as good as how well it is tuned. Specially if you plan to put it inline, make sure you not only consider the product, but a good service partner too.
They're both great products that provides WAF services at the top of their class and hence not better but more suitable in different scenarios. It all comes down to the environment you wish to deploy those into, the scale of the web services which you will be protecting, the ratio of dynamic pages to static ones, the volume of traffic, the location of your customers/end-users and finally the cost (e.g. you may need to load balance over a few Barracudas to accomplish the same throughput provided by Imperva)
Barracuda is deployed in a pinch, but is very clearly a "conformity" WAF. Imperva's is a fulll fledge WAF, very complete, with a lot of granularity and reporting. Imperva's solution requieres a long, costly deployment. Both companies target very different market segments.
Today i would say Barracuda is the better WAF based on that Imperva Dev slowed down over the last two years and the customers give bad feedback on the support, but there is a newer generation of WAF´s in the market that is better than Imperva and Barracuda, both in performance and price, PT application firewall, the only visionary in the GMQ