We performed a comparison between AWS WAF and Imperva DDoS based on real PeerSpot user reviews.
Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The web solution effectively protects from vulnerabilities and cyber attacks."
"The product's initial setup phase was very simple."
"The most valuable feature of AWS WAF is the extra layer of security that I have when connecting to my web applications."
"The most valuable feature is the capability to limit access based on geographical location by restricting specific IP addresses."
"The ability to take multiple data sets and match those data sets together is the solution's most valuable feature. The data lake that comes with it is very useful because that allows us to match data sets with different configurations that we wouldn't normally be able to match."
"The security firewall plus the features that protect against database injections or scripting,"
"The solution's initial setup process is easy."
"We do not have to maintain the solution."
"Provides Anti-DDoS protection, as well as other protections like SQL injection, Cross-Site Scripting, and antiscanner. These types of protection are valuable to the business due to the daily attacks on our portals, and that often cannot be seen without a tool like this."
"There are quite a few useful Imperva Incapsula features. For example, one of them is the reports. The graphics are very good and it's easy to configure. The whole process is very fast and reliable too. They have good tech support as well."
"We use Imperva DDoS to stop DDoS attacks and reduce the amount of unwanted queries against web services or web scraping."
"The setup of Imperva DDoS was easy."
"It is an effective threat mitigation tool."
"Setup was straightforward, very simple. I only entered the domain and Incapsula returned the DNS data that I needed to change for the protection to be configured."
"Imperva DDoS is fairly stable, and its availability is quite high."
"On the real time, you can see live traffic, which is flowing into our website."
"The solution could improve by having better rules, they are very basic at the moment. There are more attacks coming and we have to use third-party solutions, such as FIA. The features are not sufficient to prevent all the attacks, such as DDoS. Overall the solution should be more secure."
"They have to do more to improve, to innovate more features. They need to increase the security. It has to be more active in detecting threats."
"In a future release I would like to see automation. There's no interaction between the applications and that makes it tedious. We have to do the preparation all over again for each of our other applications."
"The product could be improved by expanding the weightage units of rules."
"The user experience, the interface, is lacking. Sometimes it's hard to find certain areas that it has alerted on."
"They should work to define more threats, add more security, and make it more compliant with more security companies."
"This solution could be improved if the configuration steps were more specific to WAF, compared to other cloud services."
"It would be better if AWS WAF were more flexible. For example, if you take a third-party WAF like Imperva, they maintain the rule set, and these rule sets are constantly updated. They push security insights or new rules into the firewall. However, when it comes to AWS, it has a standard set of rules, and only those sets of rules in the application firewalls trigger alerts, block, and manage traffic. Alternative WAFs have something like bot mitigation or bot control within the WAF, but you don't have such things in AWS WAF. I will say there could have been better bot mitigation plans, there could have been better dealer mitigation plans, and there could be better-updated rule sets for every security issue which arises in web applications. In the next release, I would like to see if AWS WAF could take on DDoS protection within itself rather than being in a stand-alone solution like AWS Shield. I would also like a solution like a bot mitigation."
"I would like to have support for SSL management and secure DNS."
"It would be beneficial to include vulnerability management in the solution, similar to what they have for their on-premise solution."
"Imperva should have more points of presence in Africa."
"A limited tool if you're looking to customize."
"Some maintenance must be performed by our IT team."
"The weakest point of Imperva is their first level of support, which should be improved. They should also improve the access and security logs viewing directly on the portal. I would like to see better access and security logs through the portal and not only through a SIM solution. Currently, if you want to explore your access and security logs from Imperva, you need a SIM tool or a SIM infrastructure on your side to do it. You can't do it manually or directly through the portal, which is a big problem for us. I had a call yesterday with Imperva for the roadmap, and I just told them this. They agreed that this is an improvement point from their side."
"We would like them to hire people in Sweden because it's quite hard when people are sitting in the UK or Belgium because some of the customers really want them to be local."
"It needs to be improved every time there are new attacks."
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Imperva DDoS is ranked 18th in Web Application Firewall (WAF) with 74 reviews. AWS WAF is rated 8.0, while Imperva DDoS is rated 8.8. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Imperva DDoS writes "I like the content monitoring feature which I haven't seen in other WAF solutions". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, F5 Advanced WAF, Imperva Web Application Firewall and F5 Silverline Managed Services, whereas Imperva DDoS is most compared with Cloudflare, Akamai, Arbor DDoS, Radware DefensePro and Fastly. See our AWS WAF vs. Imperva DDoS report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.