We are using Incapsula as our web application firewall and for DDoS protection, and it performs really well at its job. Incapsula packs some great features, such as SSL support, content caching and the ability to 'play' with the rules as much as you'd like.
Improvements to My Organization:
Since this is the very first WAF solution that we evaluated and tried to integrate into our AWS environment, I can't really say that it has improved anything, but the fact is, we never looked the other way.
Room for Improvement:
Incapsula has a built-in monitoring module, but it is a paid feature; I would expect that for the price we pay for the basic service, we would be able to integrate a monitoring solution, even a simple one.
In addition to that, Incapsula doesn't feature the option to add/remove available SSL protocols and/or ciphers.
Use of Solution:
We have been using Incapsula for a little more than six months.
The only problem we encountered with Incapsula regarding deployment is with their Performance solution that allows caching the hosted sites. The dynamic caching sometimes causes issues and we need to manually purge all of the cache from their system after a new version has been deployed, in order for new content to load properly.
Technical support is excellent. In the few times we tried to contact Imperva's support, we received quick and swift replies.
I did not previously use a different solution.
The initial deployment is very straightforward; you follow a very simple setup wizard that guides you which changes you need to perform and where.
We received the recommendation regarding Incapsula from Emind, a third-party vendor that helped us deploy our environment over at Amazon. The rest was performed by our in-house IT/Devops teams.
I highly recommend Incapsula for anyone that is looking to integrate a WAF and DDoS protection into their environment.
Disclosure: I am a real user, and this review is based on my own experience and opinions.