Imperva SecureSphere Web Application Firewall Review

The GUI could be improved a little, but the profiling section is the most valuable and fresh aspect about SecureSphere.


Valuable Features

I really like the profiling section. I mean that signature based policies are ok and they are maybe the most widespread and common kind of security policy in security appliances, but, the profiling policies are custom tailored on a specific web application. I guess it’s the most valuable, and fresh, aspect about SecureSphere.

Improvements to My Organization

It has helped a lot with working among, and creating a link between, different teams in my organization, of course I’m referring to security, networking and system application teams. It’s important to find the right collaboration in order to secure the applications from the beginning of the deployment process.

Room for Improvement

I guess the GUI could be improved a little, as it’s not always simple to get. The most important aspect to me that needs improvement though, is that, by default, if you put activate and protect a server group you created, all the web applications lying on the same group of physical machines, inherit the same policy rule set. This means it’s not so easy to different policies and cut them on a specific application (maybe I’ll ask the vendor support).

Use of Solution

It’s been one-and-a-half years.

Deployment Issues

Not in particular, once I understand the network behavior and the different types of the WAF deployment it was pretty simple and fast.

Stability Issues

Not so far. It must be said, though, that It’s a relatively a new installment in our infrastructure, and maybe it’s too soon to say.

Scalability Issues

It’s an ongoing process day to day, working alongside systems and application engineers to adapt the WAF to better meet the applications characteristics. I guess it depends a lot on the application features and software implementation.

Customer Service and Technical Support

Customer Service:

I would say that they are pretty available.

Technical Support:

They are reliable and ready to solve your issues.

Initial Setup

To be honest, we have been supported by a professional services engineer who showed us the peculiarities during the initial setup, so it was a good experience. I would say that it’s straightforward if you are in good hands.

Other Advice

I would say to focus on the most convenient area for positioning the WAF in order to take the get the best out of it. In my case, we chose a WAF appliance, and it’s crucial where to put it. For instance, we chose to deploy it downstream from the load balancing network infrastructure for various reasons. One of them was to enable the WAF to see the private IP addresses that a vulnerability assessment tool in the private DMZ would see in order to use the WAF as an application firewall and as a virtual patching tool either.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 visitor found this review helpful
1 Comment
UserVendor

This review was helpful because you took the time to write it.

09 July 15
Guest
Sign Up with Email