Imperva SecureSphere Web Application Firewall Review

Useful out-of-the-box threat protection, not too complex, and has good technical support


What is our primary use case?

This is one of the solutions that we provide to our customers.

We use this solution for application-level security, above layer four protection where the firewall cannot reach.

I have worked with both on-premises and cloud deployments.

What is most valuable?

The most valuable feature is the out-of-the-box detection engine. It has the ability to detect some of these things without being configured. There are some features that are configured by default, so even without doing much, it can still provide a level of protection.

What needs improvement?

The visibility provided by this solution can be improved. I often tell my customers that "You can't fight what you can't see". I can recall a time when I did a presentation after a deployment, and it prompted them to put the solution into enforcement mode immediately. Normally, we wait one week with the solution in monitoring mode. However, once they saw the types of vulnerabilities they had, they wanted to take action right away. It gave them a great deal of knowledge, and knowing that they are protected from these types of attacks has boosted their confidence.

This solution has a lot of features, and some of the students were confused when I was discussing them. It would be helpful to have a "recommended deployment", or even a list of basic features that should either be used or turned on by default. If somebody has installed the product several times but is doing the same thing incorrectly, then they get experienced in doing the wrong thing. You should be able to specify which assets you need to be protected, and the solution will tell you the minimum in terms of features that need to be turned on. If you need more advanced protection then the others will become relevant.

Imperva partner training is something that I would be interested in if it ever came my way. There should be partner-specific webinars, meetings, and other training provided to us,

For how long have I used the solution?

I have been using this solution for about two years.

What do I think about the stability of the solution?

So far, I don't think that we've had any issues with this solution in terms of stability. People discussing this solution have given the same remark.

This solution is used on almost a daily basis.

What do I think about the scalability of the solution?

Scalability of this solution is based on the design. If you get your design right, then you shouldn't have a problem with the scalability.

How are customer service and technical support?

While we were installing this solution, we had contact with technical support and they were good. I have referenced information that is on their site and it is helpful, as well.

During the initial installation, there was a warning that was not part of the known CVEs. When I checked with support, they told me that this type of problem is blocked out-of-the-box. However, if I wanted to be really sure, they showed me how to create a custom policy, or custom rule, to specifically deal with it.

If you previously used a different solution, which one did you use and why did you switch?

I have used other solutions, but I usually follow the Gartner reports and their suggestions. My previous solution had not been doing too well.

Also, as I became more familiar with this solution, it became easier for me to identify issues. I had also read research on Imperva blocking denial-of-service attacks, and I like practical evidence of issues such as this. By reading these articles, and about other people's experiences, it is like seeing it for myself. With other solutions, you are not privy to such visibility.

Complexity and cost are two important factors when it came to choosing this solution.

Unless the client has as serious issues and does not want Imperva, this is my first choice.

How was the initial setup?

The initial setup of this solution was not too straightforward. We did have to contact Imperva during the deployment. The length of time for deployment depends on the experience of the people performing the installation, as well as the environment.

What about the implementation team?

My team and I performed the implementation of this solution. To make sure that we were on track, we contacted Imperva support for some clarification. Most of the things that we do, we follow best practices.

What's my experience with pricing, setup cost, and licensing?

Everybody complains about the price of this solution. 

What other advice do I have?

This is a security device, and it is used almost every day. It is not just used when there is an issue. Based on what the dashboard or the reports say, you can change policies to meet your security requirements or business needs.

Based on my experience, and what I know this product can do, I would never recommend another solution. I advise most of my customers to go for this.

I would rate this solution a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Add a Comment
Guest
Sign Up with Email