Imperva SecureSphere Web Application Firewall Review

Dual perspective of positive and negative security makes for optimal protection


What is our primary use case?

For some time now, I have been the CTO of a consulting company and our main issue is web application security. We also handle database security.

This is one of the solutions that we implement for our clients.

The primary use of this solution is the protection of applications.

What is most valuable?

This product has a logical perspective of negative and positive security. Negative meaning all of the blacklisted websites, and the positive is the profiling of the website itself. Impera can see and activate the policy, based on what it has learned. Imperva learns things like how dynamic content is dealt with, and what the permitted values are. When you combine these two perspectives, the negative and the positive, you get the optimal protection of the application.

What needs improvement?

When you want to move to a higher version of the platform, it is not in the GUI and not very easy to do. I expect that this will be available in the next version.

I think that better bot protection is needed in this solution. Bot protection is one of the features in Imperva that lets you recognize if their request is coming from a human or coming from a bot. In this context, a bot is a mechanism being used by the attacker. Good bot protection will reduce a lot of the attacks coming into the applications.

For how long have I used the solution?

I have been using this solution for about eight years.

What do I think about the stability of the solution?

This solution is pretty stable.

What do I think about the scalability of the solution?

If you build this solution properly then you have scalability.

How are customer service and technical support?

We do not use technical support very often. It is only in cases where we get something that looks like a bug. Their team is good.

How was the initial setup?

The initial setup of this solution is user-friendly and pretty straightforward.

However, the setup, in order to bring the application into inspection, is kind of complex. You need to know what you're doing. It takes approximately four hours to install, setup, and configure this platform.

What about the implementation team?

My team and I handle the integration of this solution for our clients.

The number of people required depends on the environment. Sometimes it is one person, whereas other times there are two.

We have three people who take care of maintaining this solution for our customers.

What's my experience with pricing, setup cost, and licensing?

The cost of this solution depends on the platform. For example, you may be buying virtual or you may be buying appliances. It also depends on the number of environments and the bandwidth that is required.

Which other solutions did I evaluate?

Compared to other web application firewalls in the market, Imperva does things in the most accurate way.

What other advice do I have?

Overall, Imperva is a pretty good product.

I am working with the development team for Imperva in Israel, and I have submitted some feature requests for things that I think should be changed. Everything that should be fixed, we have a discussion on it and it is probable that these things will be fixed.

My advice to anybody who is implementing this solution is to first go and learn the attack surfaces because you need to protect the assets from attack. In order to do this, you need to understand the attacks. Let's say that a good defense is a good offense.

The biggest lesson that I have learned from working with this solution is to back up the system all of the time. Do it step by step, and be very precise. Have plans for each and every move, all of the time.

I would rate this solution a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email