Most Helpful Review
Find out what your peers are saying about Cloudflare vs. Imperva SecureSphere Web Application Firewall and other solutions. Updated: January 2020.
399,757 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
The technical support is good.
The most valuable feature of Cloudflare is that it has a free version. They give us the free version with the anti-DDoS features and also the load balancing solution.
Cloudflare allows us to self-host services such as Rocket.Chat and Node-RED, in high-availability mode, thanks to round robin DNS which allows us to share one hostname between our two locations.
When using services like Heroku, Cloudflare is very useful for CNAME flattening. I also use it for their end-to-end SSL with TLS authentication on nginx for securing servers.
Centralized, full-featured DNS.
The simplicity of the overall dashboard makes it a great product for a user like me who has less understanding of the internet than a developer or other more technical people. It gives me peace of mind. I also love the easy customization of the Page Rules.
Compared to other web application firewalls in the market, Imperva does things in the most accurate way.
The dynamic profiling of websites is the solution's most valuable feature. The security is also good.
Data masking is the most valuable feature of this solution.
The solution is very scalable. It is one of the most important features. You can also expand resources and features as well.
There are some features that are configured by default, so even without doing much, it can still provide a level of protection.
It mitigates all of the availabilities of risks around web applications.
The compliance is the most valuable aspect.
It has threat intelligence and we are using Incapsula. With threat intelligence, we can separate HTTP and HTTPS traffic. We can use Incapsula to send all the threat intelligence to the WAF.
The product support needs to be accessible from more places, a wider area of coverage.
If they improve on the placement of their data centers, it would be better. I'm living in a remote area. I would like to connect to them without any kind of lag.
They lack a good way to manage DNS as a company, since everything is relegated to single account logins until you get to the higher levels. They have come out with a paid feature to remedy this, but I have not had a chance to fully review it yet to know if it fixes the access problem.
One area of improvement is in the Access Rules. Hypothetically, if we wanted to block or challenge traffic outside of the United States, the only way to currently do that (as far as I know) is to enter every single country outside of the United States. That could be a labor intensive job. A solution could be to enable users to create a rule where traffic is only allowed within a certain country.
I think the APIs are a little bit hard for us to work with. The APIs could be more open so that we could integrate better with our SolarWinds or our monitoring solution.
The reporting can definitely be improved to offer a lot more explanation on something that may have happened or has actually happened.
I think that better bot protection is needed in this solution.
It would be useful if the solution used more intelligence in attack protection. For example, firewalls are to be dependent on the configuration, but if they could have some data science around it the solution would be even better. The profiling of the traffic, and making decisions surrounding that should be intelligence-based, instead of being based on the configuration of the firewall itself.
Some of the features should be included in the next release is a file integrating monitoring tool. This feature should be improved.
The initial setup could be simplified. Every time you have to install the solution you have to get in touch with support or somebody that can to do that for you.
It would be helpful to have a "recommended deployment", or even a list of basic features that should either be used or turned on by default.
Their portal is very limited and needs improvement.
It's a complicated tool to keep.
There could be some limitations that from the converged infrastructure perspective: when you want to converge with everything and you want Imperva to get there easily because it's not a cloud component. For example, when you want to build servers and you're using OneView to manage your software-defined networks, implementing Imperva right away is not that simple. But if you're doing just a simple cloud infrastructure with servers in there, you're good to go. Also, we are not able, with Imperva, to block by signatures. Imperva by itself needs to be complemented with another service to do URL filtering.
Pricing and Cost Advice
There are no additional costs beyond the standard licensing fees.
I think the pricing is competitive. I think as far as licensing is concerned it's pretty straightforward because it's based on domain. It's just that sometimes domains could be tricky with some customers.
The cost of this solution depends on the platform.
Everybody complains about the price of this solution.
Make sure you understand the way that Imperva charges. It's very affordable. However, I would like to see a package with the Virtual Patching included. You get to do patching separately.
out of 39 in Web Application Firewall (WAF)
Average Words per Review
out of 39 in Web Application Firewall (WAF)
Average Words per Review
Compared 20% of the time.
Compared 7% of the time.
Compared 6% of the time.
Compared 34% of the time.
Compared 25% of the time.
Compared 11% of the time.
Cloudflare is the leading performance and security company helping to build a better Internet. Today the company runs one of the world’s largest networks that powers more than 9 million Internet applications. More than 10 trillion Internet requests flow through Cloudflare’s network each month, accounting for nearly 10% of all Internet requests globally.
Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all web traffic routed through its intelligent global network, which gets smarter with each new site added. As a result, they see significant improvement in performance and a decrease in spam and other attacks.
Web application attacks deny services and steal sensitive data. Imperva Web Application Firewall (WAF) analyzes and inspects requests coming in to applications and stops these attacks.
Protect your applications in the cloud and on-premises with the same set of security policies and management capabilities. Safely migrate apps while maintaining full protection.
Deploy Imperva WAF on-premises, in AWS and Azure, or as a cloud service itself. Easily meet the specific security and service level requirements of individual applications.
Imperva WAF protects against the most critical web application security risks: SQL injection, cross-site scripting, illegal resource access, remote file inclusion, and other OWASP Top 10 and Automated Top 20 threats. Imperva security researchers continually monitor the threat landscape and update Imperva WAF with the latest threat data.
Learn more about Cloudflare
Learn more about Imperva SecureSphere Web Application Firewall
|Trusted by over 9,000,000 Internet Applications and APIs, including Nasdaq, Zendesk, Crunchbase, Steve Madden, OkCupid, Cisco, Quizlet, Discord and more.||BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens|
Financial Services Firm18%
Marketing Services Firm18%
Software R&D Company29%
Comms Service Provider13%
Software R&D Company34%
Financial Services Firm13%
Comms Service Provider12%
See also Cloudflare Reviews, Imperva SecureSphere Web Application Firewall Reviews, and our list of Best Web Application Firewall (WAF) Companies.