Imperva DDoS Reviews, Competitors and Pricing

it_user257100

Founder and Team Head at a tech services company with 51-200 employees

Jun 17, 2015

Overall it worked well without any glitches.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

it_user257100Founder and Team Head at a tech services company with 51-200 employees

Report as inappropriate

Jun 21, 2015

Because I wrote it ;)

it_user12231

Owner at a tech services company with 51-200 employees

May 1, 2014

Speed up WordPress – increase security

In a nutshell this is what Incapsula does:

Incapsula offers state-of-the-art security and performance to websites of all sizes. Through a simple DNS change, your website’s traffic is seamlessly routed through Incapsula’s globally-distributed network of high-powered servers. Incoming traffic is intelligently profiled in real-time, blocking even the latest web threats: from sophisticated SQL injection attacks to scrapers, malicious bots, intruding comment spammers and thwarting multi-Gigabit DDoS attacks. Meanwhile, outgoing traffic is accelerated and optimized with Incapsula’s global CDN, for faster load times, keeping welcome visitors speeding through.

I’ve always been interested in how to make my website faster but with the news about brute force attacks on WordPress, I wanted a more secure website as well. Researching WordPress security, I was surprised to find the following image from Incapsula on what sort of traffic you actually get.

I don’t know how accurate this study is, I would like to see more data but I was surprised to say the least. I didn’t know just how much bandwidth could be wasted by automated services on your website.

So I decided to try Incapsula to see what it could do for my website and try and show you through this Incapsula review, just what this product can do.

But what can Incapsula do against all of this? A much easier way of answering this would be to watch their promo video

Install IncapsulaThe installation was pretty easy and within 5 mins I was done. All that is required is to change your DNS records, you can see more about the setup here. For WordPress users it’s also advised for you to install their WordPress plugin.

By using this plugin you will have no change to your originating IPs when using Incapsula. Incapsula acts as a reverse proxy and all incoming connections to your website first pass through one of Incapsula’s servers. This plugin will ensure that you continue to see the real originating IP of your website visitors.

Once this is all setup, it’s just a waiting game for Incapsula to start collecting the data.

Inside Incapsula

inside-incapsula

Once the DNS changes have been made and Incapsula has had time to do its job, you’ll see an image like above when you log in. This is a 7 day run down of what has been going on with your website. As you can see my bot visits out-number the human visits by quite some way.

Not all bots are bad however, I need Google-bot in order for my website to be found as well you a large number of other good bots but Incapsula reports that in the last 7 days there’s been 158 bad bots on my website!

Incapsula security

To test the security of Incapsula, I deleted my Askimet plugin as Incapsula can handle comment bots and protect me from spam. I also let it run for 7 days to see what it would report. Here’s my 7 day run down of what happened on my website.

Going further into the Incapsula dashboard you get a run down of the top attacking countries with USA being my top one with 30% next is China with 20%.

Incapsula also gives you a run down of the types of threats to your website.

threats

So it’s clear that bots are my biggest problem and Incapsula also shows what type of bot is causing the most problems, in my case it’s the comment spammer with 94%. I did want to test just how good Incapsula was so I deleted my Askimet plugin. Considering the amount of comment spammer bots visting my websites, Incapsula does a very good job of protecting my website. Although I still get a couple of spam comments a day without Askimet, I’m still impressed with Incapsula.

comment-spammer

Incapsula will also email you when there’s a threat. This is an email I got yesterday when someone tried to login to my website. Incapsula blocked the request.

This image is also provided by incapsula showing the top client applications. It surprising just how many bots are out there on the Internet!
bots2

To get a better idea of bot vs humans, Incapsula provides you with the following image. This is a nice example of just how much of your bandwidth is being wasted with unwanted bots on your website.

bots

Incapsula speed

Not only does Incapsula do a pretty god job of protecting your website but it also increases the speed of it. By blocking unwanted bots and saving your bandwidth, it not only saves you resources and money but you also get to use their CDN for a faster website.

So I wanted to test the speed of Incapsula, I switched to advanced performance and tested the before and after. The results are below.

Before advanced

After advanced

According to Pingdom switching to advanced performance on Incapsula increased the speed of my website by just over 50%!

You can also see the response time of the CDN location centers.

response-time

With the advanced setting of Incapsula it also caches dynamic cotent which you can read about here. There’s also a good article on how a CDN can help your SEO by Incapsula.

I’ve been impressed with Incapsula, it not only protects me from spammers and bad bots but it has also increased the speed of my website by over 50%. I found Incapsula very easy to use and once the setup is done everything is done automatically for you leaving you with a peace of mind of a faster website with better security.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

it_user1020Head of Data Center at a tech company with 51-200 employees

Report as inappropriate

Nov 21, 2013

A very good review of the product with matching graphics and stats to prove it. This is really something worth considering for anyone operating a high-traffic site, and I would definitely like to implement this for our university web services.

Buyer's Guide

Distributed Denial of Service (DDOS) Protection

April 2024

Download Free Report

Find out what your peers are saying about Imperva, Cloudflare, NETSCOUT and others in Distributed Denial of Service (DDOS) Protection. Updated: April 2024.

DOWNLOAD NOW

769,479 professionals have used our research since 2012.

it_user70002

CEO with 51-200 employees

Nov 19, 2013

Incapsula helped us stay up during some of the biggest DDoS attacks on record

To ensure the success of our online trading operations, we place a major emphasis on state-of-the-art security, high availability (99.9% uptime) and user convenience.

Daily high-volume network DDoS attacks against our website were wreaking havoc with business operations, resulting in downtime for our online trading platform. The anti-DDoS solutions we had in place was not equipped to mitigate these attacks, which came precisely at the time when we were experiencing record trading volumes.

Since our company deals with a highly competitive and time-sensitive trading market, high availability and stability are paramount to building our users' confidence in our platform. It was obvious to us that in order to maintain and grow our business, we needed the best DDoS protection solution.

We required a high-capacity solution capable of mitigating the largest Layer 3 DDoS attacks, which can often reach several tens of Gbps. Blackholing was not a desirable option, since this aggressive method for diverting traffic actually serves the attackers' goal of denying and disrupting service by not allowing any visitors to reach the site.

To ensure an optimal user experience, we sought a DDoS mitigation solution that would be transparent to users. In this context, we preferred a solution that does not use delay pages, which cause problems for the application's APIs and prevent users from connecting to the server.

In terms of architecture, we preferred a cloud-based solution for reasons of cost-effectiveness and compatibility with our existing cloud computing infrastructure.

Aware of the threat to our core business, we immediately began to look for a new anti-DDoS solution with the network capacity and security proficiency to meet our requirements. After an in-depth evaluation of leading DDoS Protection services in several industry comparisons and reviews, we chose Incapsula's cloud-based DDoS Protection service based on its ability to mitigate any type of DDoS attack with virtually zero business disruption.

We conducted an initial trial with Incapsula while still experiencing DDoS attacks of up to 100 Gbps. Incapsula mitigated these attacks, keeping the online trading platforms up at all times.

Our experience so far shows that Incapsula is a marked improvement over other DDoS protection companies we have worked with in the past. Despite the fact that attacks on our high-profile website are still a daily occurrence, traders coming to the site are able to buy and sell without any noticeable degradation in terms of performance and availability.

Through its non-intrusive traffic filtering and an enterprise-grade Web Application Firewall, Incapsula has been stable in protecting our online applications. The service secures websites and applications against all types of DDoS attacks, as well as sophisticated application attacks such as XSS and SQL injections.

Incapsula is now a key component of our security infrastructure. When under DDoS, traffic is routed through Incapsula for screening, where malicious traffic and DDOS attacks are blocked automatically.

By using Incapsula's DDoS Protection, we have achieved concrete benefits:

Cloud-based mitigation of network DDoS attacks - Incapsula mitigates high-volume network attacks through a global network of multi-gigabyte scrubbing centers
Intelligent mitigation of sophisticated application layer attacks - Incapsula uses advanced traffic analysis algorithms, granular mitigation rules and an enterprise-grade WAF to differentiate legitimate website visitors (humans, search engines, etc.) from automated or malicious clients.
"Always on" DDoS protection - Automatic "always on" DDoS mitigation and 24x7 monitoring are effective in stopping "hit & run" DDoS attacks can wreak havoc with solutions that need to be manually turned on and off on every burst.
Dedicated SoC team – An experienced team of Security Operations Center (SOC) engineers performs 24x7 security monitoring and assists with DDoS mitigation as needed.

Incapsula helped us stay up during some of the biggest DDoS attacks on record. This happened at a critical business juncture, when our increasing trading volumes were turning us into the number one bitcoin trading site in the world. We hope to continue working with Incapsula as we gain more exposure and popularity.

Disclosure: PeerSpot has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.

it_user3876Database Manager at a tech company with 51-200 employees

Report as inappropriate

Jan 4, 2014

Incaplsula provides protection against network as well as application level DDoS attacks including UDP Flood, ICMP (Ping) Flood , SYN Flood, Ping of Death , Slowloris and Zero-day DDoS.
Incapsula keeps an extensive DDoS threat knowledge base, which is constantly updated as new threats emerge.

AjayJawla

Technical Sales Director at Revere Technologies

Sep 2, 2019

Download

Protects your network environment from threats and defends your infrastructure from malicious behaviors

Pros and Cons

"This product is a reliable defense from malicious attacks on a network environment."

"Analytics in the area of risk need to be improved to supply more information to the users for creating better environments."

What is our primary use case?

The primary use is the protection of our environment and client environments from intrusion and malicious attacks.

How has it helped my organization?

The product improves our organization by defending infrastructures from malicious behaviors. It also allows us to provide a reliable product to our clients who need a similar solution.

What is most valuable?

The most valuable features for our organization are auditing capabilities and compliances. The product meets the needs of our business model and we can see the health of the architecture at a glance. There are some instances where a client needs to meet with compliances in their industry, and this product is capable of meeting those needs.

What needs improvement?

One thing that they really could improve on is the depth of the analytics. The company needs to think more about the risk and analytic side of the application to supply the user with more information to evaluate and use in resolving issues. It is good to be able to depend on the product to provide a reliable solution, but it is better to take steps to resolve issues overall. This means giving information to the user that will help them identify exactly what the issues are. Risk analytics need to improve and this can be done easily.

For how long have I used the solution?

We have been using the solution for more than five years.

What do I think about the stability of the solution?

This is a very stable product. Our clients have never complained about downtime or issues with functionality.

What do I think about the scalability of the solution?

The product is easily scalable. We currently work with five to six customers who are on this solution. They are organizations of mixed size from small to enterprise. There is no problem adjusting the scale up or down to meet their needs and budget.

How are customer service and technical support?

We have not needed to have much interaction with the support teams but when we do they address the problem quickly and with a high level of accuracy. The support, in my opinion, is very good.

How was the initial setup?

Deployment is always straightforward. You just follow the instructions. With our experience, the product takes very little time to install and configure.

What about the implementation team?

As we are a partner and a reseller, we are familiar with the product we do the installations for clients ourselves. We rarely have any issues with the installations.

What other advice do I have?

On a scale from one to ten where one is the worst and ten is the best, I would rate the Incapsula platform as somewhere between an eight to nine. The obvious fault is the lack of better reporting. However, it is a good, functional product and we recommend it to clients who will not have to do very much to maintain the product.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.

it_user569916

Network and Security Engineer at a consumer goods company with 1,001-5,000 employees

Feb 23, 2017

Download

The dashboard shows us traffic, security, and real-time utilization. The default configuration usually does the trick for us.

What is most valuable?

Very easy to configure, which quickly allows us to add significant security to our websites.
Nice dashboard, which shows us details about traffic, security, performance, real-time utilization and an activity log.
Easy to configure caching, content optimization and other advanced settings, which allows us to improve the customer experience if necessary, or keep the defaults if any change is unnecessary.

How has it helped my organization?

With our IT infrastructure more secure, our customers receive a great website experience without encountering website defacements and other fallout from attacks on our web servers. Our IT department is not spending the time we used to on website remediation after attacks.

What needs improvement?

An Incapsula website configuration instance can be in a "Pending DNS changes" state, where further work is needing to be done by the customer, while website access is otherwise fully functional. While in this state, the PCI Compliance Report for the website in question, which I have set to email me monthly, doesn't get generated and sent. Imperva should decouple the "Pending DNS changes" state from the process that periodically emails the PCI Compliance Report. Until that happens, the workaround is to manually generate the report monthly.

For how long have I used the solution?

Since May 2014.

What do I think about the stability of the solution?

We haven’t had any stability issues. I get emails about internal Incapsula technical issues that they’re working on. However, they haven’t ever impacted me as an administrator and I’m unaware of any customers experiencing issues getting to our websites.

What do I think about the scalability of the solution?

Incapsula scales nicely.

How are customer service and technical support?

Technical support is excellent.

Which solution did I use previously and why did I switch?

Prior to Incapsula, we only used inline IPS, anti-virus, etc. Incapsula is our first web application firewall.

How was the initial setup?

Initial setup was very easy. The default configuration usually has done the trick for us. We simply haven’t needed to deviate much from default. Online documentation is good and if we still had questions, we contacted support who helped us make configuration changes to address our needs.

What's my experience with pricing, setup cost, and licensing?

Gain an understanding of pricing for the various advanced features and figure out what features you need to meet your objectives. We have done very well with the first tier feature package to address the needs at our two data centers and our cloud environments.

Which other solutions did I evaluate?

We got a feel for pricing and capabilities of other competing systems. However, Incapsula came highly recommended by our trusted security VAR as they had many customers who experienced great results with it. With that ringing endorsement, and the reasonable cost, we tried it out, loved it, and have been using it ever since.

What other advice do I have?

Do a proof-of-concept. It’s quick and easy to set up, and you’ll have Incapsula support to help you if needed. Embrace the ease-of-use of the administrative interface and marvel “can a WAF really be this easy?!”. Monitor the dashboard and enjoy the results. The ease of testing Incapsula and then implementing it into production is one of the most remarkable product experiences in my IT career. It’s clear that Incapsula engineers are busy behind the scenes, which is in contrast to my appreciation of what I would otherwise be doing tuning other WAF options.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

Dian Sabev

Security Expert at a tech services company with 1-10 employees

Mar 7, 2020

Download

Stable and scalable with good account takeover protections

Pros and Cons

"The solution has a very good interface."

"The rules surrounding the making of web applications could be improved."

What is our primary use case?

Primarily, clients are in need of some extra defense and a bit of protection, which is why they use this solution.

What is most valuable?

The most important aspect of the solution is the DDoS feature.

The solution has a very good interface.

Last year, the solution added a lot of additional improvements and functionalities, and for now, the features they have offered us have been great.

They recently added some account takeover protections that have been really useful.

What needs improvement?

The rules surrounding the making of web applications could be improved.

For how long have I used the solution?

I believe I've been using the solution for about four years.

What do I think about the stability of the solution?

There aren't issues with stability. As a cloud solution, it's hard to say if there will be stability issues. There might be issues with some customer setups, for example, but not with the product itself.

What do I think about the scalability of the solution?

The scalability of the solution is okay. Companies can expand it if they need to.

How are customer service and technical support?

We've been in touch with technical support in the past. Out of ten, I'd rate them at six or seven. We've had some issues with them in terms of response times, but overall they are okay.

Which solution did I use previously and why did I switch?

We didn't previously work with a different solution. We've partnered with Imperva so we're dealing only with them.

How was the initial setup?

Typically, the initial setup is more or less straightforward. there isn't too much complexity.

What other advice do I have?

We're resellers of the solution.

Typically the solution is deployed with the help of DNS.

It's a good product. It's one of the best on the market. If a company can afford the solution, they should try it out.

I'd rate the solution eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner

it_user162618

Security Consultant at a security firm with 501-1,000 employees

Feb 26, 2018

Download

Gives us the ability to differentiate between a positive and a false-positive intruder action

Pros and Cons

"Gives us the ability to trace each connection, and to have logs to be able to differentiate between a positive and a false-positive intruder action."

"I miss being able to integrate the dashboard with other BI tools we are using. We have to export and import data to be able to present it, and doing so is a lot of work."

How has it helped my organization?

It helped us to define wherever there was illicit traffic between our webs, and improved the control we achieved.

What is most valuable?

The ability to trace each connection, and to have logs to be able to differentiate between a positive and a false-positive intruder action.

It is handy to retrieve and download the logs to line up separate actions to identify possible intruder behaviour.

What needs improvement?

At that moment, I miss being able to integrate the dashboard with other BI tools we are using. We have to export and import data to be able to present it, and doing so is a lot of work.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Not at all.

It was a bit pointless to know how many sites were offline every time a spot in the world decided to do maintenance, but we like it as we can handle worldwide issues, knowing what is going on there.

What do I think about the scalability of the solution?

No issues at all, it fulfills our expectations in terms of scalability.

How are customer service and technical support?

Great.

Which solution did I use previously and why did I switch?

We had used many local, and some cloud-based solutions (like Azure, Advanced Nagios, Centreon). We switched for the scalability of the solution, the reporting features it has, as well as the availability to fine tune the solution.

How was the initial setup?

It was straightforward, but we had to fine tune it.

The initial setup blocked some cookies and data from our scrapers which, they said, they never received from us. We investigated and found the WAF was blocking them. It was a lot of work.

What's my experience with pricing, setup cost, and licensing?

It's worth it. It's a fine solution for medium/big companies worried about attacks that happen in the wild.

Which other solutions did I evaluate?

Centreon and Azure.

What other advice do I have?

My best advice could be, if you don't have the staff to carry out security in a proper way, have a tool do it, but use a specialized tool like this one, and don't re-invent the wheel.

Also, in our case, we soon realized that we needed an expert to fine tune it and to obtain all the features we wanted.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

it_user570156

Director at a tech company with 51-200 employees

Dec 15, 2016

Download

Considered CloudFlare as well. Didn't like that they want to take control of DNS.

What is most valuable?

CDN and DDoS.

How has it helped my organization?

This would speed up the images on the website geographically and protect against DDoS attacks.

What needs improvement?

Maybe another pricing tier for home uses with a few more features above the free version.
An appliance for large enterprise customers.

For how long have I used the solution?

6 months.

What was my experience with deployment of the solution?

Very straightforward.

What do I think about the stability of the solution?

No issues.

What do I think about the scalability of the solution?

None, all automatic.

How are customer service and technical support?

Customer Service:

Excellent, no issues.

Technical Support:

Excellent.

Which solution did I use previously and why did I switch?

No.

How was the initial setup?

Very straightforward, just some DNS changes.

What about the implementation team?

In-house, again very straightforward.

What was our ROI?

Priceless, DDoS protection.

What's my experience with pricing, setup cost, and licensing?

Choose the most appropriate model.

Which other solutions did I evaluate?

CloudFlare, didn't like as they want to take control of DNS.

What other advice do I have?

Great product, it will not let you down!

Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide

Download our free Distributed Denial of Service (DDOS) Protection Report and find out what your peers are saying about Imperva, Cloudflare, NETSCOUT, and more!

Updated: April 2024

DOWNLOAD NOW

Product Categories

Distributed Denial of Service (DDOS) Protection CDN Web Application Firewall (WAF)

Buyer's Guide

Download our free Distributed Denial of Service (DDOS) Protection Report and find out what your peers are saying about Imperva, Cloudflare, NETSCOUT, and more!

Buyer's Guide

Distributed Denial of Service (DDOS) Protection

April 2024

DOWNLOAD NOW

Quick Links

Learn More:

Questions: