Imperva SecureSphere Web Application Firewall Archived Reviews (More than two years old)

Filter by:
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Real User
Cyber and Information Security Officer at a energy/utilities company with 10,001+ employees
Mar 05 2018

What is most valuable?

* Learning mode. * Custom policies. * Very intuitive and granular configuration - It does not require much time, or advanced knowledge, for configuration and maintenance.

How has it helped my organization?

Protects and secures all our web sites.

What needs improvement?

The reporting is missing some features, such as: only two export formats, and the time period does not include the last day, week, year.

What other advice do I have?

I rate it a 10 out of 10 because of the ability to apply real-time changes or creations, export and import applications learned, and it's very easy to use. It also features system logs or incidents, granular configuration in relation to a… more »

Which other solutions did I evaluate?

F5.
Consultant
Sr. Consultant at a tech services company with 51-200 employees
Feb 23 2017

What is most valuable?

The most valuable feature is the grouping of multiple targets via the scan policy. It is valuable because of the large number of targets and governmental requirements to… more »

How has it helped my organization?

With acquisition of a license to use the product, we received the ability to standardize database scanning and data protection across the enterprise around one product.

What needs improvement?

Many features are buried under not-straight-forward options and, at times, hard to find screens. Very few import features have clearly defined format requirements. Agent… more »

What's my experience with pricing, setup cost, and licensing?

Licensing should be chosen based on the current infrastructure setup and growth plans. Purchasing appliances of different types may lead to unnecessary/unjustified… more »

Which solution did I use previously and why did I switch?

We attempted to use several previous solutions. One was Tenable SecurityCenter with its custom, XML-like scripting where each check had to be written by the Database… more »

What other advice do I have?

Be prepared to obtain every piece of documentation that comes with the product. Thoroughly research it to obtain a clear understanding of how to implement the product and… more »

Which other solutions did I evaluate?

The product that was evaluated and was chosen as the recommendation was IBM Guardium. Unfortunately, its licensing cost was a lot higher. Therefore, the management decided… more »
Learn what your peers think about Imperva SecureSphere Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
438,043 professionals have used our research since 2012.
Vendor
Systems & Infrastructure Architect at a insurance company with 1,001-5,000 employees
Feb 14 2017

What is most valuable?

* Bad-IP blocking and signature-based blocking for web application security

How has it helped my organization?

* Security compliance and temporary remediation of application vulnerabilities

What needs improvement?

Management of policies and rules can be complicated and the physical setup of the product has implications on HA.

What's my experience with pricing, setup cost, and licensing?

Try to use a cloud-based and/or managed solution instead of managing a WAF internally; that should be the first preference.

Which solution did I use previously and why did I switch?

We did not have a previous solution.

What other advice do I have?

While implementation is not hard, the process and resources for ongoing management should be thought through and agreed to before implementation.

Which other solutions did I evaluate?

Before choosing, we also evaluated F5 ASM.
Consultant
Network Security Engineer at a tech services company with 501-1,000 employees
Jun 24 2015

What is most valuable?

I really like the profiling section. I mean that signature based policies are ok and they are maybe the most widespread and common kind of security policy in security appliances, but, the profiling policies are custom tailored on a specific web application. I guess it’s the most valuable, and fresh… more »

How has it helped my organization?

It has helped a lot with working among, and creating a link between, different teams in my organization, of course I’m referring to security, networking and system application teams. It’s important to find the right collaboration in order to secure the applications from the beginning of the… more »

What needs improvement?

I guess the GUI could be improved a little, as it’s not always simple to get. The most important aspect to me that needs improvement though, is that, by default, if you put activate and protect a server group you created, all the web applications lying on the same group of physical machines, inherit… more »

What other advice do I have?

I would say to focus on the most convenient area for positioning the WAF in order to take the get the best out of it. In my case, we chose a WAF appliance, and it’s crucial where to put it. For instance, we chose to deploy it downstream from the load balancing network infrastructure for various… more »
Consultant
Senior Security Analyst at a tech services company with 501-1,000 employees
Jun 17 2015

What is most valuable?

I was involved in the deployment and found that all the features in this product are fantastic, especially the correlated attack validation, threat radar (reputation, fraud), and virtual patching. Those are features that are very useful in day to day operations.

How has it helped my organization?

Using WAF in an organization means we can quickly see the attacks that the environment is suffering and take action to mitigate the threat(s). It is possible to view traffic and analyze it to determine if it is legitimate traffic or not, using features such as threat radar and geolocation, helping the security team in the company.

What other advice do I have?

All products are good, and I believe narrowing the choice of manufacturer is best done when you do proof of concepts in-house and you can see which of your choices is best matched to your needs.

What is Imperva SecureSphere Web Application Firewall?

Web application attacks deny services and steal sensitive data. Imperva Web Application Firewall (WAF) analyzes and inspects requests coming in to applications and stops these attacks.

Protect your applications in the cloud and on-premises with the same set of security policies and management capabilities. Safely migrate apps while maintaining full protection.

Deploy Imperva WAF on-premises, in AWS and Azure, or as a cloud service itself. Easily meet the specific security and service level requirements of individual applications.

Imperva WAF protects against the most critical web application security risks: SQL injection, cross-site scripting, illegal resource access, remote file inclusion, and other OWASP Top 10 and Automated Top 20 threats. Imperva security researchers continually monitor the threat landscape and update Imperva WAF with the latest threat data.

Imperva SecureSphere Web Application Firewall customers

BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens

BUYER'S GUIDE
Download our free Imperva SecureSphere Web Application Firewall Report and get advice and tips from experienced pros sharing their opinions.