Imperva WAF and Barracuda, which one is better?
To prevent OWASP TOP 10 (SQL Injection, XSS, XSFR...etc) attacks, stop L7 DDoS like SlowLoris and HeavyURL, protect against web fraud, phishing and endpoint malware (Dridex) on endpoint machines outside administrative control, secure application API's, the option to deploy as a managed service in the cloud and available on premises, use DAST integration for policy building with Qualys, Cenzic, Appscan and Whitehat, as well as at the same time provide market leading encryption support for the latest ECC cyphers, network firewalling, Identity and Access Management, Forward Proxy, Global and Local load balancing, DDoS mitigation on premises and in the cloud from layers 3-7 there really can be only one vendor. F5
Really depends on your requirement, budget and IT resources you have. If you are after an advanced WAF, imperva is the clear winner in my opinion. Comprehensive feature set, quite matured. But you will need proper training and experience to manage and get the best out of it. Mind you they are the only leader in Gartner MQ. But the price tag can be high. If you are looking for another good contender, look at Radware AppWall. Their product is good and the fully managed service offering is ideal for someone who has no expertise in WAF, in day today managing and making sure the rule set is optimized.
BTW Like any security solution, WAF is also as good as how well it is tuned. Specially if you plan to put it inline, make sure you not only consider the product, but a good service partner too.
They're both great products that provides WAF services at the top of their class and hence not better but more suitable in different scenarios. It all comes down to the environment you wish to deploy those into, the scale of the web services which you will be protecting, the ratio of dynamic pages to static ones, the volume of traffic, the location of your customers/end-users and finally the cost (e.g. you may need to load balance over a few Barracudas to accomplish the same throughput provided by Imperva)
Barracuda is deployed in a pinch, but is very clearly a "conformity" WAF. Imperva's is a fulll fledge WAF, very complete, with a lot of granularity and reporting. Imperva's solution requieres a long, costly deployment. Both companies target very different market segments.
Today i would say Barracuda is the better WAF based on that Imperva Dev slowed down over the last two years and the customers give bad feedback on the support, but there is a newer generation of WAF´s in the market that is better than Imperva and Barracuda, both in performance and price, PT application firewall, the only visionary in the GMQ
We all know it's really hard to get good pricing and cost information.
Please share what you can so you can help your peers.