F5 Networks offers the Advanced Web Application Firewall (WAF) to provide bot defense, advanced application protection, anti-bot SDK, and other features.
N/A
Imperva Web Application Firewall (WAF)
Score 8.3 out of 10
N/A
The Imperva Web Application Firewall (WAF) is based on technology acquired with Incapsula and the former WebSphere WAF.
Advanced WAF is well suited for protection against account enumeration attacks, protection against known and new increasing attack vectors through out of the box attack signatures and threat campaigns. Also, up to date and accurate IP intelligence database to block based on known IP reputation.
If you are looking for a cheap product to meet the bare minimum requirements for PCI or any other compliance regulations, this is not the product. Also, the WAF portion only inspects on HTTP/HTTPS traffic which can be very limiting into other forms of web apps that utilize other protocols. The HTTP/HTTPS inspection that it does do is very in depth and well worth the investment.
So the product definitely is helping us for sudden attacks through DDOS, some injection ingestion into UI URLs, and definitely it's capturing those and I definitely see that as an advantage for us. They can stop the hackers from using our endpoints.
Alert Aggregation - Correlates different violations into perceived correlated attacks.
Ease of deployment - as one of the only WAFs that allow bridge mode deployment, this can be deployed with without downtime and no Network Architecture modifications. If the need for proxy is required at a later time, Transparent Reverse Proxy can be deployed within seconds and minimal configuration.
Custom Policies - Custom security policies are easy to configure.
Reporting - There are a good amount of pre-configured reports available by default.
The UI for events. E.g., clicking the "Accept" button does nothing.
Traffic learning suggestions are often very incorrect. We were originally suggested to use "Automatic" learning, and had to completely scrap the policy due to the suggestions.
"All in one" dashboard for viewing application URL/parameter overrides per policy.
Most* of it is very intuitive and easy to use. The "Help" section is fairly fantastic. See some of my other comments about things like the "Traffic Learning" section being wildly wrong sometimes, and also the event logs with UI buttons that don't do anything. Overall though, it's an excellent product.
There are just a couple of points that are hard to find, that probably could be elsewhere. But these are minor; everything else is right where you'd expect it to be.
We haven't needed support from Imperva since implementation. But during that time, their personnel were very quick to respond to questions. Since then, it's been largely doing its thing for us (which is exactly what we'd hoped).
I believe that in the case of Big-IP F5, it has a lot of power, a lot of features including the VPN features and also the evaluation of security posture of the devices that connect through VPN. That's very solid and that's something that is not found in all the WAF solutions and so I haven't seen that in Azure.
Ultimately, it was the easiest to work with that was still a "known" company (we've been burned too many times by up-and-comers). We needed something that gave us a lot of control but then didn't need its handheld on a daily basis. Imperva gives us a lot of that and we are still able to navigate it with ease.
In our case it has been great because the pricing is just right for all the features that we have on the platform and the flexibility. In fact, we acquired another license last year, so that's something that we're interested in. We are currently moving towards the cloud with our ERP systems and eliminating the IBM platform, so we would like to see that F5 virtual option available on Azure.
