Imperva SecureSphere Web Application Firewall
November 01, 2011
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Many built-in, advanced features, including full integration with vulnerability scanners.
- Weaknesses: Can be too pricey for some environments.
- Verdict: Very broad feature set and excellent performance, though all of that comes at a price.
The SecureSphere Web Application Firewall from Imperva offers up some interesting functionality. This appliance includes the usual protection for XML and web applications, but also offers integration with web application vulnerability scanners to patch flaws before they can be exploited. This product also can identify and block known malicious IP addresses, anonymous proxy addresses and known phishing URLs.
We found this tool to be quite straightforward to deploy and configure. Initial setup takes just a few minutes and is done by connecting through a terminal session. After the initial configuration is complete, all further management is done through a web-based interface. We found this to be a little overwhelming at first, but we quickly became accustomed to navigating around and setting up policies and rules.
This solution includes a multitude of deployment options that make it flexible for any organization. It can be deployed inline or as a sniffing gateway, a discovery and assessment server, and a high-availability cluster. This, combined with many onboard policies and Imperva's built-in correlation engine, is what makes this product a highly flexible web application firewall.
Documentation includes a short quick-start, as well as an onboard administrator guide. The quick-start guide details not only the initial configuration steps, but also the many deployment options, with clear and easy-to-understand diagrams.
Imperva offers customers many support options that are available by subscription. Customers with agreements gain access to various levels of phone- and email-based technical assistance.
At a price of $31,000, this product may seem quite expensive, but we find it a good value for the money based on its advanced feature set, including some solid integration capabilities.
Sign up to our newsletters
SC Magazine Articles
- Microsoft report explores dangers of running expired security software
- Survey: real-time SIEM solutions help orgs detect attacks within minutes
- Vulnerabilities identified in three Advantech products
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- State Department hack may be tied to White House network breach
- Operators disable firewall features to increase network performance, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Upping the ante: PCI Security Standard
- Study: Third of employees use company devices for social media and online shopping
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Swedish appeals court nixes Assange's plea
- Critical XSS vulnerability addressed in WordPress
- The Internet of Things (IoT) will fail if security has no context