SecureSphere X1010 Web Application Firewall X1010
November 01, 2013
$18,500 for the SecureSphere X1010 Web Application Firewall X1010 hardware appliance, including management, and $41,000 for the SecureSphere Database Activity Monitoring hardware appliance, including management. The two can be ordered as a single bundle for $51,000. We tested the two products separately.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: The Imperva SecureSphere X1010 Web Application Firewall X1010 holds like a brick while under attack.
- Weaknesses: Documentation is hard to find on the internet if you don’t know where to look.
- Verdict: Once it is set up, it is well worth the money.
Right out of the box, Imperva's SecureSphere X1010 Web Application Firewall X1010 presented a slight learning curve to get it configured, as all the documentation was not available right away. But, it can be set up with SSH and/or a console, making this step a little easier. Once the base initialization is done, the web-based user interface is user friendly with the main categories lining the top of the screen with drop-downs and subcategories after click.
On the web-based user interface - under the audit, reports and monitor tab - the web software presents visually appealing bar graphs broken down by months or selected time periods. Under the monitor tab are three boxes that show live monitoring on the server. The appealing aspect of the SecureSphere X1010 Web Application Firewall X1010 - and other Imperva servers - was the preloaded policies that were already running once the server was up and operating.
The SecureSphere web-based work surface makes it appealing to all technical levels - from a basic administrator to an administrator with 20 years' experience. The GUI makes it user friendly so that if one needs to look at something on the server, it's only one click away. Also, alerts can be setup to email users if something happens that isn't supposed to and the system fails.
Support, as long as one has a valid license, will provide assistance 24/7 via phone and email. With each product, Imperva offers three levels of support: standard, enhanced and premium. The main difference is that standard support hours are 8 a.m. to 6 p.m. and the enhanced and premium are 24/7. Additionally, premium provides advanced replacement for hardware. All is included in the first year, but is an extra cost for the years after that. Imperva also has the option of a dedicated support engineer who handles no more than three accounts.
While under attack, the SecureSphere X1010 Web Application Firewall X1010 holds up to what it says, and that means that it doesn't let anything get past, not even a sniffer. Also, while under attack the monitors show what's happening to the system as the attack is trying to gain access. Everything will be recorded and can be looked up in the real-time dashboard or under the monitoring tab for a more detailed description of the events that happened.
We tested the full hardware appliance version of the product, but Imperva has other configurations, such as virtual appliances, available at various prices. We found the website to be a bit heavier on marketing than on support. While it is true that there is access to information, such as training videos, we did not find an easy or obvious way to download manuals, quick-start guides or other documentation that would have speeded our deployment process.
Pricing can be a bit complicated, but we view that as a consequence of Imperva offering a broad range of options, each with different pricing.
We liked the Imperva product and we view it as a good example of web application firewalls.
Allen Ramsay contributed to this review.
SC Magazine Articles
- Three zero-days found in iOS, Apple suggests users update their iPhone
- MedSec goes its own way with medical device flaw
- Juniper confirms leaked "NSA exploits" affect its firewalls, no patch released yet
- Ransomware: The evolution of cybercrime, a roundtable
- Researchers find seven classes of vulnerabilities in iOS sandbox security feature
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Wendy's POS breach 'considerably' bigger than first thought
- No hacking required: Israeli researchers show how to steal data through PC components
- Don't connect your charging cell to a computer or you may get hacked!
- Six senators urge Obama to prioritize cybercrime at G20 summit
- Creating a buzz: USBee software causes air-gapped computers to leak data via USB connections
- Privacy advocates upset over FAA drone regulations, citizen takes action
- Voter database hack in Illinois by foreign intruder compromises info of 200K
- Fantom and FairWare ransomware discovered