Imperva Blog|Login|中文Deutsch日本語
Imperva Incapsula

Protect Websites from Cyber-attacks and Automated Threats

Having an online presence is critical for businesses of all sizes. Smaller enterprises face a particular challenge because hackers often prey on these organizations, translating a large volume of small gains into a profitable cyber-crime business.

Imperva Incapsula is an easy and affordable service that integrates three effective web solutions –Web Application Firewall (WAF), a DDoS mitigation service, and a content delivery network (CDN) — into a single cloud-based service. Imperva Incapsula enables organizations to jumpstart their Web application security initiative while optimizing website performance, within in a matter of minutes. Providing best-of-breed security protection, Incapsula requires no hardware or software installations; and no web application changes, so even businesses without dedicated security or IT staff can rest assured that their Web applications and data are safe.


Get protected fast! Sign up for a FREE
trial of Incapsula and rest easy knowing
your website's security is monitored and
managed by our experts 24/7.
Free Trial
Web Application SecurityDDoS Attack Mitigation
Imperva Incapsula protects Websites and online applications against current and emerging threats, including SQL Injection, Cross-site Scripting (XSS), illegal resource access, malicious bots, and other OWASP Top 10 threats. Imperva Incapsula delivers defense for all types of DDoS attacks in order to keep businesses running and Websites accessible. Incapsula lowers the cost of protecting against DDoS attacks by eliminating the need to over-provision bandwidth with service providers.
PerformanceCompliance
Imperva Incapsula automatically optimizes Web site performance, resulting in dramatically faster Web page load times, while simultaneously reducing Web server workload, and web site bandwidth consumption. If your Website processes payment cards, compliance with PCI 6.6 is a requirement, not an option. Imperva Incapsula provides continuous protection and ensures PCI 6.6. compliance without requiring PCI expertise or expensive consulting projects.

To learn more, click on the Capabilities tab.


Imperva Incapsula Plans

Imperva Incapsula offers flexible subscription plans to meet specific business needs.

PlansWAF BandwidthIncluded WebsitesCDNDDoS Protection
Enterprise 10 10 Mbps 1 Yes 1 Gbps
Enterprise 20 20 Mbps 1 Yes 1 Gbps
Enterprise 50 50 Mbps 1 Yes 1 Gbps
Enterprise 100 100 Mbps 1 Yes 1 Gbps


Optional Add-ons

Additional service options are available for Imperva Incapsula, including:

  • Extended DDoS Protection: All Incapsula plans can be upgraded to include higher DDoS Protection limits including: 4Gbps, 8Gbps, and Unlimited DDoS protection.
  • Managed Security Service: Includes, proactive policy tuning; and proactive security event management and incident response. It also includes expedited support with 2 hour critical incident response time and 24x7 technical support.
  • Additional 100 Mbps Bandwidth: Organizations may purchase extra bandwidth to be added to their base Imperva Incapsula plans. Bandwidth may be purchased in one to five year subscriptions.
  • Additional Websites: Imperva Incapsula includes protection for one website by default. Organizations that need to protect additional domains can purchase add-on subscriptions to protect additional Websites.

Protect Against Web Application Attacks

Imperva Incapsula protects Websites and online applications against current and emerging threats, including SQL Injection, Cross-site Scripting (XSS), illegal resource access, malicious bots, and other OWASP Top 10 threats. Security experts behind the Imperva Incapsula managed service ensure optimum protection against newly discovered vulnerabilities to prevent disruption to your Website.

Fast, Accurate DDoS Security from Imperva

Imperva Incapsula offers a complete defense against all types of DDoS threats, including network-based attacks, like SYN or UDP floods, and application attacks that attempt to overwhelm server resources. The service also blocks advanced attacks that exploit application and Web server vulnerabilities, like Slowloris, and it caches Web content to ensure optimum performance, even when under attack. Unique bot-detection technology differentiates real users from automated clients to stop attack sources.

Incapsula scales on demand to stop multi-gigabit denial of service attacks. With Imperva’s powerful defense against DDoS attacks, customers can be assured that their applications are always accessible.

Improve Website Performance

Imperva Incapsula accelerates the performance of your Web applications, which results in faster Web page load times, reduced Web server workload, and lower Website bandwidth consumption, all without compromising your Website’s functionality.

Achieve PCI Compliance

If your Website processes payment cards, PCI 6.6 requires that you must either install a Web Application Firewall or review all Web applications annually and after all application changes. Imperva Incapsula provides continuous protection and helps you maintain PCI compliance in an affordable way.

Avoid Search Engine Blacklisting

Many legitimate Websites are added to the malware blacklists of security software firms, search engines, and browser makers due to application vulnerabilities. As a result, customers and partners may find their access to your Website blocked and your business effectively shut down. Imperva Incapsula enables you to close vulnerability gaps in your applications to avoid blacklisting and ensure your Website is always accessible.

Effortless Deployment

Imperva Incapsula does not require any hardware, software or changes to existing Web application code. Imperva Incapsula is provisioned as a service via a simple change to your Website’s DNS setting. This effortless deployment enables organizations to jumpstart their Web application security initiative while maintaining existing internet and Web hosting providers and infrastructure.

Lowest Total Cost of Ownership (TCO)

By leveraging a software-as-a-service (SaaS) delivery model, Imperva Incapsula provides businesses with the highest levels of Website security without requiring a large resource investment. Imperva Incapsula couples effortless deployment and dedicated security expertise with low annual costs to significantly reduce your capital expenditures and operational costs.

Centralized Threat Analysis

Imperva Incapsula protects your Website with collective knowledge about threats, including new emerging threats. Threat information is aggregated across the entire service network and used to identify new attacks as they happen and simultaneously apply mitigation rules to all Websites protected by Imperva Incapsula.

Imperva Incapsula Specifications


Specification Description
Security
  • Network and application DDoS attack protection
  • SQL Injection Prevention
  • Cross Site Scripting Prevention
  • Bad Bot Blocking
  • Illegal Access Prevention
  • Access Control By Country
  • Access Control By Visitor Type
  • Advanced Security Actions
  • Security Rule Fine Tuning
  • Support for HTTPS Sites
  • Threat Control Dashboard
DDoS Attack Protection1
  • TCP SYN+ACK
  • TCP FIN
  • TCP RESET
  • TCP ACK
  • TCP ACK+PSH
  • TCP Fragment
  • UDP
  • ICMP
  • IGMP
  • HTTP Flood
  • Brute Force
  • Connection Flood
  • Slowloris
  • Spoofing
  • DNS flood
  • Low & High Orbital Ion Cannon (LOIC & HOIC)
  • Mixed SYN+UDP or ICMP+UDP flood
  • Ping of Death
  • Smurf
  • Reflected ICMP and UDP
  • Teardrop
  • Zero-day DDoS attacks
  • DDoS attacks targeting Apache, Windows or OpenBSD vulnerabilities
  • As well as other attacks...
Performance
  • Globally Distributed Network
  • Static Content Caching
  • Connection Optimization
  • Dynamic Content Compression
  • Content Minification2
  • Advanced Dynamic Content Caching
Compliance
  • PCI-Certified Cloud-based WAF Solution
  • Fulfills PCI 6.6 Compliance Requirements
  • Automatically Generates PCI 6.6 Compliance Reports
Managed Security Service (Optional)
  • Around-the-clock health monitoring
  • Threat alert email notifications
  • Performance notifications
  • Server outage notifications
  • Application response time analysis
  • Proactive security event management and response
  • Proactive policy tuning
  • Weekly reporting
  • Around-clock-support

1 The Imperva Incapsula service can detect and block the following DDoS threats. Note that Incapsula service proxies Web requests, so any network layer DDoS attacks would target the cloud infrastructure and would never be relayed to the client network. Therefore, Imperva Incapsula will prevent all network DDoS attacks.

2 Eliminating unnecessary application code such as white spaces and comments.