Imperva Incapsula DDoS protection mitigates the largest attacks immediately without incurring latency or interfering with legitimate users. Multiple DDoS protection options have been designed to meet your exact needs.
Always-on DDoS protection automatically detects and mitigates attacks targeting websites and web applications.
Website Protection is an optional DDoS mitigation service that can be added to any Cloud WAF subscription.
On-demand or always-on protection against DDoS attacks that directly target your network infrastructure.
Infrastructure Protection can be used to defend entire subnets.
Name server protection
Always-on DDoS protection for your Domain Name Server (DNS) against network and application layer assaults.
Name Server Protection also accelerates DNS responses.
All-inclusive DDOS protection
Imperva Incapsula DDoS protection supports Unicast and Anycast technologies, powering a many-to-many defense methodology. This automatically detects and mitigates attacks exploiting application and server vulnerabilities, hit-and-run events and large botnets.
10-second mitigation SLA
When DDoS strikes, it takes target services moments to go down and hours to recover. Imperva offers the only service that has an SLA-backed guarantee to detect and block website attacks in under 10 seconds.
Our high-capacity global network holds over 6 Terabits per second of on-demand scrubbing capacity and can process over 65 billion attack packets per second. The Imperva network has successfully defended clients against some of the largest attacks on record.
Imperva Incapsula gives you visibility over attacks as they are happening and provides actionable insight into Layer 7 attacks. The Imperva security dashboard lets you quickly analyze attacks and adjust security policies on-the-go, to stop web application attacks.
Block any type of DDoS attack
Imperva proxies all web requests to block DDoS attacks from being relayed to client origin servers. Imperva detects and mitigates any type of attack, including:
- TCP SYN+ACK
- TCP FIN
- TCP RESET
- TCP ACK
- TCP ACK+PSH
- TCP Fragment
- HTTP Flood
- Brute Force
- Connection Flood
- DNS Flood
- Mixed SYN + UDP or ICMP + UDP Flood
- Ping of Death
- Reflected ICMP & UDP
- As well as other attacks