

DDoS protection for websites
Always-on DDoS protection automatically detects and mitigates attacks targeting websites and web applications.
DDoS protection for networks
On-demand or always-on protection against DDoS attacks that directly target your network infrastructure.
DDoS protection for networks can be used to defend entire subnets.
DDoS protection for domain name servers
Always-on DDoS protection for your Domain Name Server (DNS) against network and application layer assaults.
DDoS protection for domain name servers also accelerates DNS responses.
DDoS protection for IPs
Always-on DDoS protection against attacks targeting your Internet-facing websites or services hosted on a public cloud.

All-inclusive DDoS protection
Imperva DDoS protection supports Unicast and Anycast technologies, powering a many-to-many defense methodology. This automatically detects and mitigates attacks exploiting application and server vulnerabilities, hit-and-run events and large botnets.

3-second mitigation SLA
When DDoS strikes, it takes a targeted website moments to go down and hours to recover. Imperva offers the only service that has an SLA-backed guarantee to detect and block any website attack, of any size or duration — in 3 seconds or less.

High-capacity network
Our high-capacity global network holds over 6 Terabits per second of on-demand scrubbing capacity and can process over 65 billion attack packets per second. The Imperva network has successfully defended clients against some of the largest attacks on record.

Attack visibility
Imperva gives you visibility over attacks as they are happening and provides actionable insight into Layer 7 attacks. The Imperva security dashboard lets you quickly analyze attacks and adjust security policies on-the-go, to stop web application attacks.
Block any type of DDoS attack
Imperva proxies all web requests to block DDoS attacks from being relayed to client origin servers. Imperva detects and mitigates any type of attack, including:
- TCP SYN+ACK
- TCP FIN
- TCP RESET
- TCP ACK
- TCP ACK+PSH
- TCP Fragment
- UDP
- Slowloris
- Spoofing
- ICMP
- IGMP
- HTTP Flood
- Brute Force
- Connection Flood
- DNS Flood
- NXDomain
- Mixed SYN + UDP or ICMP + UDP Flood
- Ping of Death
- Smurf
- Reflected ICMP & UDP
- As well as other attacks