Imperva’s team of Support Engineers delivers technical assistance to you for all Imperva products, leveraging their SecureSphere expertise and deep knowledge of security and compliance. The team is positioned across the globe to provide 24x7x365 coverage, and can be contacted by phone, email, or online via our Self Service Support Portal.
Technical Support Services
Imperva offers five levels of technical support – Standard, Enhanced, Premium, Select and Select+ – that affords you the flexibility to select the plan that best meets your needs. All five programs include a formal escalation procedure that ensures effective resolution to all your issues and questions.
|Products Eligible||Non-production hardware appliances||All hardware appliances||All hardware appliances||All perpetual Imperva Products||All perpetual Imperva Products|
|Service Hours||8am to 6pm local time on work days||24x7x365||24x7x365||24x7x365||24x7x365|
|Customer Support Portal Access (Knowledge base, Incident tracking)||Yes||Yes||Yes||Yes||Yes|
|# of Authorized Customer Contacts||4||Unlimited||Unlimited||Unlimited||Unlimited|
|Hardware-only Appliance Refresh Eligibility||Yes||Yes||Yes|
|Priority Call Routing||Yes||Yes|
|Onsite Visits||Twice a year (T&E*)|
|Designated Single Point of Contact||Yes|
|Quarterly Business Review||Yes|
*Requires commitment to minimum annual support contract.
** The travel and expenses (T&E) for the trip(s) are not included in the Support fee and will be separately billed to the DSE customer.
Technical Account Manager
An Imperva Technical Account Manager (TAM) acts as an extension of your team. Imperva TAMs will come to understand your environment, setup, requirements, support history relating to all the Imperva products deployed across your environment. This engineer will deliver a combination of remote services to include assistance with the configuration of SecureSphere and Incapsula products and features, support, and technical account management functions.
- Support Lifecycle Policy
- Software Schedule
- Hardware Schedule
Imperva Product End-of-Life Information
Imperva takes great care in helping customers deploy Imperva products as effectively and efficiently as possible. To assist our customers, Imperva has established an End-of-Life Policy for all Imperva Appliances and Software products. Only customers with Imperva products that are currently covered by a valid Support contract are entitled to the benefits set forth by the End-of-Life Policy.
Disclaimer: Imperva may continue offering Support services beyond the standard EOL period and reserves the right to charge additional fees for continuing Support services on any EOL products. Imperva reserves the right to reduce or amend Support services offerings available for renewal under this policy at any time in its sole discretion, with or without notice. The terms and conditions of the Imperva Reseller Agreement, End User License Agreement, Master License and Services Agreement, as applicable, shall apply to this EOL Policy and, in the event of any conflicting terms the applicable written agreement will govern.
SecureSphere Software (prior to Version 12.0)
Imperva is committed to providing Support for SecureSphere Software products (prior to version 12.0)* for a minimum of two major Versions. After two subsequent major Versions are made generally available, Imperva will issue an EOL notification for the EOL Software Version. The EOL Software Version will reach End of Support (EOS) twelve months after the date of EOL notification.
Software EOL Timeline (SecureSphere releases prior to version 12) Milestone Description General availability date Date the Software Version is released. First subsequent major Version general availability date Date first subsequent major Version is released. End-of-Life Date Date Imperva announces the EOL for a Software Version. Notification of EOL will typically occur at the same time or soon after the second subsequent major Version is released. End-of-Support Date The last date Support will be offered for the EOL Software Version. The Software EOS date occurs twelve months after the EOL notification date. Customer should upgrade to a supported Version by the applicable EOS date.
* SecureSphere EX Events Platform is not available with SecureSphere prior to Version 12.0, and is not addressed in this Appendix C-1.
SecureSphere Software (Version 12.0 and Later)
For Imperva’s SecureSphere Software (Versions 12.0 and later), Imperva has updated its Software EOL Policy to provide longer Support timeframes. Effective with Version 12.0 of SecureSphere Software (except for its SecureSphere EX Events Platform, which is addressed below), Imperva will make Support available for a period of four (4) years from the date of the first software release of each generally available Version. The last day of this period is referred to as the End of Life – EOL date, and, upon expiration of this four-year period, will make Extended Support available for an additional, subsequent two-year period. The last day of this period is referred to as the End of Support – EOS date.
Support will no longer be available as of this EOL Date, and Extended Support will no longer be available as of this EOS Date. Imperva will provide applicable EOL/EOS dates with the generally available release of each major Version of the SecureSphere Software, and will send reminder announcements worldwide regarding EOL/EOS dates for each SecureSphere Software Version, eighteen (18) months prior to its applicable EOL and EOS dates.
EOL and EOS dates are based on the day a major version is made Generally Available (GA), regardless of subsequent Feature Packs or Maintenance Releases for that major version.
For additional information on Feature Packs and Maintenance Releases, and regarding SecureSphere release cadence from Version 12.0 and later, please refer to Appendix C-5.
Software EOL Timeline (SecureSphere version 12.0 and later)* Milestone Description General availability date Date of the first software release for a major Software Version. End-of-Life Date The last date Support will be offered. The EOL date for a particular SecureSphere Version occurs 48 months after the applicable date of its generally available release. The EOL date will be announced upon Version release, and another notification of impending EOL will be sent 18 months prior to EOL date.
Customers that do not want to rely upon Extended Support should upgrade to a more recent and supported SecureSphere Version prior to the applicable EOL date.
End-of-Support Date The last date Extended Support will be offered. The EOS date for a particular SecureSphere Version occurs 72 months after the applicable date of its generally available release, and 24 months after the applicable EOL date. The EOS date will be announced upon Version release, and another notification of impending EOS will be sent 18 months prior to EOS date.
Customers should upgrade to a supported Version by the applicable EOS date.
Extended Support is described and compared to Support in the following table:
Support Entitlement Support Extended Support Technical support on configuration and installation of Appliance via email and telephone Available Available Knowledgebase: Product-specific information that is available by logging into the Imperva Customer Portal Available Available Security updates: Access to Imperva Defense Center attack signature updates and Imperva ThreatCloud intelligence Available Custom fixes available for additional fee Non-security update: Software support, upgrades, hotfixes, and patches Available Custom fixes available for additional fee SecureSphere EX Events Platform EOL Timeline (SecureSphere Version 12.0 and Later) Milestone Description General availability date Date the Version is released. First subsequent Version general availability date Date first subsequent Version is released. End-of-Life notification date Date Imperva announces the End-of-Life date, which includes the upcoming EOS date for the Version. This notification will typically occur at the same time or soon after the first subsequent Version is released. End-of-Support date For the SecureSphere EX Events Platform, the Software EOS date for a Version will be the later of: (a) one year from its general availability date, or (b) six (6) months from the End-of-Life date. Customer should upgrade to a supported Version by the applicable EOS date.
Imperva is committed to providing support for the CounterBreach Software product for twelve (12) months from the date the first subsequent version is released. Imperva will issue an EOS notification for the EOS Software Version at approximately the time of release of the first subsequent Version.
Each supported version of the CounterBreach Software will remain compatible with any then-supported versions of the corresponding SecureSphere Database Activity Monitor or SecureSphere File Activity Monitor.
Software EOL Timeline – CounterBreach Software Milestone Description General availability date Date the version is released. First subsequent major Version general availability date Date first subsequent version is released. End-of-Life date Date Imperva announces the End-of-Life date, which is the last day a Version will be offered for sale. Imperva typically announces the End-of-Life date at the same time or soon after the first subsequent version is released. End-of-Support date For CounterBreach Software, the End-of-Support date will be be 12 months after the End-of-Life date.
End-of-Life Policy for Appliances
Imperva hardware models reach the end of product life due to market requirements, technological innovations or replacement by products with new, more advanced technology. To ensure a smooth migration to new Imperva hardware platforms, Imperva will continue to support hardware sixty (60) months after the last date an Appliance is made generally available for order by a customer (“Last Order Date”). Accordingly, the EOL policy for Appliances is as follows:
- Imperva will issue an End-of-Life notification 90 days prior to the Last Order Date.
- Imperva will continue to support Appliances for sixty (60) months after the Last Order Date.
- During that sixty (60) month period, repair services or replacement parts will be available for all Appliances under valid Support contracts.
- During that sixty (60) month period, all standard technical support services, including access to the Imperva Customer Support Portal, and to phone and email support, will be available to customers with valid Support contracts.
End of Support Policy for Third-Party Products
Imperva products are designed for use with multiple databases, operating systems and other third-party products, up to their respective end-of-support dates as identified by the applicable third-party vendor.
Following the end-of-support date for a compatible third-party product, all versions of Imperva SecureSphere software then generally available and supported by Imperva under its Mainstream support program will be designed to continue to operate with the unsupported third-party product. However, Imperva will not provide any error corrections, bug fixes, agent upgrades/updates or new feature development for its software in order to facilitate operation with a third-party product, once that third-party product has reached its end-of-support date (as provided by the third-party vendor).
Please contact your vendor representative to confirm the end-of-support dates for that vendor’s respective third-party products.
Definition of Terms
"End-of-Life (EOL)" is a process that consists of a series of technical and business milestones and activities that, once completed, make a product obsolete. Once obsolete, the product is not sold, manufactured, improved, repaired, maintained, or supported.
"End-of-Support (EOS)" is the last date support will be offered and represents the final milestone in a product's lifecycle. Support contracts expire upon reaching product EOS.
"Appliance" means the physical Imperva hardware and its physical components on which the Software operates.
"Last-Order-Day (LOD)" is the last date to order the product through Imperva or affiliates.
"Maintenance" means the delivery of Upgrades and Updates.
"Version" means a version of the applicable Software made generally commercially available to customers, as designated by the first two numbers separated by a decimal point. For example, for releases designated 220.127.116.11 and 4.3.4, the version in each case shall be Version 4.3.
Imperva Software End-of-Life Schedule
Products Affected Software Version End of Support Date SecureSphere Web Application Firewall 5.x (see technical bulletin) January 31, 2011 SecureSphere Database Security Gateway 5.x (see technical bulletin) January 31, 2011 SecureSphere Database Monitoring Gateway 5.x (see technical bulletin) January 31, 2011 SecureSphere MX Management Server 5.x (see technical bulletin) January 31, 2011 SecureSphere Web Application Firewall 6.x (see technical bulletin) January 31, 2011 SecureSphere Database Security Gateway 6.x (see technical bulletin) January 31, 2011 SecureSphere Database Monitoring Gateway 6.x (see technical bulletin) January 31, 2011 SecureSphere MX Management Server 6.x (see technical bulletin) January 31, 2011 SecureSphere Web Application Firewall 7.x (see technical bulletin) January 31, 2013 SecureSphere Database Security Gateway 7.x (see technical bulletin) January 31, 2013 SecureSphere Database Monitoring Gateway 7.x (see technical bulletin) January 31, 2013 SecureSphere MX Management Server 7.x (see technical bulletin) January 31, 2013 SecureSphere Database Security, File Security and Web Application Security Products 8.x (see technical bulletin) May 31, 2014 SecureSphere MX Management Server 8.x (see technical bulletin) May 31, 2014 SecureSphere Database Security, File Security, Web Application Security Products and the MX Management Server 9.x (see technical bulletin) January 31, 2016 SecureSphere for Crossbeam 9.0, 10.0 (see technical bulletin) see associated bulletin SecureSphere Web Application Firewall, Database Firewall, and File Security Products, SharePoint Protection and the MX Management Server v10.x (v10.0.x and v10.5.x) (see technical bulletin) March 5, 2018 SecureSphere Web Application Firewall, Database Firewall, and File Security Products, SharePoint Protection and the MX Management Server v11.x (v11.0.x and v11.5.x) (see technical bulletin) June 15, 2019 SecureSphere Web Application Firewall, Database Firewall, and File Security Products, SharePoint Protection and the MX Management Server v12.x (v12.0.x and v12.5.x) 05-Feb-2017 + 72 month = Feb 2023
End-of-Support Date: SecureSphere Version occurs 72 months after the applicable date of its generally available release, and 24 months after the applicable EOL date.
v13.x 20-Mar-2018 + 72 month = March 2024 CounterBreach V1.x June,13 2018
Imperva Hardware End-of-Life Schedule
Appliance Characteristics Last Order Date End of Support Date SecureSphere model is G4, G8, G16 or MX and purchase date is between 2005 and January 2008 and chassis model is 1300, 1400, 1450 or 4850 January 31, 2008 January 31, 2011 SecureSphere model is G2, G4, G8, G16 or MX and purchase date is between January 2008 and July 2010 and chassis model is 3100, 3140, 1530 or 2500 July 31, 2010 July 31, 2015 SecureSphere model is X1000, X2000, or M100 December 31, 2013 January 31, 2019 SecureSphere model is X2500, X4500, X6500, or M150 April 15, 2015 April 15, 2020 SecureSphere X1010, X2010, and M110 October 25, 2017 October 25, 2022 SecureSphere model is X2510, X4510, X6510, X8510, X10K or M160 To be announced 5 years after Last Order Date SecureSphere model is X1020, X2020 or M120 To be announced To be announced
If Imperva SecureSphere is listed on a vulnerability alert, such as from CERT, the ADC publishes Security Responses to those alerts. Check this page to locate newly published Responses.
Imperva Security Response to Meltdown and Spectre Exploits (Side-Channel Attacks to CPU Privileged Memory)
On January 3, 2018 researchers from Google publicly disclosed three vulnerabilities against the privileged memory in modern CPU architectures. These vulnerabilities allow attackers to take advantage of CPU data cache timing that can be abused to efficiently leak information. Read this security advisory to learn how you can protect your organization and your Imperva implementations.
Imperva Security Response to ROBOT
On December 8, researchers disclosed ROBOT (Return Of Bleichenbacher's Oracle Threat), a new SSL security vulnerability that if exploited allows for decryption of certain SSL traffic. Read this security advisory to learn how you can protect your infrastructure from this vulnerability.
Imperva Security Response to a Variation of HTTP Parameter Pollution Attack
On Nov. 4th a possible bypass to the Imperva WAF was disclosed via email on public message board SECLISTS.ORG. Read this security advisory to learn how you can protect your organization and your Imperva WAF Implementation.
Imperva Security Response to CVE-2015-7547
Google has identified a security vulnerability, known as CVE-2015-7547 (glibc getaddrinfo stack-based buffer overflow) that has been classified as critical. This vulnerability puts DNS clients with certain versions of the glibc DNS client side resolver at risk, and could allow a remote attacker to perform a buffer overflow attack. Read this security advisory to learn how you can protect your organization and your Imperva SecureSphere implementation.
Imperva Security Response to CVE 2015-1635
Microsoft has issued a Security Bulletin, known as CVE-2015-1635, has been classified as critical. This HTTP.sys vulnerability puts users with certain versions of Windows and IIS at risk, and could allow a remote attacker to perform a buffer overflow attack. Read this security advisory to learn how you can protect your organization with Imperva SecureSphere and Imperva Incapsula.
Imperva Security Response to OpenSSL & TLS/RC4 Vulnerabilities
Two high-severity OpenSSL-related threats have recently been identified, CVE-2015-0291 which can theoretically create opportunities for DoS attacks against a server, and CVE-2015-0204 in which an attacker could theoretically force a user and server to downgrade to a set of export ciphers which are weak and outdated. Initial investigation shows that SecureSphere components are not vulnerable to these CVEs.
Imperva Security Response for CVE-2014-3566 - aka "POODLE"
Google researchers recently uncovered a security bug (CVE-2014-3566) that they say could allow hackers to steal data. The bug has been referred to in the press as "POODLE"", or "Padding Oracle On Downloaded Legacy Encryption". This vulnerability is a Man-In-The-Middle (MITM) attack which means a client-to-server session is being hijacked and then used in a malicious manner. This attack has been associated with SSLv3 connections, and could force TLS sessions to downgrade to SSLv3.
Imperva Security Response for CVE-2014-6271 – aka "Shellshock"
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment
Imperva Security Response for CVE-2014-0224
OpenSSL does not properly restrict processing of ChangeCipherSpec messages before version 0.9.8za, and in version 1.0.0 before 1.0.0m, and in version 1.0.1 before 1.0.1h.
Imperva Security Response for CVE-2014-0160 – aka "Heartbleed"
OpenSSL 1.0.1 before 1.0.1g does not properly handle Heartbeat Extension packets
Imperva Security Response for CVE-2011-4887
Under some configurations an attacker can invoke a XSS attack against the SecureSphere WAF management GUI by sending a request containing a maliciously crafted XSS vector to a web server protected by SecureSphere.
Imperva Security Response for CVE-2011-0767
Under some configurations an attacker can invoke a XSS attack against the SecureSphere management GUI by sending a request containing a maliciously crafted XSS vector to a web server protected by SecureSphere.
Imperva Security Response for CVE-2010-1329
It is possible to evade some of the detection mechanisms of the SecureSphere Web Application Firewall and Database Firewall by sending a specially crafted, extremely large request.
Imperva Security Response for VU#739224
The U.S. Computer Emergency Response Team (US-CERT) has reported a Web attack evasion technique using full-width and half-width Unicode characters intended to evade inspection by IDS/IPS/WAF security products.