Imperva WAF Gateway (previously SecureSphere) Common Questions

👆 Search ABOVE for any product questions 👆

👆Imperva On-Premesis V14.2: SNMPv3👆

WAF Gateway inspects and analyzes all requests to your websites and APIs and protects them from attacks aimed at exploiting vulnerabilities and from automated attacks. In this Imperva Community resource bundle, we find the most common questions asked about the product. These Q&A's, community blogs and video's help customers and partners get through the most out of their products. WAF Gateway Versions, Upgrades, and other common customer questions, videos and blogs on the community that address issues that are faced everyday. 

Community Discussion on WAF Gateway 
In this section, you will find some of the answers to the questions, but not the full detail. Click on the link to get the entire answer to the question. 

  • Smallshell ASP Webshell Upload Detection (Would like to know are Imperva WAF protect the small shell detection?) - There is a policy named as "Malicious File Upload", it may help you with some modification regarding your case. The details of the policy are below... (Discussion)

  • How long Imperva will update a signature on ADC since a CVE is published? - The Imperva Application Defense Center (ADC) is a premier research organization that provides security analysis, vulnerability discovery, and compliance expertise. ADC research combines extensive lab work with hands-on testing in real world environments to ensure that Imperva products, through advanced data security technology, deliver up-to-date threat protection and unparalleled compliance automation..... (Discussion) 
  • How can I tell if the Encryption Support is working properly (decrypts and inspects)? In bridge mode the traffic will pass through the GW with no impact due to expired keys. What may be impacted is inspection. If the key pair used in the expired cert is still valid then decryption will occur. If there have been changes to how the  cert is generated which impact the key pair then decryption is not possible. You would see alerts in the MX UI indicating decryption failed due to the cert used.. (Discussion)
  • Imperva WAF Deployment - What are some best practices? Planning 
    - Know your application - is it all SSL or a mix of non-SSL and standard port 80 traffic 
    -  Does the HTTP/S traffic use DHE based ciphers - if they do you will need to plan on deploying Reverse proxy 
    - WAF in bridge mode cannot decrypt/monitor DHE encrypted connections due to the algorithm used  (Discussion)
  • How do you unlock an SSH user? - This means that your account is locked due to retrying the wrong password after 6 attempts. The account will automatically be unlocked after 30 minutes for you to retry. If you don't remember your password please follow the below instructions to reset or unlock your account... (Discussion)

Community Blogs on Imperva WAF Gateway

  • Steps for Enabling Imperva WAF Gateway Alert Logging to Azure Sentinel - This document will provide the necessary steps to enable logging of Imperva WAF Gateway Security Alerts to the Azure Sentinel solution.The first step of the process is to define a new Action Interface. This is accomplished by navigating to Admin -> System Definitions –> Action Interfaces.
  • Imperva API Composer: Open Source On-Premise and Cloud WAF Automation - Integrating security into your application provisioning process is easy with Imperva’s open source API Composer tool, available on GitHub. Imperva’s on-premise Gateway WAF and Cloud WAF technologies can help protect both external and internally facing business critical applications, but introducing security can not break the current deployment processes used by the business.  Adding security into your CI/CD and application provisioning process can be easy when leveraging APIs to do so. (Blog)
  • Imperva Product Updates - Imperva On-Premises Version 14.1 Release - Version 14.1 for Imperva On-Premises products was released on April 6th 2020. In this release one of the major changes was the underlying operating system update, which allows Imperva products newer Cloud instances support, security hardening and introducing Next Generation Reverse Proxy, as a new deployment mode for Imperva On-Premises WAF. (Blog)
  • Imperva Product Updates - Imperva Mitigation of HTTP Request Smuggling attacks - Imperva Release Notes provide information on changes and enhancements to our Cloud WAF product in each release. In October 2019 a series of changes were implemented to protect Imperva Cloud WAF customers against HTTP Request Smuggling attacks (learn more here). Further updates have been made over the past 60 days; these changes have also been detailed in in Release Notes. This article will explain recent updates, detail the attack technique that precipitated them and explain why it is important to be protected against such attacks. (Blog)
  • Imperva Product Updates - Chromium SameSite Cookie Attribute Update - As of February 2020, Google Chrome and other Chromium-based browsers have stopped sending third-party cookies in cross-site requests unless the cookies are secured and flagged using an IETF standard called SameSite. This article provides an information for Imperva On-Prem WAF customers about the change and how to make sure this functionality is supported.... (Blog)
  • How to configure Imperva WAF Reverse Proxy mode -In this blog, you will find 10 quick steps allowing you to configure basic Reverse Proxy mode using Imperva WAF for HTTP and HTTPS traffic and also a video with a walkthrough of the configuration process. What is a proxy? What is the difference between Reverse and Forward proxy? (Blog)

Still can't find what your looking for? Login to the Imperva Community