👆 Search ABOVE for any product questions 👆

👆Imperva On-Premesis V14.2: SNMPv3👆

WAF Gateway inspects and analyzes all requests to your websites and APIs and protects them from attacks aimed at exploiting vulnerabilities and from automated attacks. In this Imperva Community resource bundle, we find the most common questions asked about the product. These Q&A's, community blogs and video's help customers and partners get through the most out of their products. WAF Gateway Versions, Upgrades, and other common customer questions, videos and blogs on the community that address issues that are faced everyday. 


Community Discussion on WAF Gateway 
In this section, you will find some of the answers to the questions, but not the full detail. Click on the link to get the entire answer to the question. 

• We currently use SecureSphere version 12.5 On-Demand from the AWS market place. We are looking at moving to version 14. Do we need to subscribe again using the following link? You should not need to re-register, you will simply use the new AMI as detailed in the docs at Upgrading an MX (Discussion)

• Smallshell ASP Webshell Upload Detection (Would like to know are Imperva WAF protect the small shell detection?) - There is a policy named as "Malicious File Upload", it may help you with some modification regarding your case. The details of the policy are below... (Discussion)

• How long Imperva will update a signature on ADC since a CVE is published? - The Imperva Application Defense Center (ADC) is a premier research organization that provides security analysis, vulnerability discovery, and compliance expertise. ADC research combines extensive lab work with hands-on testing in real world environments to ensure that Imperva products, through advanced data security technology, deliver up-to-date threat protection and unparalleled compliance automation..... (Discussion) 

• Imperva Securesphere in Bridge mode (In-line mode) does not DHE Cipher suites - DHE is specifically designed to prevent sniffing.  You can only decrypt DHE if you are terminating the session (so you can't use regular Bridge Mode to monitor DHE traffic).  You need to use another mode/architecture (such as Kernel Reverse Proxy (KRP)).... (Discussion)

• Reset Imperva GW user to default password for versions 12.0 and above - 1. Connect to the Gateway via SSH using root user, 2. Stop GW #impctl gateway stop, 3. Change "Imperva" user password  #impctl gateway password config --password=XXXXXX... (Discussion)

• Transparent Reverse Proxy - Is it necessary to enable TRP to inspect HTTPS traffic ? - TRP is only necessary if you want to inpect HTTPS traffic that uses Diffie-Hellman key exchange. If your site use only RSA key exchange, no need for TRP... (Discussion) 

• Packet capture through CLI, Please share the command to take packet capture with filter source ip, dst ip, port , interface etc. From an elevated command prompt, first execute: tcpdump_on This will enable the mechanism required to capture packets on the bridge interfaces. By default, bridges are built as follows........(Discussion)

• disable tls version 1.0 and 1.1 imperva, We have requirement to disable TLS version in existing Imperva Devices - Before you do this, test it first in non production, and make the change during a maintenance window.... (Discussion)

• How can I tell if the Encryption Support is working properly (decrypts and inspects)? In bridge mode the traffic will pass through the GW with no impact due to expired keys. What may be impacted is inspection. If the key pair used in the expired cert is still valid then decryption will occur. If there have been changes to how the  cert is generated which impact the key pair then decryption is not possible. You would see alerts in the MX UI indicating decryption failed due to the cert used.. (Discussion)

• Imperva WAF Deployment - What are some best practices? Planning 
  - Know your application - is it all SSL or a mix of non-SSL and standard port 80 traffic 
  -  Does the HTTP/S traffic use DHE based ciphers - if they do you will need to plan on deploying Reverse proxy 
  - WAF in bridge mode cannot decrypt/monitor DHE encrypted connections due to the algorithm used  (Discussion)

• How do you unlock an SSH user? - This means that your account is locked due to retrying the wrong password after 6 attempts. The account will automatically be unlocked after 30 minutes for you to retry. If you don't remember your password please follow the below instructions to reset or unlock your account... (Discussion)

Community Blogs on Imperva WAF Gateway

• Steps for Enabling Imperva WAF Gateway Alert Logging to Azure Sentinel - This document will provide the necessary steps to enable logging of Imperva WAF Gateway Security Alerts to the Azure Sentinel solution.The first step of the process is to define a new Action Interface. This is accomplished by navigating to Admin -> System Definitions –> Action Interfaces.
• Imperva API Composer: Open Source On-Premise and Cloud WAF Automation - Integrating security into your application provisioning process is easy with Imperva’s open source API Composer tool, available on GitHub. Imperva’s on-premise Gateway WAF and Cloud WAF technologies can help protect both external and internally facing business critical applications, but introducing security can not break the current deployment processes used by the business.  Adding security into your CI/CD and application provisioning process can be easy when leveraging APIs to do so. (Blog)

• Imperva Product Updates - Imperva On-Premises Version 14.1 Release - Version 14.1 for Imperva On-Premises products was released on April 6th 2020. In this release one of the major changes was the underlying operating system update, which allows Imperva products newer Cloud instances support, security hardening and introducing Next Generation Reverse Proxy, as a new deployment mode for Imperva On-Premises WAF. (Blog)

• Imperva Product Updates - Imperva Mitigation of HTTP Request Smuggling attacks - Imperva Release Notes provide information on changes and enhancements to our Cloud WAF product in each release. In October 2019 a series of changes were implemented to protect Imperva Cloud WAF customers against HTTP Request Smuggling attacks (learn more here). Further updates have been made over the past 60 days; these changes have also been detailed in in Release Notes. This article will explain recent updates, detail the attack technique that precipitated them and explain why it is important to be protected against such attacks. (Blog)

• Imperva Product Updates - Chromium SameSite Cookie Attribute Update - As of February 2020, Google Chrome and other Chromium-based browsers have stopped sending third-party cookies in cross-site requests unless the cookies are secured and flagged using an IETF standard called SameSite. This article provides an information for Imperva On-Prem WAF customers about the change and how to make sure this functionality is supported.... (Blog)
• How to configure Imperva WAF Reverse Proxy mode -In this blog, you will find 10 quick steps allowing you to configure basic Reverse Proxy mode using Imperva WAF for HTTP and HTTPS traffic and also a video with a walkthrough of the configuration process. What is a proxy? What is the difference between Reverse and Forward proxy? (Blog)

Still can't find what your looking for? Login to the Imperva Community

CLICK 👉 HERE 👈 TO ASK YOUR QUESTION.