Cloud WAF Onboarding

Imperva Cloud WAF: Resource Bundle - Ask A Question

Imperva Cloud WAF is designed to work in blocking mode with little or no tuning and with near zero false positives. This resource bundle pulls together community discussions and resources into one easy place for you to access. It’s a collection of our resources to support you throughout your on-boarding process, as well as supplement your product education as you navigate the platform. 

Imperva Cloud WAF 101:
These are the top resources on the community recommended by our product experts: 
  • How to onboard a new site on Imperva Cloud WAF (video) Several customers have asked "How to onboard a new site on Imperva Cloud WAF?" In this video I will explain the steps on how to properly add a new website on Imperva cloud WAF, including on the SSL configuration. 
  • Best practices for Cloud WAF Settings (blog) Alert mode should only be used for websites that are subject to the “Cross Site Scripting Rule”. If your website is not subject to the rule and your security modules are set to “Alert Only”, your settings may not be meeting best practice. A walk through on how to do this is shown. 
  • How do I troubleshoot when my site is slow? (video) This video provides some basic troubleshooting steps to resolve issues when a page load time is long on Imperva Cloud WAF.
  • Imperva Insights: Video - Onboarding Cloud WAF - (video) In this video, we demonstrate and walk you through how to onboard your first website on Cloud WAF. We will provide you with a three minute demonstration and next steps.

Imperva Cloud WAF Advanced:
These are the top resources on the community that go more in-depth while you use Imperva Cloud WAF. If you are a developer and need help, these blog articles will help.
  • Imperva API Composer: Open Source On-Premise and Cloud WAF Automation (Blog) - In this Imperva Community Blog, Brian Anderson introduces API Composer: Efficient, On-Demand API Call Generation and Testing. Imperva API Composer gives on-premise Gateway WAF and Cloud WAF users the ability to quickly generate and test API calls interactively pre-populating contextual parameters between calls, as opposed to simply referring to documentation.
  • HashiCorp Terraform: Cloud-Agnostic Deployment and Provisioning for Imperva Cloud WAF (Blog)  - In this Imperva Community blog, Brian Anderson talks more about how to integrate Security as Infrastructure as Code with HashiCorp’s Terraform through Imperva's Github. 
  • Incapsula-CLI: An Easy-to-use Interface for Imperva’s Cloud WAF (Blog) - If you want to figure out how to use Incapsula-CLI, an open source project available on Imperva's Github repository, this Imperva Community blog is for you. The Incap-CLI can be used to automate repeatable tasks such as adding new sites, creating and managing security policies (alert, block, etc), defining application delivery rules to facilitate global load balancing, manipulating urls, or enriching headers to downstream origin servers.
  • Automated Certificate Management and Security Policy Migration Made Easy (Blog) - Imperva’s automated capabilities help users implement consistent security solutions and maintain operations at the speed of business. In this blog Brian Anderson answers questions around how to automate Certificate Uploads for On-Premises and Cloud WAF. He also talks about How to Migrate Policies from On-Premises Platforms to Cloud WAF though Imperva’s API Composer

Getting Started:
These are documents pulled by site to give you a more in-depth understanding on how to setup your Cloud WAF websites, rules, logs and more. 

Still can't find what your looking for?

Ask your fellow product users and experts in the Imperva Cyber Community!