Applies to: Imperva WAF
Imperva WAF (Web Application Firewall) provides user with advanced bot detection, and access control technologies to secure any website against known and emerging threats. This includes common web 2.0 threats, such as spammers, scrapers, and vulnerability scanners, in addition to sophisticated SQL Injection, Cross Site Scripting, and other application-level attacks.
Imperva WAF integrates with Netsurion SIEM to provide organizations with comprehensive data security analytics. Imperva WAF reports provided by Netsurion contain summaries of web attack activities, including cross-site scripting detection or DDoS (Distributed Denial of Service) attack detection.
Dashboards are the graphical representations of activities occurring in Imperva WAF. These dashboards can be a pie chart, or a bar diagram, or even a map. This allows user to view the key highlights of Imperva WAF detection events. Some of the dashboards includes, geo location of sources, action taken, etc.
Alerts such as, DDoS detection, SQL injection detection have been Identified, and are included in the knowledge packs. These alerts can be configured to forward emails to users/admin of Imperva WAF as soon as any suspicious events are detected.
Once Imperva WAF is configured to deliver events to Netsurion Manager, alerts, dashboards, and reports can be configured in Netsurion.
The configuration details are consistent with Netsurion version 9.x and later, and Imperva WAF.
To configure Imperva WAF to send logs to Netsurion, refer to the How-to Guide.
For more information please refer to the Integration guide.