Recently, I wrote a bit of a rant about the ins and outs of protecting your website from Zombie hackers, malicious code snakes and spammers in Keep Bleep’n Website Zombie Hackers Out. The key takeaway was that business leaders need to embrace the fact that our websites will be attacked by one or all of these things in the future. Website owners need to implement a defense or be left skinned and violated like the Cyclopee illustration suggests. Having a broken website is not fun, and cyber criminals steal value, traffic and dollars from businesses everyday. Turning a cheek in denial is not an option anymore. I have been looking for better website security solutions, and I am taking a closer look at Incapsula’s Website Security protection service.
Incapsula is a cloud-based maximum security & performance content delivery network (CDN) and protective filtering service that sets up a defense from SQL injections, scrapers, and malicious bots for any website. They add an additional layer of optimization giving your site a bit of a speed boost in addition to blocking comment spam and the latest web attacks and DDoS attacks. If you operate an e-commerce site, they also have simple Payment Card Industry (PCI) protection. The way it works is that you switch your DNS over to Incapsula and your traffic is forced through one of many Incapsula data centers located around the world. Once it is filtered for security, it is then passed through to your website visitors.
With so many companies to choose from, you might wonder why you should choose Incapsula. For me, it really comes down to three reasons.
3 Reasons To Choose Incapsula For Your Website Security
Incapsula uses its global CDN network to diminish the “physical” distance between the used and the server. They have 11 POPs scattered all around the world. This has a lot of impact on page load time. Their system also automatically optimizes web objects and compresses (Gzip) files. This is a nice feature that most providers don’t offer.
When it comes to acceleration, Incapsula really shines when it comes to caching. Granted, many providers have caching features, but they are usually limited by the need for directives from website’s owners. Incapsula overcomes this limitation by using their own unique patent-pending intelligent caching algorithm. By monitoring each visitor’s behavior patterns, their system can independently identify cachable objects. This feature is a real game changer when used on dynamic sites (e-commerce, forums etc.) since typically most objects on such sites cannot be cached.
Currently Incapsula is the only Cloud WAF provider that offers PCI DDS compliancy. Incapsula was recently tested and compared to Cloudflare. Overall, 42 tests were performed and Incapsula passed 41 out of 42. Cloudflare passed 1 out of 42. You can read more about that on Protecting Your Website – CloudFlare or Incapsula?.
What makes Incapsula unique here is, once again, their precision and ability to identify an online threat. While others will use “user repelling” mitigation tactics like delay pages and CAPTCHAs, Incapsula employs seamless mitigation techniques which are based on smart identification of user behaviors and signatures.
Most DDoS attacks rely on bots, and you can distinguish them from legitimate users with CAPTCHAs, but you’ll lose traffic while doing so. Incapsula recognizes 99.9% of their visitors by monitoring their signatures, behaviors and by performing seamless challenges (trying to get them to execute JS or store a cookie, something that bots just can’t do). For non-bot DDoS, they have their +200GBs network which can swallow threats as they arise, still with no disruption to the site’s visitors.
Incapsula Monitoring and User-Interface
Incapsula saves you time and keeps you informed by monitoring and sending you real-time reports and notifications when anything is amiss on your website. This is an excellent feature for any business! Knowing about potential problems before they get worse is always better than finding out about them after they occur. I will take a proactive plan of defense over a reactive plan of defense any day.
The Incapsula dashboard has easy-to-read graphic reports and charts to easily review the information you need. It has been compared to the Google Analytics dashboard for ease-of-use and readability. Beyond the information about security breach attempts, it gives you real-time human visitor traffic stats (separate from the bot info), performance statistics, how much bandwidth you are using each day and threat reports.
Incapsula has a plan for everyone so I see no reason to not try it, and then if you love it you can pay for more services. The first plan is a no cost plan. If you want more service, you might start with a $9 a month plan. The service goes up to the Enterprise level of security which is based on your unique business needs. It takes under 5 minutes to get started no matter your skill level with technology.
Header Image Credit: [Tanoshiboy Art]