Does anybody know what are the capabilities of MARS to support Imperva FireWalls? Maybe someone has this type of FW in their MARS environment? I am concerning about pulling as much info as possible to CS-MARS from this device. I would appreciate if some would share their experience with me.
CS-MARS does not natively support the Imperva firewall. This means out-of-the-box, CS-MARS cannot parse any messages received by this device. You could create your own custom device using the CS-MARS Device Support Framework (DSF). This requires creating custom parsers for the various messages you wish to have CS-MARS parse and map to a CS-MARS event. This process is outlined here:
There is also a custom device package sharing forum here in the community:
I do not currently see any discussion in that forum regarding the Imperva firewall.