Moved to Web gateway forum for more chance of an answer
MWG probably has the capability to handle web application analysis in the same way as you would expect from a product like Imperva in terms of analyzing the connections for specific criteria and then alerting, blocking or allowing based on that criteria, but the catch is that MWG does not have default configurations rules that you would find on a dedicated WAF. As a corollary, I can configure mod_security to perform WAF functions, but I'll have to make the effort to define every item/signature that I want to look for and/or find a good source for signatures.
So yes, the capability undoubtedly exists in terms of feature ability and traffic analysis ability, but the reality is that if you want to use MWG as a WAF you're going to have to do a lot of custom configurations as well as be an expert on every web attack that is possible so that you can define signatures/rules for that attack.
If there's some automatic MWG WAF rule set and or a WAF checkbox that I am not aware of, I'm sure someone will chime in with a clarification.
If there isn't and you need WAF functionality, you should define your requirements, analyze what your in-house staff can and cannot do and select the appropriate product based on that analysis.
Hope this helps.
Web Gateway has no included intrusion detection/prevention capabilities. But as btlyric mentioned, you could build your own analysis rules, but this would be very time consuming, complex and error prone.
If you need IDS/IPS capabilities, try McAfee Network Security Platform.