We performed a comparison between F5 Advanced WAF and Imperva DDoS based on real PeerSpot user reviews.
Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Identification, ease of use, and ease of modifying it to most of our needs are valuable."
"The initial setup was was easy to install."
"F5 Advanced WAF has very good stability and scalability. Its initial setup was straightforward."
"The solution uses AI to protect against botnet attacks."
"It also has antivirus and DDoS mitigation capabilities. We have enabled these features."
"F5's user-friendly interface and seamless integration stand out as the most valuable features for us."
"Good dashboard and reporting."
"There is no need to worry about updating signatures because WAF will automatically update the signatures for you."
"This product is a reliable defense from malicious attacks on a network environment."
"The technical support is excellent."
"It's very pretty easy to onboard the URL."
"Technical support provides good, quick responses."
"Setup was straightforward, very simple. I only entered the domain and Incapsula returned the DNS data that I needed to change for the protection to be configured."
"There is no need to have an appliance in house for the services because it is on the cloud."
"Gives us the ability to trace each connection, and to have logs to be able to differentiate between a positive and a false-positive intruder action."
"Real-time monitoring is also a great tool, as you may watch several parameters in real time."
"While F5 Advanced WAF does limit the number of partners in certain regions to ensure successful business transactions, they could also benefit from expanding their partnerships and making it easier for more people to learn about and become experts in F5 Advanced WAF. By doing so, they could increase the reach and exposure of their solution, similar to how Cisco has become widely recognized in the security industry."
"F5 Advanced WAF could improve resource usage, it is CPU intensive. Additionally, adding automated remediation would be a benefit. For example, an easy button alerts us of the events that are occurring, and what we want to do at the time. An automated approach where somebody could be alerted very quickly. Instead of going and reconfiguring everything, an automated approach is what I'm looking at."
"You have to buy another module with an extra license, to have the authentication feature."
"For me, an area for improvement in F5 Advanced WAF is the reporting as it isn't so clear. The vendor needs to work on the reporting capability of the solution. What I'd like to see in the next release of F5 Advanced WAF is threat intelligence to protect your web application, particularly having that capability out-of-the-box, and not needing to pay extra for it, similar to what's offered in FortiWeb, for example, any request that originates from a malicious IP will be blocked automatically by FortiWeb. F5 Advanced WAF should have the intelligence for blocking malicious IPs, or automatically blocking threats included in the license, instead of making it an add-on feature that users have to pay for apart from the standard licensing fees."
"The solution should include protection against web page attacks like what is available in FortiWeb."
"The BIG-IQ is supposed to centralize the management for all of the boxes but it's not very effective."
"Compatibility with multiple cloud environments needs improvement. Both stability and scalability need to be improved."
"It should be a little bit easy to deploy in terms of the overall deployment session. One of our customers is a bit unhappy about the reporting options. Currently, it automatically deletes event logs after some limit if a customer doesn't have any external Syslog server. It is a problem for those customers who want to review event logs after a week or so because they won't get proper reports or event logs. They should increase the duration to at least a month or two for storing the data on the device. F5 is not a leader in Gartner Quadrant, which affects us when we go and pitch this solution. Customers normally go and take a look at such annual reports, and because F5 is currently not there as a leader, the customers ask about it even though we are saying it is good in all things. F5 is not known for something totally different or unique. They were a major player in ADP, and they are just rebranding themselves into security. They should improve or increase their marketing as a security company now. They have already started to do that, but they should do it more so that when it comes to security, customers can easily remember F5. At the moment, if we say F5, load balancing comes to mind. With rebranding and marketing, all customers should get the idea that F5 is now mainly focusing on the security part of it, and it is a security company instead of load balancing. This is the first solution that should come to a customer's mind for a web application firewall."
"The log analytics interface within Incapsula isn't really good. For example, if you have to get all logs from there, it's a very cumbersome process."
"I am not sure if this application has a policy where you can create your custom policy and run it as our firewall. We should have some ability to also create some custom policy, then run it as a firewall."
"The weakest point of Imperva is their first level of support, which should be improved. They should also improve the access and security logs viewing directly on the portal. I would like to see better access and security logs through the portal and not only through a SIM solution. Currently, if you want to explore your access and security logs from Imperva, you need a SIM tool or a SIM infrastructure on your side to do it. You can't do it manually or directly through the portal, which is a big problem for us. I had a call yesterday with Imperva for the roadmap, and I just told them this. They agreed that this is an improvement point from their side."
"A limited tool if you're looking to customize."
"Some maintenance must be performed by our IT team."
"The salespeople tend to exaggerate its capabilities, which can cost you money if you don't verify the information."
"It would be better if we were able to manage and apply changes to multiple websites/web applications, and search WAF logs for multiple websites, via the Incapsula dashboard."
"It's quite expensive."
F5 Advanced WAF is ranked 2nd in Web Application Firewall (WAF) with 55 reviews while Imperva DDoS is ranked 19th in Web Application Firewall (WAF) with 74 reviews. F5 Advanced WAF is rated 8.6, while Imperva DDoS is rated 8.8. The top reviewer of F5 Advanced WAF writes "Flexible configuration, reliable, and highly professional support". On the other hand, the top reviewer of Imperva DDoS writes "I like the content monitoring feature which I haven't seen in other WAF solutions". F5 Advanced WAF is most compared with Fortinet FortiWeb, Microsoft Azure Application Gateway, AWS WAF, Imperva Web Application Firewall and F5 BIG-IP Local Traffic Manager (LTM), whereas Imperva DDoS is most compared with Cloudflare, Akamai, Arbor DDoS, Radware DefensePro and AWS WAF. See our F5 Advanced WAF vs. Imperva DDoS report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
