Prisma Cloud is praised for its competitive pricing, ease of deployment, comprehensive security capabilities, and top-notch customer service. On the other hand, F5 Advanced WAF receives mixed opinions on pricing, setup cost, and licensing, but is valued for its robust security features, customizable policies, and responsive customer support.
The summary above is based on 138 interviews we conducted recently with Prisma Cloud by Palo Alto Networks and F5 Advanced WAF users. To access the review's full transcripts, download our report.
"F5's user-friendly interface and seamless integration stand out as the most valuable features for us."
"The most valuable features of F5 Advanced WAF are SSL uploading, signature, and anomaly detection. It is overall a high-quality solution."
"The most valuable features of F5 Advanced WAF are the balancer and you can change policies very easily."
"Good technology for mitigating different application attacks, e.g. DDoS, DNS, and layer seven attacks."
"This solution inspects your traffic and based on that, automatically create distinct qualities for you, so you can add this to the policy already created. That's what I like most."
"The most valuable feature is artificial intelligence and to get extra internal access."
"The most valuable feature of F5 Advanced WAF is its ability to have a pool of resources that can distribute your traffic, and that is a plus for me. My company tried to look into a competitor, Imperva, but it was lacking that capability, so F5 Advanced WAF outperforms Imperva."
"The solution is stable."
"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."
"It also provides us with a single tool to manage our entire cloud architecture. In fact, we are using a multi-account strategy with our AWS organization. We use Prisma as a single source of truth to identify high- or medium-severity threats inside our organization."
"CSPM is the most valuable feature for any organization that runs its workloads in the cloud."
"CSPM is very useful because it gives us good policies and violation alerts."
"It supports the multi-cloud environment beautifully."
"Most of the customers we are tackling have different tools and solutions, like Qualys, Nessus, and vulnerability management assessment solutions. There are plugins for them, and we can integrate Prisma Cloud with them. We can enrich our telemetry with their data and use the predefined correlation rules in Prisma Cloud. That means we have that work done in seconds."
"Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them."
"In addition to that, I can get a snapshot of what I deemed were the priority vulnerabilities, whether it was identity access management, key rotation, or secrets management. Whatever you deem to be a priority for mitigating threats for your environment, you can get that as a snapshot."
"Compatibility with multiple cloud environments needs improvement. Both stability and scalability need to be improved."
"The solution could improve by having an independent capture module. It has a built feature that you can deploy the capture on your published website. However, it's not very user-friendly. When you compare this feature to Google Capture or other enterprise captures, they are very simple. It needs a good connection to the F5 Advanced WAF sandbox. When you implement this feature in the data center, you may suffer some complications with connecting to the F5 Advanced WAF sandbox. This should be improved in the future."
"The BNS module needs improvement."
"The accuracy of the automatic learning feature needs improvement."
"The BIG-IQ is supposed to centralize the management for all of the boxes but it's not very effective."
"I would like to see the API Protection improved."
"I would not expect traffic details to pass through the web application firewall across the length of the whole application. I think that there is a web application where it can let the application function without traffic going in into the WAF."
"People who want to work with the device have to be pro in Linux"
"They are missing some compatibility details in their documentation."
"Areas like the deployment of their defenders and their central control need manual intervention. They should focus more on automation. They have a very generic case for small companies. However, for bigger companies to work, we have to do a lot of changes to our system to accommodate it. Therefore, they should change their system or deployment models so it can be easy to integrate into existing architectures."
"This solution is more AWS and Azure-centric. It needs to be more specific on the GCP side, which they are working on."
"The information presented in the UI sometimes doesn't look intuitive enough."
"One definite area for improvement is the auto-remediation or the CWP area. The second one is the RQL language. It is still not very flexible and does not cover a lot of use cases. The RQL language could be dramatically improved to add more options."
"When it comes to protecting the full cloud-native stack, it has the right breadth. They're covering all the topics I would care about, like container, cloud configuration, and serverless. There's one gap. There could be a better set of features around identity management—native AWS—IAM roles, and service account management. The depth in each of those areas varies a little bit. While they may have the breadth, I think there's still work to do in flushing out each of those feature sets."
"They can improve the integrations into the SDLC lifecycle."
"When it comes to compliance, the issue is that when we are exporting the reports, there is only a single compliance option. If I need to report on multiple compliance requirements, that feature isn't available. For example, I made a single report for ISO 27000 but I can't correlate it with GDPR."
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
F5 Advanced WAF is ranked 2nd in Web Application Firewall (WAF) with 55 reviews while Prisma Cloud by Palo Alto Networks is ranked 5th in Web Application Firewall (WAF) with 82 reviews. F5 Advanced WAF is rated 8.6, while Prisma Cloud by Palo Alto Networks is rated 8.4. The top reviewer of F5 Advanced WAF writes "Flexible configuration, reliable, and highly professional support". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". F5 Advanced WAF is most compared with Fortinet FortiWeb, Microsoft Azure Application Gateway, AWS WAF, Imperva Web Application Firewall and Azure Front Door, whereas Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and AWS WAF. See our F5 Advanced WAF vs. Prisma Cloud by Palo Alto Networks report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
