We performed a comparison between AWS WAF and Cloudflare based on real PeerSpot user reviews.
Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is that it is very easy to configure. It just takes a couple of minutes."
"I believe the most impressive features are integration and ease of use. The best part of AWS WAF is the cloud-native WAF integration. There aren't any hidden deployments or hidden infrastructure which we have to maintain to have AWS WAF. AWS maintains everything; all we have to do is click the button, and WAF will be activated. Any packet coming through the internet will be filtered through."
"The solution's initial setup process is easy."
"The most valuable features are the geo-restriction denials and the web ACL."
"The most valuable feature of AWS WAF is the extra layer of security that I have when connecting to my web applications."
"The ability to take multiple data sets and match those data sets together is the solution's most valuable feature. The data lake that comes with it is very useful because that allows us to match data sets with different configurations that we wouldn't normally be able to match."
"AWS WAF has a lot of integrated features and services. For example, there are security services that can be integrated very well for our customers."
"AWS WAF is very easy to use and configure on AWS."
"Smaller businesses have seen great ROI due to the low investment and strong performance."
"The simplicity of the overall dashboard makes it a great product for a user like me who has less understanding of the internet than a developer or other more technical people. It gives me peace of mind. I also love the easy customization of the Page Rules."
"From what I've seen so far, there are no negatives to report as of yet"
"DDoS attacks target unprotected machines. Cloudflare detects and stops these attacks using internal systems. It identifies incoming DDoS attacks, issuing challenges or blocking them immediately."
"The solution provides good load balancing and protection against DDoS attacks."
"The solution offers the flexibility to control configuration rules."
"The most valuable feature is the web application firewall."
"It's very user-friendly."
"When users choose the free service, there isn't great support available to them."
"The price could be improved."
"AWS WAF would be better if it uses AI or machine learning to detect a potential attack or a potential IP that creates an attack even before it happens. I want AWS WAF to capture the IP and automatically write the rule to automate the entire process."
"The solution could improve by having better rules, they are very basic at the moment. There are more attacks coming and we have to use third-party solutions, such as FIA. The features are not sufficient to prevent all the attacks, such as DDoS. Overall the solution should be more secure."
"One area that could be improved is the DDoS protection."
"While the complexity of the installation can vary from one service to another, overall, I would say that it and the configuration and navigation are somewhat complex."
"The technical support does not respond to bugs in the coding of the product."
"It will be helpful if the product recommends rules that we can implement."
"The reporting can definitely be improved to offer a lot more explanation on something that may have happened or has actually happened."
"Latencies are always a problem."
"The product support needs to be accessible from more places, a wider area of coverage."
"It should have easier documentation for the configuration. It's very technical and people who aren't technical should also be able to do the configuration."
"We are a product integrator and reseller, and we would like to have a better partner relationship, similar to a channel sales relationship. Sometimes we are on our own or get diverted by Cloudflare because they have direct sales, which competes with us and makes it difficult to build a relationship with this company since we want to be an MSP or a managed service provider for the solution."
"We're facing challenges due to an upgrade in the machine learning model. The problem arises from some users abusing the APIs, resulting in an influx of suspicious traffic. Cloudflare's learning model mistakenly identifies this traffic as human. Consequently, it assigns it a higher trust score, akin to legitimate human traffic, causing complications in our architecture. Previously, such traffic would have been categorized as suspicious, enabling us to apply appropriate blocking rules. However, we encounter difficulties distinguishing between genuine and suspicious traffic with the new categorization. Despite these challenges, overall, Cloudflare remains the preferred solution compared to Azure, AWS CloudFront, and Google Cloud Armor."
"Even if I wanted to, I wouldn't be able to buy Cloudflare in my country."
"For the free and Pro plans, Cloudflare could use a simple bot to provide information to users. This would improve support, especially for less advanced users who utilize the free components."
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Cloudflare is ranked 1st in Distributed Denial of Service (DDOS) Protection with 56 reviews. AWS WAF is rated 8.0, while Cloudflare is rated 8.4. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Cloudflare writes "It's easy to set up because you point the DNS to it, and it's working in under 15 minutes". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, Imperva Web Application Firewall, F5 Advanced WAF and NGINX App Protect, whereas Cloudflare is most compared with Akamai, Azure Front Door, Imperva DDoS, Microsoft Azure Application Gateway and AWS Global Accelerator. See our AWS WAF vs. Cloudflare report.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.