We performed a comparison between AWS WAF and Microsoft Azure Application Gateway based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, AWS WAF has a slight edge over Microsoft Azure Application Gateway. Our reviewers found Microsoft to have challenges with stability, scalability, and support.
"What I like best about AWS WAF is that it's a simple tool, so I could understand the basics of AWS WAF in two to three hours."
"The most valuable aspect is that it protects our code. It's a bit difficult to overwrite code in our application. It also protects against threats."
"The most valuable feature is the scalability because it automatically scales up or scales down as per our requirements."
"We can host any DB or application on the solution."
"Rule groups are valuable."
"AWS WAF has a lot of integrated features and services. For example, there are security services that can be integrated very well for our customers."
"The security firewall plus the features that protect against database injections or scripting,"
"It is a one-click WAF with no effort needed."
"The solution has built-in rules that reduce alerts and are easy to configure."
"Load balancing and web application firewall features are the most valuable."
"The production is a valuable feature."
"The most valuable feature of the solution is traffic management."
"WAF feature replicates the firewall."
"The most valuable feature is WAF."
"We use the product in front-end and back-end applications to do the load balancing smartly."
"Microsoft Azure Application Gateway gives us a lot of benefits, including domain mapping."
"Technical support for AWS WAF needs improvement."
"The solution is cloud-based, and therefore the billing model that comes with it could be more intuitive, in my opinion. It's very easy to not fully understand how you tag things for billing and then you can quite easily run up a high bill without realizing it. The solution needs to be more intuitive around the tagging system, which enables the billing. Right now, I have a cloud architect that does that on our behalf and it isn't something that a business user could use because it still requires quite a lot of technical knowledge to do effectively."
"The solution could improve by having better rules, they are very basic at the moment. There are more attacks coming and we have to use third-party solutions, such as FIA. The features are not sufficient to prevent all the attacks, such as DDoS. Overall the solution should be more secure."
"I would like to see it more tightly integrated with other AWS services."
"The serverless product from AWS WAF could be improved. For example, they have only one serverless series, Lambda, but they should extend and improve it. Additionally, the firewall rules are not very easy to configure."
"I would like to be able to view a graphical deployment map in the user interface that will give me an overview of the configuration and help to determine whether I have missed any steps."
"On the UI side, I would like it if they could bring back the geolocation view on the corner."
"In a future release of this solution, I would like to see additional management features to make things simpler."
"The security of the product could be adjusted."
"There is room for improvement in the pricing model."
"The working speed of the solution needs improvement."
"The support provided for the solution has certain shortcomings that need improvement, especially when it comes to the response time from the support team."
"The solution has many limitations. You cannot upgrade the VPN to the application gateway. So I started with version one, which has limited capabilities, and they provided version two. And unfortunately, I cannot upgrade from v one to v two like other services. So I have to decommission the version one and create a new one with version two. Also the version one was complex with the certificates uploading the SQL certificates."
"The pricing of the solution could be improved. Right now, it's a bit expensive."
"The solution doesn’t support wildcard-based and regular expression-based rules."
"Application Gateway’s limitation is that the private and the public endpoint cannot use the same port."
More Microsoft Azure Application Gateway Pricing and Cost Advice →
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Microsoft Azure Application Gateway is ranked 3rd in Web Application Firewall (WAF) with 38 reviews. AWS WAF is rated 8.0, while Microsoft Azure Application Gateway is rated 7.2. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Microsoft Azure Application Gateway writes "High stability with built-in rules that reduce alerts and are easy to configure". AWS WAF is most compared with Azure Web Application Firewall, F5 Advanced WAF, Imperva Web Application Firewall, Fortinet FortiWeb and Cloudflare Web Application Firewall, whereas Microsoft Azure Application Gateway is most compared with Citrix NetScaler, Azure Front Door, F5 Advanced WAF, Cloudflare Web Application Firewall and HAProxy. See our AWS WAF vs. Microsoft Azure Application Gateway report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.