We performed a comparison between F5 Advanced WAF and Microsoft Azure Application Gateway based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison of Results: Based on the parameters we compared, F5 Advanced WAF seems to be the superior solution. Our reviewers find that the questions concerning Microsoft Azure Application Gateway’s stability and scalability make it a riskier investment than F5 Advanced WAF.
"Provides good protection from attacks."
"Customers find the load balancer feature as the most valuable."
"I like all of the features, but the main one is the attack signatures."
"The most valuable features of the F5 Advanced WAF are the enhanced ASM and the performance. Additionally, the usability and effectiveness are very good."
"The support experience is better than average."
"The solution is easily accessible on mobile and laptop devices."
"The most valuable features of F5 Advanced WAF are SSL uploading, signature, and anomaly detection. It is overall a high-quality solution."
"The anti-bot protection is the solution's most valuable feature. Safe-guard or credential staffing are also useful features."
"Microsoft Azure Application Gateway gives us a lot of benefits, including domain mapping."
"We find it valuable because it is compatible with our existing Azure solution."
"The solution has built-in rules that reduce alerts and are easy to configure."
"Good customization; able to report and take action on alerts."
"Some of the key features of this solution are the low-level maintenance required, floating proxy service, and load balancing."
"We use the product in front-end and back-end applications to do the load balancing smartly."
"The health probe is pretty good for your backend health. It tells you whether it's communicating and talking to the endpoint correctly. It is quite useful."
"I like the tool's stability and performance."
"People who want to work with the device have to be pro in Linux"
"Nevertheless, F5 products are generally considered to be hard to deploy."
"It should be a little bit easy to deploy in terms of the overall deployment session. One of our customers is a bit unhappy about the reporting options. Currently, it automatically deletes event logs after some limit if a customer doesn't have any external Syslog server. It is a problem for those customers who want to review event logs after a week or so because they won't get proper reports or event logs. They should increase the duration to at least a month or two for storing the data on the device. F5 is not a leader in Gartner Quadrant, which affects us when we go and pitch this solution. Customers normally go and take a look at such annual reports, and because F5 is currently not there as a leader, the customers ask about it even though we are saying it is good in all things. F5 is not known for something totally different or unique. They were a major player in ADP, and they are just rebranding themselves into security. They should improve or increase their marketing as a security company now. They have already started to do that, but they should do it more so that when it comes to security, customers can easily remember F5. At the moment, if we say F5, load balancing comes to mind. With rebranding and marketing, all customers should get the idea that F5 is now mainly focusing on the security part of it, and it is a security company instead of load balancing. This is the first solution that should come to a customer's mind for a web application firewall."
"There should be more ability to rate limit certain scenarios. The majority of the time, it is either on or off. For certain types of use cases, there should be the ability to rate limit, not just enable or disable."
"The administrator's user interface and some of the settings can sometimes be very complicated to understand."
"I would like to see additional controls."
"The delay times on firmware patches and software updates could be better and improved."
"The BNS module needs improvement."
"The monitoring on the solution could be better."
"Scalability can be an issue."
"The solution has many limitations. You cannot upgrade the VPN to the application gateway. So I started with version one, which has limited capabilities, and they provided version two. And unfortunately, I cannot upgrade from v one to v two like other services. So I have to decommission the version one and create a new one with version two. Also the version one was complex with the certificates uploading the SQL certificates."
"There is room for improvement in the pricing model."
"One of the challenges we faced was the solution does not support any other PCP protocols apart from HTTP and HTTPS."
"It does not have the flexibility for using public IPs in version 2."
"Microsoft Azure Application Gateway's first deployment is complex. It needs to improve its pricing."
"The solution could improve by increasing the performance when doing updates. For example, if I change the certificate it can take 30 minutes. Other vendors do not have this type of problem."
More Microsoft Azure Application Gateway Pricing and Cost Advice →
F5 Advanced WAF is ranked 2nd in Web Application Firewall (WAF) with 55 reviews while Microsoft Azure Application Gateway is ranked 3rd in Web Application Firewall (WAF) with 40 reviews. F5 Advanced WAF is rated 8.6, while Microsoft Azure Application Gateway is rated 7.2. The top reviewer of F5 Advanced WAF writes "Flexible configuration, reliable, and highly professional support". On the other hand, the top reviewer of Microsoft Azure Application Gateway writes "High stability with built-in rules that reduce alerts and are easy to configure". F5 Advanced WAF is most compared with Fortinet FortiWeb, AWS WAF, Imperva Web Application Firewall, F5 BIG-IP Local Traffic Manager (LTM) and Prisma Cloud by Palo Alto Networks, whereas Microsoft Azure Application Gateway is most compared with AWS WAF, Citrix NetScaler, Azure Front Door, Cloudflare Web Application Firewall and HAProxy. See our F5 Advanced WAF vs. Microsoft Azure Application Gateway report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
