We compared AWS WAF and F5 Advanced WAF based on our user's reviews in several parameters.
Users have praised AWS WAF for its effective protection against web application attacks, customizable rule sets, and affordable pricing. On the other hand, F5 Advanced WAF stands out for its robust security measures, advanced threat intelligence, and user-friendly interface. However, AWS WAF users appreciate the responsive customer support, while F5 Advanced WAF users value its seamless integration with existing systems. Both products have areas that need improvement, with AWS WAF users looking for better documentation and customization options, and F5 Advanced WAF users desiring a more intuitive interface and comprehensive support for troubleshooting.
Features: AWS WAF offers effective protection against web application attacks, easy setup and configuration, flexibility in setting rules, and integration with other AWS services. F5 Advanced WAF provides robust security measures, advanced threat intelligence, efficient traffic management, and customizable policies.
Pricing and ROI: The setup cost for AWS WAF is minimal, with a smooth and straightforward process. Users find the licensing flexible and customizable. On the other hand, F5 Advanced WAF also has a minimal setup cost, making installation hassle-free. Users appreciate the straightforward and easy-to-manage licensing., AWS WAF's ROI is reflected in increased security, reduced risks, and improved web threat protection. It also offers cost savings and efficient management. On the other hand, F5 Advanced WAF's ROI is seen in improved security, enhanced visibility, and reduced cyber threats. It effectively protects web applications for a safe user experience. Overall, both products deliver valuable and beneficial ROI.
Room for Improvement: AWS WAF users have requested better documentation and detailed instructions for users with limited technical expertise. They also want a more user-friendly interface, enhanced customization options, and greater flexibility in configuring rule sets. F5 Advanced WAF users have expressed concerns about a lack of user-friendly interface, complexity in configuration, and a need for improved documentation and better support for troubleshooting and resolving issues. Overall, they desire a more streamlined and intuitive experience.
Deployment and customer support: Based on user feedback, it is necessary to consider the duration required for different phases of implementing a new tech solution. For AWS WAF, users mentioned distinct timeframes for deployment and setup, while for F5 Advanced WAF, users mentioned similar timeframes for deployment and setup., AWS WAF's customer service is consistently praised for being excellent and highly responsive. Users appreciate the knowledgeable support team who go above and beyond. On the other hand, F5 Advanced WAF's support has received positive feedback for their prompt and helpful assistance.
The summary above is based on 56 interviews we conducted recently with AWS WAF and F5 Advanced WAF users. To access the review's full transcripts, download our report.
"The solution is stable."
"Stable and scalable web application firewall. Setting it up is straightforward."
"We preferred the product based on its cost. AWS WAF is an out-of-the-box solution and integrates with the AWS services that we use. It's natively integrated with AWS."
"This is not a product that you need to install. You just use it."
"The solution is stable."
"The customizable features are good."
"The solution's initial setup process is easy."
"AWS WAF has a lot of integrated features and services. For example, there are security services that can be integrated very well for our customers."
"It protects and mitigates damage in the network."
"The web application firewall itself is most valuable. It provides positive security and negative security. In negative security, it blocks a task such as cross-site scripting, code injection, etc. In positive security, it lets you specify and enforce things, such as the parameters allowed in username and password fields and the number of characters allowed in a field."
"F5 technical support is excellent. They are experts who always provide the right solution, and they understand the problem. Their response and resolution times are good."
"The product has valuable features for load balancing, monitoring tools, and HPXpress services."
"The most valuable features of F5 Advanced WAF are SSL uploading, signature, and anomaly detection. It is overall a high-quality solution."
"The most valuable features of F5 Advanced WAF are the easy identification of events and customization. We can pinpoint our settings."
"The most valuable features of the F5 Advanced WAF are the enhanced ASM and the performance. Additionally, the usability and effectiveness are very good."
"I definitely recommend this solution because of the time you save on analysis."
"I would like to be able to view a graphical deployment map in the user interface that will give me an overview of the configuration and help to determine whether I have missed any steps."
"The product could be improved by expanding the weightage units of rules."
"An improvement area would be that it's more of a manual effort when you have to enable rules. That's one of the downsides. If that can be done in an automated way, it would be great. That's a lagging feature currently."
"The setup is complicated."
"On the UI side, I would like it if they could bring back the geolocation view on the corner."
"It would be good if the solution provided managed WAF services."
"It would be better if AWS WAF were more flexible. For example, if you take a third-party WAF like Imperva, they maintain the rule set, and these rule sets are constantly updated. They push security insights or new rules into the firewall. However, when it comes to AWS, it has a standard set of rules, and only those sets of rules in the application firewalls trigger alerts, block, and manage traffic. Alternative WAFs have something like bot mitigation or bot control within the WAF, but you don't have such things in AWS WAF. I will say there could have been better bot mitigation plans, there could have been better dealer mitigation plans, and there could be better-updated rule sets for every security issue which arises in web applications. In the next release, I would like to see if AWS WAF could take on DDoS protection within itself rather than being in a stand-alone solution like AWS Shield. I would also like a solution like a bot mitigation."
"They should make the implementation process faster."
"The Sandbox integration feature could be improved."
"For me, an area for improvement in F5 Advanced WAF is the reporting as it isn't so clear. The vendor needs to work on the reporting capability of the solution. What I'd like to see in the next release of F5 Advanced WAF is threat intelligence to protect your web application, particularly having that capability out-of-the-box, and not needing to pay extra for it, similar to what's offered in FortiWeb, for example, any request that originates from a malicious IP will be blocked automatically by FortiWeb. F5 Advanced WAF should have the intelligence for blocking malicious IPs, or automatically blocking threats included in the license, instead of making it an add-on feature that users have to pay for apart from the standard licensing fees."
"The user interface (UI) seems a bit outdated. Making it more user-friendly would be beneficial."
"The solution could improve by having an independent capture module. It has a built feature that you can deploy the capture on your published website. However, it's not very user-friendly. When you compare this feature to Google Capture or other enterprise captures, they are very simple. It needs a good connection to the F5 Advanced WAF sandbox. When you implement this feature in the data center, you may suffer some complications with connecting to the F5 Advanced WAF sandbox. This should be improved in the future."
"There is a gap in report management."
"F5 Advanced needs to improve its bot protection. The solution needs to have machine learning to learn the behavior of the customer to recognize the human versus the bot. This is a difficult feature to explain to our customers. I would like documentation about the bot feature to make it easier for the customer to understand."
"F5 Advanced WAF needs better integration within the application, like remote dashboards."
"You have to buy another module with an extra license, to have the authentication feature."
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while F5 Advanced WAF is ranked 2nd in Web Application Firewall (WAF) with 55 reviews. AWS WAF is rated 8.0, while F5 Advanced WAF is rated 8.6. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of F5 Advanced WAF writes "Flexible configuration, reliable, and highly professional support". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, Imperva Web Application Firewall, Fortinet FortiWeb and Cloudflare Web Application Firewall, whereas F5 Advanced WAF is most compared with Fortinet FortiWeb, Microsoft Azure Application Gateway, Imperva Web Application Firewall, F5 BIG-IP Local Traffic Manager (LTM) and Prisma Cloud by Palo Alto Networks. See our AWS WAF vs. F5 Advanced WAF report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
