We performed a comparison between AWS WAF and F5 BIG-IP Local Traffic Manager LTM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: AWS WAF's pricing is more affordable, but users find that technical support for F5 BIG-IP Local Traffic Manager LTM is better, and mention a positive ROI.
"The most valuable feature of AWS WAF is the extra layer of security that I have when connecting to my web applications."
"One common use case is using detection protection for enhancing security models in AWS. Another use case is implementing log analysis and response recovery procedures for email services."
"AWS WAF helps mitigate different kinds of bot attacks and SQL injection that happen within the retail industry."
"The solution's initial setup process is easy."
"The most valuable feature is the capability to limit access based on geographical location by restricting specific IP addresses."
"The initial setup was very straightforward. Deployment took about ten minutes or less."
"The web solution effectively protects from vulnerabilities and cyber attacks."
"The security firewall plus the features that protect against database injections or scripting,"
"F5 BIG-IP is used with good applications and functions as an application firewall with additional features. We will not use any feature or any service unless there is a business case and there is a need for implementation."
"The combination of ADC and WAN is the most valuable feature."
"Our experience has been very good, in terms of performance, and securing our application infrastructure."
"NetFlow balancing and traffic balancing are good features."
"The most valuable feature of F5 BIG-IP LTM is it helps our delivery team to make policies and rules for application."
"The most helpful thing is that it's open-source. It's very easy to program and customize."
"We enjoy its overall ease of use."
"The stability is excellent."
"The solution should identify why it blocks particular websites."
"I would like to be able to view a graphical deployment map in the user interface that will give me an overview of the configuration and help to determine whether I have missed any steps."
"There is room for improvement in pricing."
"It would be better if AWS WAF were more flexible. For example, if you take a third-party WAF like Imperva, they maintain the rule set, and these rule sets are constantly updated. They push security insights or new rules into the firewall. However, when it comes to AWS, it has a standard set of rules, and only those sets of rules in the application firewalls trigger alerts, block, and manage traffic. Alternative WAFs have something like bot mitigation or bot control within the WAF, but you don't have such things in AWS WAF. I will say there could have been better bot mitigation plans, there could have been better dealer mitigation plans, and there could be better-updated rule sets for every security issue which arises in web applications. In the next release, I would like to see if AWS WAF could take on DDoS protection within itself rather than being in a stand-alone solution like AWS Shield. I would also like a solution like a bot mitigation."
"On the UI side, I would like it if they could bring back the geolocation view on the corner."
"In a future release I would like to see automation. There's no interaction between the applications and that makes it tedious. We have to do the preparation all over again for each of our other applications."
"The cost management has room for improvement."
"I believe there is a need to move towards real-time analysis with the help of AI and intelligent systems in the future. This would reduce the reliance on manual work and enhance the functionality of detection protection. By incorporating AI-driven data analysis and data science techniques, we can improve the solution's user-friendliness, security compatibility, and accuracy."
"The pricing could always be better. It's a bit expensive."
"The pricing model has caused some frustration. My clients implemented the solution and later wanted to upgrade the features but the pricing structure was complicated. There are other solutions with better pricing models."
"There are issues with F5 BIG-IP but they are minor issues not affecting production and services. Sometimes the operations and the facility systems fail. However, there is an alert action from the windows. An ordeal for the manager."
"A lot of functions that are attributed to iRules can actually be simple profile changes. iRules do have a certain performance impact. Therefore, instead of writing simple iRules, they can create certain profiles for classes that will perform the same function."
"There is a need for a more modular version to concentrate on the current monolithic structure of both the virtual and hardware versions."
"I would like them to have more flexible models."
"Internet and cloud support could be improved."
"If one virtual portion is unavailable, it can cause issues."
More F5 BIG-IP Local Traffic Manager (LTM) Pricing and Cost Advice →
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while F5 BIG-IP Local Traffic Manager (LTM) is ranked 1st in Application Delivery Controllers (ADC) with 116 reviews. AWS WAF is rated 8.0, while F5 BIG-IP Local Traffic Manager (LTM) is rated 8.2. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of F5 BIG-IP Local Traffic Manager (LTM) writes "Reduces maintenance downtime and has a strong user community". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, F5 Advanced WAF, Imperva Web Application Firewall and Fortinet FortiWeb, whereas F5 BIG-IP Local Traffic Manager (LTM) is most compared with Citrix NetScaler, Fortinet FortiADC, Microsoft Azure Application Gateway, NGINX Plus and A10 Networks Thunder ADC. See our AWS WAF vs. F5 BIG-IP Local Traffic Manager (LTM) report.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.