• Home
  • Barracuda Web Application Firewall vs. Checkmarx One

Barracuda Web Application Firewall vs Checkmarx One vs F5 BIG-IP Local Traffic Manager (LTM) comparison

Cancel
You must select at least 2 products to compare!
Barracuda Networks Logo

Barracuda Web Application Firewall

Read 38 Barracuda Web Application Firewall reviews
2,727 views|2,232 comparisons
93% willing to recommend
Checkmarx Logo

Checkmarx One

Read 67 Checkmarx One reviews
35,279 views|23,132 comparisons
86% willing to recommend
F5 Logo

F5 BIG-IP Local Traffic Manager (LTM)

Read 116 F5 BIG-IP Local Traffic Manager (LTM) reviews
10,469 views|8,686 comparisons
83% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Web Application Firewall (WAF)
April 2024
Executive Summary

We performed a comparison between Barracuda Web Application Firewall, Checkmarx One, and F5 BIG-IP Local Traffic Manager (LTM) based on real PeerSpot user reviews.

Find out what your peers are saying about Amazon Web Services (AWS), Microsoft, F5 and others in Web Application Firewall (WAF).
To learn more, read our detailed Web Application Firewall (WAF) Report (Updated: April 2024).
Download the complete report
767,847 professionals have used our research since 2012.
Featured Review
Anonymous User
Stable, great visibility, with smooth deployment.
Our organization has improved because it has created a new layer of security analytics. Typically we used to do study code analysis, but then by... Read more →
Anonymous User
Specifies the exact line of code where it finds the problem and gives good reports
The solution improved the efficiency of our code security reviews. It helps tremendously because it finds hundreds of potential problems sometimes.... Read more →
John Bayangos
Reliable with good support and useful load-balancing features
We're hosting a website for our company, and the solution has helped a lot with load balancing.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Some of the most valuable features are the ease of deployment, the Barracuda support, the easy-to-use console, and the granularity of the reports.""It significantly improved our overall web security posture, addressing intrusions and enhancing control over web URLs in our environment.""Parameter Protection is a valuable feature.""The initial setup is easy.""It's very simple and predictable, because Barracuda provides a vision of the current state of your application. It gives you an understanding of what is happening on your site and any attempts against you at your source. This is the main value that Web Application Firewall provides our company. These aspects are also the main reason for this documentation process.""The most valuable feature is the automatic content filtering.""Has a good dashboard.""The solution is user-friendly and easy to set up."

More Barracuda Web Application Firewall Pros →

"The most valuable features of Checkmarx are difficult to pinpoint because of the way the functionalities and the features are intertwined, it's difficult to say which part of them I prefer most. You initiate the scan, you have a scan, you have the review set, and reporting, they all work together as one whole process. It's not like accounting software, where you have the different features, et cetera.""The ability to track the vulnerabilities inside the code (origin and destination of weak variables or functions).""I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy.""Less false positive errors as compared to any other solution.""The value you can get out of the speedy production may be worth the price tag.""It can integrate very well with DAST solutions. So both of them are combined into an integrated solution for customers running application security.""The UI is user-friendly.""Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%."

More Checkmarx One Pros →

"The configuration and integration into the AWS environment was pretty easy.""The most valuable feature is customization.""The tech support we got from F5 BIG-IP Local Traffic Manager directly was pretty good.""I've worked a little bit with iRules and it is amazing.""The setup is pretty easy.""F5's attack signatures and automation are the most valuable features. The disaster recovery capabilities are also excellent. You don't need to do anything. It has automatic failover from production.""The solution's stability is pretty good.""ASM for WAF."

More F5 BIG-IP Local Traffic Manager (LTM) Pros →

Cons
"It would be better if their updates would be released annually.""This product could easily progress to be among the industry leaders. I think they need to improve enterprise level automation. It integrates with a small number of vulnerability scanners, so report results should be imported manually; same for SIEM integration.""Barracuda Web Application Firewall's load balancing feature could be improved.""The usability of the interface could be improved.""As most people are aware, the implementation is not easy.""Its interface can be better. It is not very friendly.""The GUI needs to be improved because it sometimes hangs and needs to be restarted.""I have issues with the load balancing of the solution which is slow. The connection pooling in Barracuda also doesn't work. There is an issue when someone needs access to a site quickly. The issue is with HTTPS services. I am not sure if they have changed all these in the solution’s latest version."

More Barracuda Web Application Firewall Cons →

"Checkmarx is not good because it has too many false positive issues.""The integration could improve by including, for example, DevSecOps.""You can't use it in the continuous delivery pipeline because the scanning takes too much time.""Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices.""One area for improvement in Checkmarx is pricing, as it's more expensive than other products.""I think the CxAudit tool has room for improvement. At the beginning you can choose a scan of a project, but in any event the project must be scanned again (wasting time).""We are trying to find out if there is a way to identify the run-time null values. I am analyzing different tools to check if there is any tool that supports run-time null value identification, but I don't think any of the tools in the market currently supports this feature. It would be helpful if Checkmarx can identify and throw an exception for a null value at the run time. It would make things a lot easier if there is a way for Checkmarx to identify nullable fields or hard-coded values in the code. The accessibility for customized Checkmarx rules is currently limited and should be improved. In addition, it would be great if Checkmarx can do static code and dynamic code validation. It does a lot of security-related scanning, and it should also do static code and dynamic code validation. Currently, for security-related validation, we are using Checkmarx, and for static code and dynamic code validation, we are using some other tools. We are spending money on different tools. We can pay a little extra money and use Checkmarx for everything.""It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use."

More Checkmarx One Cons →

"The solution could improve the ease of use, the management could be simplified. Other solutions are easier to use.""Technical support is somewhat slow and could be improved.""BIG-IP LTM's sandboxing integration could be improved.""The web interface could be better.""Native support for containers should be added to future releases, as this is the future of load balancing.""Reporting could be improved and configuration made easier.""There are not very many areas for improvement, but the price is high.""F5 has another solution to load balance servers on the cloud, which they got after the purchase of NGINX. It is deployed as Kubernetes or something like that, but the problem now is that they have two solutions for two situations. They should make F5 deployable on the cloud."

More F5 BIG-IP Local Traffic Manager (LTM) Cons →

Pricing and Cost Advice
  • "The pricing is less compared to other web applications."
  • "They have competitive pricing."
  • "Our licensing fees are paid annually and the cost is between €600 and €800 (approximately $665.00 to $885.00 USD)."
  • "Barracuda costs us $8,000 per year. Barracuda costs $20,000 for a full subscription, when you try to protect multi-site infrastructure, in different geographical zones and for different data centers. If you have only one site, Barracuda will be cheaper."
  • "The price of this solution is okay."
  • "The price of the solution is a little expensive. There is a license for this solution and it can be purchased every one, two, or five years."
  • "While I would have to check on the price of the solution, I feel it to be okay and it matches the market price."
  • "The price is reasonable, more so than other products."

    • More Barracuda Web Application Firewall Pricing and Cost Advice →

  • "It is the right price for quality delivery."
  • "I believe pricing is better compared to other commercial tools."
  • "The pricing was not very good. This is just a framework which shouldn’t cost so much."
  • "The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security."
  • "It is a good product but a little overpriced."
  • "The license has a vague language around P1 issues and the associated support. Make sure to review these in order to align them with your organizational policies."
  • "​Checkmarx is not a cheap scanning tool, but none of the security tools are cheap. Checkmarx is a powerful scanning tool, and it’s essential to have one of these products."
  • "We got a special offer for a 30% reduction for three years, after our first year. I think for a real source-code scanning tool, you have to add a lot of money for Open Source Analysis, and AppSec Coach (160 Euro per user per year)."

    • More Checkmarx One Pricing and Cost Advice →

  • "Though functionality is high, its cost can be considered slightly higher than its competitors​."
  • "The licensing pricing seems relatively easy enough to get your head around. I would advise anyone to ensure that you have a conversation with an F5 consultant before purchasing, as you would with most products."
  • "Take a look at the modules that you are going to use. Look into the best bundles for them."
  • "The only area that has room for improvement would be pricing, so its competitors do not have a say."
  • "If your IT budget is good, go for it."
  • "This product is costly from a licensing perspective considering its competitors."
  • "Check other vendors like Cisco, Citrix or A10 Networks. There are plenty in the market with which you can achieve same thing."
  • "Great product for the money. But they can get really expensive, so get what meets your needs."

    • More F5 BIG-IP Local Traffic Manager (LTM) Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    See Recommendations
    767,847 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Barracuda Web Application Firewall?
    Top Answer:It significantly improved our overall web security posture, addressing intrusions and enhancing control over web URLs in… more »
    Read all 32 answers   →
    What is your primary use case for Barracuda Web Application Firewall?
    Top Answer:My company uses the tool for HTTP protection and the protection of HTTP for a particular application that is exposed to… more »
    Read all 29 answers   →
    What is your experience regarding pricing and costs for Barracuda Web App...
    Top Answer:The product is expensive. It is overpriced.
    Read all 16 answers   →
    What alternatives are there for Fortify WebInspect and Fortify SCA?
    Top Answer:I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as… more »
    Read all 4 answers   →
    What do you like most about Checkmarx?
    Top Answer:Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
    Read all 38 answers   →
    What is your experience regarding pricing and costs for Checkmarx?
    Top Answer:The solution's price is high and you pay based on the number of users.
    Read all 25 answers   →
    What do you like most about F5 BIG-IP?
    Top Answer:The support from F5 BIG-IP LTM is good.
    Read all 58 answers   →
    What is your experience regarding pricing and costs for F5 BIG-IP?
    Top Answer:There are a few licensing options available for F5 BIG-IP LTM. You can have a perpetual license which is a lifetime… more »
    Read all 43 answers   →
    What needs improvement with F5 BIG-IP?
    Top Answer:The pricing must be more flexible. We get billed for firewalls based on the usage. It will be helpful if the solution… more »
    Read all 70 answers   →
    Ranking
    14th
    out of 79 in Web Application Firewall (WAF)
    Views
    2,727
    Comparisons
    2,232
    Reviews
    10
    Average Words per Review
    429
    Rating
    8.2
    3rd
    out of 74 in Application Security Tools
    Views
    35,279
    Comparisons
    23,132
    Reviews
    21
    Average Words per Review
    513
    Rating
    7.7
    1st
    out of 24 in Application Delivery Controllers (ADC)
    Views
    10,469
    Comparisons
    8,686
    Reviews
    29
    Average Words per Review
    485
    Rating
    8.4
    Comparisons
    Also Known As
    F5 BIG-IP, BIG-IP LTM, F5 ASM, Viprion, F5 BIG-IP Virtual Edition , Crescendo Networks Application Delivery Controller, BIG IP
    Learn More
    Barracuda Networks
    Checkmarx
    F5
    Overview

    Barracuda Web Application Firewall is a game-changing cloud-connected security solution that enables organizations to safeguard both their applications and their data from an ever-growing array of advanced cyber threats. It offers protection from cyber attacks that target not only data and applications stored on the cloud but also those that are housed on web servers. 43% of the time a breach takes place via a compromised application. Barracuda Web Application Firewall prevents these types of breaches from occurring.

    Barracuda Web Application Firewall denies hackers the ability to penetrate your system by using a number of techniques to keep your organization safely insulated. The first method of protection consists of two parts. The first part involves a thorough scanning of all inbound web traffic. This solution monitors everything that comes into the system. It employs IP reputation intelligence, which filters all incoming data. If the source of the data has a bad reputation, it is blocked by the firewall. Administrators now have a way of locking out many common threats that could otherwise compromise sensitive networks. These scans can also allow administrators to protect their systems from within as DLP (Data Loss Prevention) protocols. If any sensitive data attempts to leave, administrators will automatically be alerted and the data will be blocked from exiting.

    Barracuda Web Application Firewall can also be set up to apply the AAA (Authentication, Authorization & Accounting) framework to an organization’s network. If an intruder manages to get past the authentication stage, the authorization protocols kick in. After the authorization stage comes accounting, which works by tracking and logging users’ activities so that administrators will be in a position to prevent long-term damage from being done. This three-step process can be implemented without requiring administrators to make changes to their applications.

    Key Features

    Some of Barracuda Web Application Firewall’s key features include:

    • The ability to employ adaptive profiling. Administrators will have an easier time enforcing security policies once this feature is enabled. It takes data from safe sources and builds profiles that can be used to create whitelisting protocols that prevent unsafe actions from occurring on the system.
    • The ability to assess threats in real time. Barracuda Web Application Firewall uses machine learning to detect new threats and attacks as they emerge.
    • The ability to manage the Barracuda Web Application Firewall system from a single interface. Administrators can manage their Barracuda Web Application Firewall configurations from one centralized location.

    Reviews from Real Users

    Barracuda Web Application Firewall stands out among its competitors for a number of reasons. One of the main ones is the robustness of the solution. Users are given access to a vast variety of security features in a single product.

    PeerSpot user Muhammed S., a Presales Solutions Architect at Hilal Computers, notes this when he writes, "The solution offers multiple security features. There are machine learning features and great URL encryption. It also offers multi-protocol support against DDoS attacks."

    Other reviewers note that Barracuda Web Application Firewall is user-friendly, easy to set up, stable, and reliable.

    Checkmarx is a highly accurate and flexible static code analysis product that allows organizations to automatically scan uncompiled code and identify hundreds of security vulnerabilities in all major coding languages and software frameworks. Checkmarx is available as a standalone product and can be effectively integrated into the software development lifecycle (SDLC) to streamline vulnerability detection and remediation. Checkmarx is trusted by leading organizations such as SAP, Samsung, and Salesforce.com.

    Checkmarx is a global leader in software security solutions for modern software development. Checkmarx delivers a comprehensive software security platform that unites with DevOps by scanning uncompiled source code for security vulnerabilities early in the development life cycle to reduce and remediate risk from software vulnerabilities. Using Checkmarx, teams avoid software security vulnerabilities managed via a single and unified dashboard without slowing down their delivery schedule.

    Checkmarx balances the needs of the entire organization, delivering seamless security from the start and throughout the entire software development life cycle. Checkmarx can be deployed on-premises in a private data center or hosted via a public cloud.

    Checkmarx Features

    Some of Checkmarx’s features include:

    • Source code scanning: Detect and repair more vulnerabilities before you release your code.

    • Open-source scanning: Find and eliminate the risks in your open-source code.

    • Interactive code scanning: Scan for vulnerabilities and runtime threats.

    • Open-source security for infrastructure as code: Identify and fix insecure IaC configurations that put your application at risk.

    Reviews from Real Users

    Checkmarx stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to secure their code with a single management dashboard and its high-speed scanning abilities.

    PeerSpot users note the effectiveness of these features. A CEO at a tech services company writes, “The most valuable features are the easy-to-understand interface, and it’s very user-friendly. We spend some time tuning to start scanning a new project, which is only a few clicks. A few simple tunes for custom rules and we can start our scan. We can do the work quickly and we don't need to compile the source code because Checkmarx does the work without compiling the project. The scanning is very quick. It's about 20,000 lines per hour, which is a good speed for scanning.”

    A director at a tech services company notes, “The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important.”

    A senior manager at a manufacturing company writes, “The identification of verification-related security vulnerabilities is really important and one of the key things. It also identifies vulnerabilities for any kind of third-party tool coming into the system or any third-party tools that you are using, which is very useful for avoiding random hacking."

    F5 BIG-IP LTM optimizes the speed and reliability of your apps via both network and application layers. Using real-time protocol and traffic management decisions based on app and server and connection management conditions, and TCP and content offloading, BIG-IP LTM dramatically improves application and infrastructure responsiveness. BIG-IP LTM's architecture includes protocol awareness to control traffic for the most important applications. BIG-IP LTM tracks the dynamic performance levels of servers and delivers SSL performance and visibility for inbound and outbound traffic, to protect the user experience by encrypting everything from the client to the server.

    BIG-IP LTM provides enterprise-class Application Delivery Controller (ADC). You get granular layer 7 control, SSL offloading and acceleration capabilities, and advanced scaling technologies that deliver performance and reliability on-demand. The highly optimized TCP/IP stack combines TCP/IP techniques and improvements in the latest RFCs with extensions to minimize the effect of congestion and packet loss and recovery. Independent testing tools and customer experiences show LTM's TCP stack delivers up to a 2x performance gain for users and a 4x increase in bandwidth efficiency.

    Sample Customers
    Oracle, CBS, Pioneer, Hyundai, Publix, Barnes Noble, Calzedonia, Nordstrom, Samsung, Nascar
    YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
    Riken, TransUnion, Tepco Systems Administration, Daejeon University, G&T Bank, Danamon, CyberAgent Inc.
    Top Industries
    REVIEWERS
    Comms Service Provider25%
    Maritime Company13%
    Media Company13%
    Wholesaler/Distributor6%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Financial Services Firm9%
    Manufacturing Company8%
    Government8%
    REVIEWERS
    Computer Software Company31%
    Financial Services Firm19%
    Comms Service Provider9%
    Manufacturing Company9%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company15%
    Manufacturing Company9%
    Insurance Company5%
    REVIEWERS
    Comms Service Provider20%
    Financial Services Firm15%
    Computer Software Company15%
    Media Company6%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company14%
    Government9%
    Comms Service Provider7%
    Company Size
    REVIEWERS
    Small Business67%
    Midsize Enterprise6%
    Large Enterprise28%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise19%
    Large Enterprise56%
    REVIEWERS
    Small Business38%
    Midsize Enterprise13%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise11%
    Large Enterprise72%
    REVIEWERS
    Small Business33%
    Midsize Enterprise17%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise14%
    Large Enterprise68%
    Buyer's Guide
    Web Application Firewall (WAF)
    April 2024
    Download Free Report
    Find out what your peers are saying about Amazon Web Services (AWS), Microsoft, F5 and others in Web Application Firewall (WAF). Updated: April 2024.
    DOWNLOAD NOW
    767,847 professionals have used our research since 2012.