We performed a comparison between Barracuda Web Application Firewall, Checkmarx, and Loadbalancer.org based on real PeerSpot user reviews.
Find out what your peers are saying about Amazon, Microsoft, F5 and others in Web Application Firewall (WAF)."You don't need help from Barracuda to help with the deployment. The deployment is easy."
"We run it with no downtime, because it has good support."
"Even when we were upgrading to a new OS, we didn't have any difficulties with the product. The stability is good."
"One of the strongest points is its robust issue discovery capabilities. Barracuda invests significant efforts in identifying and resolving issues. They have multiple products that work in tandem to perform these checks, which is beneficial because it automates security updates. This is the primary reason I recommend it to my customers."
"It allows us to scale out to multiple phase servers."
"The installation is straightforward."
"The most valuable features are the client VPN and content filtering."
"There is no one special feature, but the WAF itself is valuable: user-friendly protection against web attacks etc., authentication, reporting, accountability, alerting, and hardened OS."
"The value you can get out of the speedy production may be worth the price tag."
"The most valuable features are the easy to understand interface, and it 's very user-friendly."
"Checkmarx pinpoints the vulnerability in the code and also presents the flow of malicious input across the application."
"The solution is always updating to continuously add items that create a level of safety from vulnerabilities. It's one of the key features they provide that's an excellent selling point. They're always ahead of the game when it comes to finding any vulnerabilities within the database."
"The most valuable feature is that it actually identifies the different criteria you can set to meet whatever standards you're trying to get your system accredited for."
"The most valuable features of Checkmarx are the SCA module and the code-checking module. Additionally, the solutions are explanatory and helpful."
"The setup is fairly easy. We didn't struggle with the process at all."
"We use the solution to validate the source code and do SAST and security analysis."
"Existing customers are trying to migrate from the physical F5 load balancer to the AVI load balancer because it is scalable and easily managed."
"It helps us to route the traffic to the available servers. If we didn't have Loadbalancer we would fail to set the end-user and it would cause a failure in the cluster."
"Load balancing helps us distribute both incoming and outgoing data loads evenly among the servers, preventing overload on a single server."
"For now, it's stable."
"We have about 30,000 connections going through at any one time and it's fine, it doesn't seem to sweat. It doesn't get overloaded."
"It does what it’s supposed to do which is balancing an important intranet site we are using, so if one server dies, the second becomes active straight away."
"The support we have received from Loadbalancer.org has been good."
"It's pretty much a Swiss Army knife for managing all the load balancing techniques."
"The platform's pricing needs improvement."
"They could improve their performance, support, and their upgrades. Their updates used to be good. Their improvements were right on the money but nowadays, the updates are minor."
"I think the main area for improvement in this product is learning it, as can be seen when comparing it to the F5 web application firewall. F5 has a very powerful learning phase when you start using your web application firewall against your site. Barracuda has something like this, but not with the same functionality from my point of view."
"The policy updates could be improved."
"One of Barracuda's limitations is its user interface. The GUI for configuration is not intuitive and has remained largely unchanged for the past 10 to 12 years."
"The reporting aspect of the solution needs improvement. I don't find that it's very good. They could do some work on it to make it much better. It's not that the reporting isn't secure. It's just that I would prefer to store my reports for an extended period of time. Right now, that's not possible and I'd prefer it if that could change. I also would say that the reports themselves are expensive."
"I have issues with the load balancing of the solution which is slow. The connection pooling in Barracuda also doesn't work. There is an issue when someone needs access to a site quickly. The issue is with HTTPS services. I am not sure if they have changed all these in the solution’s latest version."
"Its interface can be better. It is not very friendly."
"Checkmarx could improve by reducing the price."
"The product's reporting feature could be better. The feature works well for developers, but reports generated to be shared with external parties are poor, it lacks the details one gets when viewing the results directly from the Checkmarx One platform."
"Checkmarx has a slightly difficult compilation with the CI/CD pipeline."
"Checkmarx could improve the REST APIs by including automation."
"We are trying to find out if there is a way to identify the run-time null values. I am analyzing different tools to check if there is any tool that supports run-time null value identification, but I don't think any of the tools in the market currently supports this feature. It would be helpful if Checkmarx can identify and throw an exception for a null value at the run time. It would make things a lot easier if there is a way for Checkmarx to identify nullable fields or hard-coded values in the code. The accessibility for customized Checkmarx rules is currently limited and should be improved. In addition, it would be great if Checkmarx can do static code and dynamic code validation. It does a lot of security-related scanning, and it should also do static code and dynamic code validation. Currently, for security-related validation, we are using Checkmarx, and for static code and dynamic code validation, we are using some other tools. We are spending money on different tools. We can pay a little extra money and use Checkmarx for everything."
"Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices."
"Checkmarx could improve the solution reports and false positives. The false positives could be reduced. For example, we have alerts that are tagged as vulnerabilities but when you drill down they are not."
"The lack of ability to review compiled source code. It would then be able to compete with other scanning tools, such as Veracode."
"They're mostly designed to balance a particular type of traffic. I wanted to load balance DNS, and they just don't do it the way that we wanted to. So they're not used as DNS load balancers."
"I'd like to see scalability improved; it can be costly."
"I would like it if Loadbalancer had the ability to make rules for specific shared bots."
"It would be great if there was a way to gain access to the graphing data, to create custom reports. If we had a way to use the graphing data, we could use it to present certain information to our client, such as the uptime status for their service."
"We could enhance the security aspects of the load balancer."
"It doesn't have the bonding capability feature."
"The automatic refresh of the System Overview webpage: It sometimes has an extra webpage reload (after a change) before you see it is executed. This can be confusing."
"An area for improvement in Loadbalancer.org is that sometimes it works fine, but sometimes, it has issues. The setup for Loadbalancer.org is also complex, so that's another area for improvement."
More Barracuda Web Application Firewall Pricing and Cost Advice →