AWS WAF Alternatives and Competitors

Get our free report covering Microsoft, Akamai, F5, and other competitors of AWS WAF. Updated: September 2020.
441,726 professionals have used our research since 2012.

Read reviews of AWS WAF alternatives and competitors

Thomas Hejula
Real User
Senior IT Engineer at Lumeris
Dec 09 2018

What is most valuable?

* iRules * Simplicity I was able to simply and quickly set up the WAF rules and security, and also set up easily complex policies and rules which gave me some great features to redirect. So, I had to… more »

How has it helped my organization?

The ability to quickly set up. I understood it very quickly. I had some URLs which pointed to my load balancers, and inside there, I had to send an action to the API Gateway. I thought it was going to… more »

What needs improvement?

People love them in security, but their costs are completely out of bounds. However, I'm not a security guy, so I don't necessarily know all the ins and outs of why our security team may have chosen… more »

What's my experience with pricing, setup cost, and licensing?

From a cost perspective, I agreed to analyze the standards in terms of load balancing. However, the cost that they have with AWS are almost prohibitive. I'm being forced to use F5 WAF. I would not… more »

What other advice do I have?

The product works. We have F5 all across our environment. We use them for both VPNs and for traditional load balancers. So, we have VIPRIONs and several different versions of on-premise F5 hardware… more »

Which other solutions did I evaluate?

I am a fan of using AWS natively. It is much cheaper. We also looked at Check Point and Barracuda, but they were not markedly cheaper. The whole reason to use AWS was its ability to create resources… more »
Real User
Application Security Engineer at a insurance company with 10,001+ employees
Sep 14 2020

What is most valuable?

The most valuable feature is that it is cloud-based and we do not need to have an appliance for it in house.

What needs improvement?

I do not see any big problems with the product. Imperva has had a lot of experience developing this product platform and it seems appropriate for my use cases. There are a few places where it can be improved. An area of improvement that I… more »

What's my experience with pricing, setup cost, and licensing?

In my opinion, Imperva Incapsula is not expensive compared to the other similar solutions in this category.

Which solution did I use previously and why did I switch?

For web application firewalls we are actually currently using more than one solution. We are using both Imperva and AWS. Which solution that we use depends upon the environment and depends on the situation. So we are using both solutions… more »

What other advice do I have?

I have some advice for people who are considering using Imperva. When onboarding an application, they need to be careful with their other infrastructure and systems. The concern is in part to make sure they do not have conflicts. There has… more »
BrianFortington
Consultant
GRC Security Consultant at Ionize
Oct 11 2020

What is most valuable?

For me personally, the most valuable thing is that I like the fact that it is standardized so both internal firewall management and the cloud can be managed by the same company. Communication between the two works well and it can be a benefit. We can keep a single console to manage both.

What needs improvement?

User administrative controls could be a little bit better. I guess that would be the main thing. The usability within Fortinet could be a little bit easier on the users. But it is what it is. The thing that was more difficult was not the tool itself but dealing with the logistics of the compliance… more »

What's my experience with pricing, setup cost, and licensing?

I think that ForiWeb is expensive for what they are offering. At the end of the day, when you sell a suite, compliance within the suite is easy to maintain. That is the good part. It is an expensive suite and it is an expensive solution, but it is a manageable one for an enterprise. It should just… more »

What other advice do I have?

My advice to people would be to evaluate the marketplace against your requirements and choose appropriately. Fortinet does operate at the enterprise level. It is listed on the Australian standard and it does carry Australia's approval for common criteria. So it does address the requirements needed… more »
Real User
Principal Architect at a mining and metals company with 10,001+ employees
Aug 12 2020

What is most valuable?

The most valuable part of the solution for us overall is exactly that it is a Software-as-a-Service product. It fits our use needs because it is configurable via API.

What needs improvement?

There is really only one area of the product that I think needs to be improved. That is that Cloudflare should update the version of the ModSecurity core rule set that they run on. They run a pretty old version of ModSecurity from 2013 and… more »

What's my experience with pricing, setup cost, and licensing?

There is no upfront cost for infrastructure because it is a SaaS solution. You just pay per month for the product and usage.

What other advice do I have?

My advice to people who are considering Cloudflare WAF is to check service limits of other providers. Cloudflare does not really have a lot of service limits and that makes a difference. Also, look at the pricing and the pricing models… more »

Which other solutions did I evaluate?

We have evaluated other WAF (Web Application Firewall) solutions. In fact, that is what we are investigating now in taking a deeper look at the advantages of AWS and Azure. That evaluation is really part of my current job. At this stage, we… more »
Get our free report covering Microsoft, Akamai, F5, and other competitors of AWS WAF. Updated: September 2020.
441,726 professionals have used our research since 2012.