Rodrigo GarciaPhysical Designer at Semtech Corporation
Anonymous UserDigital Transformation Division Director at a tech services company
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The initial setup was very straightforward. Deployment took about ten minutes or less."
"The ability to take multiple data sets and match those data sets together is the solution's most valuable feature. The data lake that comes with it is very useful because that allows us to match data sets with different configurations that we wouldn't normally be able to match."
"The security firewall plus the features that protect against database injections or scripting,"
"The most valuable feature is the scalability because it automatically scales up or scales down as per our requirements."
"The most valuable aspect is that it protects our code. It's a bit difficult to overwrite code in our application. It also protects against threats."
"AWS has flexibility in terms of WAF rules."
"This product supplies options for web security for applications accessing sensitive information."
"Its best feature is that it is on the cloud and does not require local hardware resources."
"The web application firewall which protects our services on the internet, and then of course services like our ability to provide high availability for the services we are offering are the most valuable features."
"The work balancing applications are the most valuable feature."
"The stability is good. If there is a problem, the load will be shifted to other sites automatically, which has been a good experience for us."
"They should work to define more threats, add more security, and make it more compliant with more security companies."
"The solution is cloud-based, and therefore the billing model that comes with it could be more intuitive, in my opinion. It's very easy to not fully understand how you tag things for billing and then you can quite easily run up a high bill without realizing it. The solution needs to be more intuitive around the tagging system, which enables the billing. Right now, I have a cloud architect that does that on our behalf and it isn't something that a business user could use because it still requires quite a lot of technical knowledge to do effectively."
"For now, there is no feature to protect against attack of the bad bots"
"I would like to be able to view a graphical deployment map in the user interface that will give me an overview of the configuration and help to determine whether I have missed any steps."
"It's a bit difficult to apply the right rules for the right security."
"When users choose the free service, there isn't great support available to them."
"The technical support does not respond to bugs in the coding of the product."
"The pricing model is complicated."
"The user interface could be more friendly. Some wizards and other documentation for administrators, as well as some use cases, helps us to understand the solution."
"The product could be improved by making it easier to use and easier to implement."
"The reporting is not so good. They don't have an application to connect the logs."
"AWS is not that costly by comparison. They are maybe close to $40 per month. I think it was between $29 or $39."
"It has a variable pricing scheme."
"We are kind of doing a POC comparison to see what works best. Pricing-wise, AWS is one of the most attractive ones. It is fairly cheap, and we like the pricing part. We're trying to see what makes more sense operation-wise, license-wise, and pricing-wise."
"It's quite affordable. It's in the middle."
"We have all the features and functions of Citrix because we have a premium license."
"For partners, NetScaler is not as expensive price-wise versus F5."
Earn 20 points
AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF gives you control over which traffic to allow or block to your web applications by defining customizable web security rules. You can use AWS WAF to create custom rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that are designed for your specific application. New rules can be deployed within minutes, letting you respond quickly to changing traffic patterns. Also, AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of web security rules.
Citrix Web App Firewall is a web application firewall (WAF) that protects web applications and sites from both known and unknown attacks, including application-layer and zero-day threats. Despite an ever-evolving threat landscape, Citrix Web App Firewall delivers comprehensive protection without degrading throughput or application response times. Available as a cloud solution or integrated within the Citrix ADC platform, simplified configuration controls further mitigate risk. Our pooled licensing options allow you to grow incrementally and scale on demand.
AWS WAF is ranked 3rd in Web Application Firewall (WAF) with 11 reviews while Citrix Web App and API Protection is ranked 12th in Web Application Firewall (WAF) with 3 reviews. AWS WAF is rated 8.2, while Citrix Web App and API Protection is rated 8.6. The top reviewer of AWS WAF writes "Use this product to make it possible to deploy web applications securely". On the other hand, the top reviewer of Citrix Web App and API Protection writes "Runs behind the scenes, in the background and keeps everything running smoothly". AWS WAF is most compared with Microsoft Azure Application Gateway, F5 BIG-IP, Imperva Web Application Firewall, Akamai Kona Site Defender and Cloudflare, whereas Citrix Web App and API Protection is most compared with Microsoft Azure Application Gateway, F5 Advanced WAF, Fortinet FortiWeb, F5 BIG-IP and Imperva Incapsula. See our AWS WAF vs. Citrix Web App and API Protection report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.