Rodrigo GarciaPhysical Designer at Semtech Corporation
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The security firewall plus the features that protect against database injections or scripting,"
"The most valuable feature is the scalability because it automatically scales up or scales down as per our requirements."
"The most valuable aspect is that it protects our code. It's a bit difficult to overwrite code in our application. It also protects against threats."
"AWS has flexibility in terms of WAF rules."
"This product supplies options for web security for applications accessing sensitive information."
"Its best feature is that it is on the cloud and does not require local hardware resources."
"The access instruction feature is the most valuable. This is what we use the most."
"The most valuable features are the geo-restriction denials and the web ACL."
"Traffic Learning is the most valuable feature."
"Good application firewall."
"The most valuable feature is the proxy."
"iRule feature is useful."
"F5 has many capabilities for load balancing and web application firewall features."
"We always use technical support and the team helps us very well. They're able to effectively find and fix issues and they respond very quickly."
"The product is quite flexible."
"This is a solution that does what it's supposed to do at the price point."
"For now, there is no feature to protect against attack of the bad bots"
"I would like to be able to view a graphical deployment map in the user interface that will give me an overview of the configuration and help to determine whether I have missed any steps."
"It's a bit difficult to apply the right rules for the right security."
"When users choose the free service, there isn't great support available to them."
"The technical support does not respond to bugs in the coding of the product."
"The pricing model is complicated."
"The setup is complicated."
"It is sometimes a lot of work going through the rules and making sure you have everything covered for a use case. It is just the way rules are set and maintained in this solution. Some UI changes will probably be helpful. It is not easy to find the documentation of new features. Documentation not being updated is a common problem with all services, including this one. You have different versions of the console, and the options shown in the documentation are not there. For a new feature, there is probably an announcement about being released, but when it comes out, there is no actual documentation about how to use it. This makes you either go to technical support or community, which probably doesn't have an idea either. The documentation on the cloud should be the latest one. Finding information about a specific event can be a bit challenging. For this solution, not much documentation is available in the community. It could be because it is a new tool. Whenever there is an issue, it is just not that simple to resolve, especially if you don't have premium support. You have pretty much nowhere to look around, and you just need to poke around to try and make it work right."
"This is a very expensive solution."
"It's a very expensive solution."
"If they made it easier for engineers to get F5 training then it would be better."
"Reporting could be improved and configuration made easier."
"The logging features are too limited and do not give us a solid understanding of what's happening."
"The web interface could be better."
"The cost of the solution is pretty high. It would be ideal if it was more reasonable."
"If we decide to migrate to the cloud, I don't think that BIG-IP is a good solution and we probably won't use it."
"AWS is not that costly by comparison. They are maybe close to $40 per month. I think it was between $29 or $39."
"It has a variable pricing scheme."
"We are kind of doing a POC comparison to see what works best. Pricing-wise, AWS is one of the most attractive ones. It is fairly cheap, and we like the pricing part. We're trying to see what makes more sense operation-wise, license-wise, and pricing-wise."
"It's quite affordable. It's in the middle."
"The pricing should be more affordable, especially as it pertains to small clients."
"There are additional costs depending on what modules or what functionality is required."
"F5 pricing is too high, compared to Citrix."
"When we purchased additional licenses for our other locations, we received a discount of between 20% and 25%."
"F5 BIG-IP can be expensive, although there are trial versions available which are helpful to find out if the solution is right for your company."
"The price should be reduced because it is expensive when compared to the competition."
"The solution is quite expensive if we compare it with the competition."
"It is a bit expensive product. Kemp Loadmaster is much cheaper than F5. Its licensing is on a yearly basis. It can be for one year or three years."
"The price of the solution is sometimes expensive."
AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF gives you control over which traffic to allow or block to your web applications by defining customizable web security rules. You can use AWS WAF to create custom rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that are designed for your specific application. New rules can be deployed within minutes, letting you respond quickly to changing traffic patterns. Also, AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of web security rules.
F5 BIG-IP LTM optimizes the speed and reliability of your apps via both network and application layers. Using real-time protocol and traffic management decisions based on app and server and connection management conditions, and TCP and content offloading, BIG-IP LTM dramatically improves application and infrastructure responsiveness. BIG-IP LTM's architecture includes protocol awareness to control traffic for the most important applications. BIG-IP LTM tracks the dynamic performance levels of servers and delivers SSL performance and visibility for inbound and outbound traffic, to protect the user experience by encrypting everything from the client to the server.
BIG-IP LTM provides enterprise-class Application Delivery Controller (ADC). You get granular layer 7 control, SSL offloading and acceleration capabilities, and advanced scaling technologies that deliver performance and reliability on-demand. The highly optimized TCP/IP stack combines TCP/IP techniques and improvements in the latest RFCs with extensions to minimize the effect of congestion and packet loss and recovery. Independent testing tools and customer experiences show LTM's TCP stack delivers up to a 2x performance gain for users and a 4x increase in bandwidth efficiency.
AWS WAF is ranked 3rd in Web Application Firewall (WAF) with 10 reviews while F5 BIG-IP Local Traffic Manager (LTM) is ranked 1st in Application Delivery Controllers (ADC) with 30 reviews. AWS WAF is rated 7.8, while F5 BIG-IP Local Traffic Manager (LTM) is rated 8.2. The top reviewer of AWS WAF writes "Use this product to make it possible to deploy web applications securely". On the other hand, the top reviewer of F5 BIG-IP Local Traffic Manager (LTM) writes "Very stable and easy to use with a good GUI". AWS WAF is most compared with Microsoft Azure Application Gateway, Imperva Web Application Firewall, Akamai Kona Site Defender, Fortinet FortiWeb and Cloudflare, whereas F5 BIG-IP Local Traffic Manager (LTM) is most compared with Citrix ADC, Microsoft Azure Application Gateway, NGINX Plus, HAProxy and Radware Alteon. See our AWS WAF vs. F5 BIG-IP Local Traffic Manager (LTM) report.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.