Rodrigo GarciaPhysical Designer at Semtech Corporation
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The security firewall plus the features that protect against database injections or scripting,"
"The most valuable feature is the scalability because it automatically scales up or scales down as per our requirements."
"The most valuable aspect is that it protects our code. It's a bit difficult to overwrite code in our application. It also protects against threats."
"AWS has flexibility in terms of WAF rules."
"This product supplies options for web security for applications accessing sensitive information."
"Its best feature is that it is on the cloud and does not require local hardware resources."
"The access instruction feature is the most valuable. This is what we use the most."
"The most valuable features are the geo-restriction denials and the web ACL."
"F5 technical support is really good."
"The most important feature is that they have seven firewall protection, to protect our web servers."
"The most valuable feature is flexibility."
"Its flexibility is the most valuable because it is a managed service. The good part is that you don't need to set it up. It just needs DNS routing, which is the easiest thing. Our client had Akamai for certain websites because they were using CDN features. They had NetScaler on the internal zone, F5 AWAFs on the data centers, and no WAF at all in the cloud. One of the main activities of the project was to move all these policies into a single WAF so that we could control and use that as a choke point. That exercise itself was very easy because it was a managed service and F5 Silverline Web Application Firewall does that for you. That's the best thing about F5 Silverline Web Application Firewall. It is easy to apply policies on-premises. If you have AWAF on-premises and you want to replicate some policies on F5 Silverline Web Application Firewall, other than the policies that it applies by itself, it is easy because you have a team that supports it. F5 Silverline Web Application Firewall works perfectly fine. It pretty much does everything that an Advanced WAF on-premises should do."
"For now, there is no feature to protect against attack of the bad bots"
"I would like to be able to view a graphical deployment map in the user interface that will give me an overview of the configuration and help to determine whether I have missed any steps."
"It's a bit difficult to apply the right rules for the right security."
"When users choose the free service, there isn't great support available to them."
"The technical support does not respond to bugs in the coding of the product."
"The pricing model is complicated."
"The setup is complicated."
"It is sometimes a lot of work going through the rules and making sure you have everything covered for a use case. It is just the way rules are set and maintained in this solution. Some UI changes will probably be helpful. It is not easy to find the documentation of new features. Documentation not being updated is a common problem with all services, including this one. You have different versions of the console, and the options shown in the documentation are not there. For a new feature, there is probably an announcement about being released, but when it comes out, there is no actual documentation about how to use it. This makes you either go to technical support or community, which probably doesn't have an idea either. The documentation on the cloud should be the latest one. Finding information about a specific event can be a bit challenging. For this solution, not much documentation is available in the community. It could be because it is a new tool. Whenever there is an issue, it is just not that simple to resolve, especially if you don't have premium support. You have pretty much nowhere to look around, and you just need to poke around to try and make it work right."
"In terms of the scalability, this part is always so confusing because they are checking for packet count. Also, after an attack, they said that the throughput must be from gigabits but then I check my bandwidth and it is already done in gigabits. So it is a little bit confusing."
"I just hope the price can be cheaper."
"We need to have support for cloud protection, which is not offered by this solution."
"F5 Silverline Web Application Firewall, being a new product in the market or comparatively related to a new product, currently supports less number of PoPs. They should introduce more PoPs. The current number of PoPs that they have is around 10 or 12, which is still relatively less as compared to 2,400 plus PoPs that Akamai offers. The user latency or the number of hops a user needs before reaching the actual web application is less in Akamai because it has its internal fabric to route the traffic. They need to spin up more data to increase its traffic handling capability. They can also include the bot detection capability, though it is a pretty advanced functionality. If they could include DataDome like functionality, that is, bot prediction, then F5 Silverline Web Application Firewall will be top-notch in the market."
"AWS is not that costly by comparison. They are maybe close to $40 per month. I think it was between $29 or $39."
"It has a variable pricing scheme."
"We are kind of doing a POC comparison to see what works best. Pricing-wise, AWS is one of the most attractive ones. It is fairly cheap, and we like the pricing part. We're trying to see what makes more sense operation-wise, license-wise, and pricing-wise."
"It's quite affordable. It's in the middle."
"The pricing should be more affordable, especially as it pertains to small clients."
"F5 Silverline Web Application Firewall works based on your bandwidth. They look at the clean bandwidth and do the pricing. 20% of a total pipe would be a clean bandwidth. The list price or a non-negotiated price for F5 Silverline Web Application Firewall would be around $2,200 per application per year for everything that you need. When you get into an enterprise kind of a setup, they negotiate this to the last bit. I would easily take 20% on that, which would be the cost, but it should cover all your Advance WAF features, bot protection, tech campaign, etc. It is built as a package and gives you most of the capability. You don't get the mobile SDK, which is an additional license. Mobile SDK is required only if you're buying or if you have a mobile application, and you are going to instrument F5 or Imperva into your mobile appliance. This anyways would be an additional module. It doesn't come within the WAF, but it is a WAF feature."
AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF gives you control over which traffic to allow or block to your web applications by defining customizable web security rules. You can use AWS WAF to create custom rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that are designed for your specific application. New rules can be deployed within minutes, letting you respond quickly to changing traffic patterns. Also, AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of web security rules.
F5's Silverline Managed Services is a SaaS solution delivering DDoS protection, managed Web Application Firewall (WAF) services, and managed Shape Security Fraud and Anti-bot solutions.
Silverline services include 24x7 access to F5's Security Operations Center (SOC). F5's expert security professionals use F5 products with state-of-the-art security tools to ensure the best protection possible. As an add-on to Silverline DDoS or WAF services, Silverline Threat Intelligence integrates dynamic lists of threatening IP addresses to give context for policy decisions.
AWS WAF is ranked 3rd in Web Application Firewall (WAF) with 10 reviews while F5 Silverline Managed Services is ranked 10th in Web Application Firewall (WAF) with 4 reviews. AWS WAF is rated 7.8, while F5 Silverline Managed Services is rated 7.8. The top reviewer of AWS WAF writes "Use this product to make it possible to deploy web applications securely". On the other hand, the top reviewer of F5 Silverline Managed Services writes "It is flexible and lets you easily apply policies, but it needs to support more PoPs". AWS WAF is most compared with Microsoft Azure Application Gateway, Imperva Web Application Firewall, F5 BIG-IP Local Traffic Manager (LTM), Akamai Kona Site Defender and Fastly, whereas F5 Silverline Managed Services is most compared with Cloudflare, Microsoft Azure Application Gateway, Arbor DDoS, F5 BIG-IP Local Traffic Manager (LTM) and Akamai Kona Site Defender. See our AWS WAF vs. F5 Silverline Managed Services report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.