We compared AWS WAF and F5 Advanced WAF based on our user's reviews in several parameters.
Users have praised AWS WAF for its effective protection against web application attacks, customizable rule sets, and affordable pricing. On the other hand, F5 Advanced WAF stands out for its robust security measures, advanced threat intelligence, and user-friendly interface. However, AWS WAF users appreciate the responsive customer support, while F5 Advanced WAF users value its seamless integration with existing systems. Both products have areas that need improvement, with AWS WAF users looking for better documentation and customization options, and F5 Advanced WAF users desiring a more intuitive interface and comprehensive support for troubleshooting.
Features: AWS WAF offers effective protection against web application attacks, easy setup and configuration, flexibility in setting rules, and integration with other AWS services. F5 Advanced WAF provides robust security measures, advanced threat intelligence, efficient traffic management, and customizable policies.
Pricing and ROI: The setup cost for AWS WAF is minimal, with a smooth and straightforward process. Users find the licensing flexible and customizable. On the other hand, F5 Advanced WAF also has a minimal setup cost, making installation hassle-free. Users appreciate the straightforward and easy-to-manage licensing., AWS WAF's ROI is reflected in increased security, reduced risks, and improved web threat protection. It also offers cost savings and efficient management. On the other hand, F5 Advanced WAF's ROI is seen in improved security, enhanced visibility, and reduced cyber threats. It effectively protects web applications for a safe user experience. Overall, both products deliver valuable and beneficial ROI.
Room for Improvement: AWS WAF users have requested better documentation and detailed instructions for users with limited technical expertise. They also want a more user-friendly interface, enhanced customization options, and greater flexibility in configuring rule sets. F5 Advanced WAF users have expressed concerns about a lack of user-friendly interface, complexity in configuration, and a need for improved documentation and better support for troubleshooting and resolving issues. Overall, they desire a more streamlined and intuitive experience.
Deployment and customer support: Based on user feedback, it is necessary to consider the duration required for different phases of implementing a new tech solution. For AWS WAF, users mentioned distinct timeframes for deployment and setup, while for F5 Advanced WAF, users mentioned similar timeframes for deployment and setup., AWS WAF's customer service is consistently praised for being excellent and highly responsive. Users appreciate the knowledgeable support team who go above and beyond. On the other hand, F5 Advanced WAF's support has received positive feedback for their prompt and helpful assistance.
The summary above is based on 56 interviews we conducted recently with AWS WAF and F5 Advanced WAF users. To access the review's full transcripts, download our report.
"Their technical support has been quite good."
"The stability of AWS WAF is valuable."
"I believe the most impressive features are integration and ease of use. The best part of AWS WAF is the cloud-native WAF integration. There aren't any hidden deployments or hidden infrastructure which we have to maintain to have AWS WAF. AWS maintains everything; all we have to do is click the button, and WAF will be activated. Any packet coming through the internet will be filtered through."
"As a basic WAF, it's better than nothing. So if you need something simple out of the box with default features, AWS WAF is good."
"AWS WAF has a lot of integrated features and services. For example, there are security services that can be integrated very well for our customers."
"The simple configuration and the scalability have been most valuable. We are able to scale across all of our different AWS instances."
"The most valuable feature is the way it blocks threats to external applications."
"One common use case is using detection protection for enhancing security models in AWS. Another use case is implementing log analysis and response recovery procedures for email services."
"The product has valuable features for load balancing, monitoring tools, and HPXpress services."
"This solution is an enterprise-class firewall that provides both load-balancing and security."
"It's a fairly easy-to-use and user-friendly tool. My administrators and team also like its ability to customize the rules per the requirements."
"Good technology for mitigating different application attacks, e.g. DDoS, DNS, and layer seven attacks."
"There is no need to worry about updating signatures because WAF will automatically update the signatures for you."
"The most valuable features of F5 Advanced WAF are the balancer and you can change policies very easily."
"It also has antivirus and DDoS mitigation capabilities. We have enabled these features."
"One of the most valuable features is the Local Traffic Manager."
"When users choose the free service, there isn't great support available to them."
"We need more support as we go global."
"It is sometimes a lot of work going through the rules and making sure you have everything covered for a use case. It is just the way rules are set and maintained in this solution. Some UI changes will probably be helpful. It is not easy to find the documentation of new features. Documentation not being updated is a common problem with all services, including this one. You have different versions of the console, and the options shown in the documentation are not there. For a new feature, there is probably an announcement about being released, but when it comes out, there is no actual documentation about how to use it. This makes you either go to technical support or community, which probably doesn't have an idea either. The documentation on the cloud should be the latest one. Finding information about a specific event can be a bit challenging. For this solution, not much documentation is available in the community. It could be because it is a new tool. Whenever there is an issue, it is just not that simple to resolve, especially if you don't have premium support. You have pretty much nowhere to look around, and you just need to poke around to try and make it work right."
"They should work to define more threats, add more security, and make it more compliant with more security companies."
"We don't have much control over blocking, because the WAF is managed by AWS."
"The cost management has room for improvement."
"The price could be improved."
"In a future release of this solution, I would like to see additional management features to make things simpler."
"One area for improvement in the product is its SSO integration, which posed challenges and required significant effort to resolve."
"The overall price of F5 Advanced WAF could improve."
"The solution could improve by having an independent capture module. It has a built feature that you can deploy the capture on your published website. However, it's not very user-friendly. When you compare this feature to Google Capture or other enterprise captures, they are very simple. It needs a good connection to the F5 Advanced WAF sandbox. When you implement this feature in the data center, you may suffer some complications with connecting to the F5 Advanced WAF sandbox. This should be improved in the future."
"Its price should be better. It is expensive."
"The reporting portion of F5 Advance WAF is not great. They need to work out something better, as it is very basic. You only see the top IPs, I think there is more they can offer."
"F5 Advanced WAF could improve the reporting. It's a bit difficult to populate, them. If you're not so familiar with the functions, such as where to find the logs and other settings."
"For me, an area for improvement in F5 Advanced WAF is the reporting as it isn't so clear. The vendor needs to work on the reporting capability of the solution. What I'd like to see in the next release of F5 Advanced WAF is threat intelligence to protect your web application, particularly having that capability out-of-the-box, and not needing to pay extra for it, similar to what's offered in FortiWeb, for example, any request that originates from a malicious IP will be blocked automatically by FortiWeb. F5 Advanced WAF should have the intelligence for blocking malicious IPs, or automatically blocking threats included in the license, instead of making it an add-on feature that users have to pay for apart from the standard licensing fees."
"I would say their graphical interface, the GUI. I don't like the GUI as much as before."
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while F5 Advanced WAF is ranked 2nd in Web Application Firewall (WAF) with 55 reviews. AWS WAF is rated 8.0, while F5 Advanced WAF is rated 8.6. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of F5 Advanced WAF writes "Flexible configuration, reliable, and highly professional support". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, Imperva Web Application Firewall, Fortinet FortiWeb and Cloudflare Web Application Firewall, whereas F5 Advanced WAF is most compared with Fortinet FortiWeb, Microsoft Azure Application Gateway, Imperva Web Application Firewall, F5 BIG-IP Local Traffic Manager (LTM) and Prisma Cloud by Palo Alto Networks. See our AWS WAF vs. F5 Advanced WAF report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.