AWS WAF vs Fastly comparison

Read 7 Fastly reviews

1,162 Views
1,029 Comparison Views

100% willing to recommend

AWS WAF

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between AWS WAF and Fastly based on real PeerSpot user reviews.

Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed AWS WAF vs. Fastly Report (Updated: October 2024).

Download the complete report

AWS WAF vs. Fastly

October 2024

Helped 816,406 peers since 2012

Categories and Ranking

AWS WAF

Ranking in Web Application Firewall (WAF)

1st

Average Rating

8.0

Reviews Sentiment

8.0

Number of Reviews

Ranking in other categories

No ranking in other categories

Fastly

Ranking in Web Application Firewall (WAF)

18th

Average Rating

8.6

Number of Reviews

Ranking in other categories

CDN (6th), Distributed Denial of Service (DDOS) Protection (11th)

Mindshare comparison

As of November 2024, in the Web Application Firewall (WAF) category, the mindshare of AWS WAF is 13.7%, down from 15.4% compared to the previous year. The mindshare of Fastly is 1.5%, up from 1.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Web Application Firewall (WAF)

Featured Reviews

Rohit Kesharwani

Manager, Engineering at 7-Eleven.

A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks

Integrating AWS WAF with other AWS services in our infrastructure is fairly easy. There are different tools through which we can do it. AWS WAF is a fairly easy solution. Users need to build a few rules by themselves based on the vulnerability attack within the application. Overall, I rate the solution a nine out of ten.

Read full review

Nick Wilsdon

CEO at Torque

An easily scalable and stable product that provides exceptional support

The product should provide improved bot detection and management. The product should also provide support for code management. Everybody working in CDN is currently looking for ways to better manage code deployment with various authorization levels and synchronization with our lower environments. Matching up what's happening in CDN with what's happening on the origin regarding testing would always be useful.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"One common use case is using detection protection for enhancing security models in AWS. Another use case is implementing log analysis and response recovery procedures for email services."

"AWS WAF has a lot of integrated features and services. For example, there are security services that can be integrated very well for our customers."

"AWS WAF helps mitigate different kinds of bot attacks and SQL injection that happen within the retail industry."

"The stability of AWS WAF is valuable."

"AWS WAF acts as a barrier, analyzing HTTP communications between external users and web applications."

"The most valuable feature of AWS WAF is the extra layer of security that I have when connecting to my web applications."

"The customizable features are good."

"The product’s availability, ease of configuration, and documentation are valuable."

More AWS WAF pros

"Compute@Edge features are valuable to me."

"Support is good; the product works as advertised. We have a Slack connection with them. So we can basically ask for help, live, engage, and ring when they respond. Very quickly."

"The product helps our organization to access sites located in different regions quickly."

"Its initial setup process is straightforward."

"Fastly uses configuration versioning, where you can deploy a new version in less than one minute."

"Rate limiting is a good feature that protects from volumetric attacks."

"The product's initial setup phase is straightforward."

Cons

"It is sometimes a lot of work going through the rules and making sure you have everything covered for a use case. It is just the way rules are set and maintained in this solution. Some UI changes will probably be helpful. It is not easy to find the documentation of new features. Documentation not being updated is a common problem with all services, including this one. You have different versions of the console, and the options shown in the documentation are not there. For a new feature, there is probably an announcement about being released, but when it comes out, there is no actual documentation about how to use it. This makes you either go to technical support or community, which probably doesn't have an idea either. The documentation on the cloud should be the latest one. Finding information about a specific event can be a bit challenging. For this solution, not much documentation is available in the community. It could be because it is a new tool. Whenever there is an issue, it is just not that simple to resolve, especially if you don't have premium support. You have pretty much nowhere to look around, and you just need to poke around to try and make it work right."

"The solution can improve its price."

"The area of reporting in the product needs to have a proper format."

"The default content policy available in the tool is not very strong compared to the competitors."

"The product should improve the DDoS-related features."

"We should be able to do proper whitelisting."

"I believe there is a need to move towards real-time analysis with the help of AI and intelligent systems in the future. This would reduce the reliance on manual work and enhance the functionality of detection protection. By incorporating AI-driven data analysis and data science techniques, we can improve the solution's user-friendliness, security compatibility, and accuracy."

"The solution should identify why it blocks particular websites."

More AWS WAF cons

"Fastly's customer service area needs improvement."

"Stronger analytics would be helpful, like showing configurations that haven't served a certain amount of traffic in a while. With many properties, things can get lost track of - duplicates or unused configurations not properly decommissioned."

"Support is not that great."

"The product should provide improved bot detection and management."

"The solution's pricing could be better."

"What I don't like about Fastly is that they charge a heavy price."

"It is missing a "staging" platform to deploy a test configuration with all of the real settings, which would allow us to properly test before putting it into production."

Pricing and Cost Advice

"AWS WAF costs $5 monthly plus $1 for the rule. It's cheap, cost-wise. It's worth the money."

"The solution is affordable."

"The price is average."

"The product’s pricing is reasonable."

"I would rate AWS WAF's pricing a seven out of ten."

"The solution's cost depends on the use cases."

"It's an annual subscription."

"AWS WAF has reasonable pricing."

More AWS WAF pricing and cost advice

"It is an expensive solution."

"In my opinion, Fastly is priced competitively."

"The solution is cheaper than other products in the market."

"Fastly is less expensive than one of its competitors."

"You need to pay a premium price for the tool."

"I've generally found Fastly to be very competitive in pricing, especially around Compute@Edge."

"The pricing has been very competitive."

See which vendors are best for you

Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.

See recommendations

816,406 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

14%

Manufacturing Company

Government

Computer Software Company

17%

Financial Services Firm

10%

Comms Service Provider

10%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What are the limitations of AWS WAF vs alternative WAFs?

Hi Varun, I have had experienced with several WAF deployments and deep technical assessments of the following: 1. Imperva WAF 2. F5 WAF 3. Polarisec Cloud WAF Typical limitations on cloud WAF is t...

How does AWS WAF compare to Microsoft Azure Application Gateway?

Our organization ran comparison tests to determine whether Amazon’s Web Service Web Application Firewall or Microsoft Azure Application Gateway web application firewall software was the better fit ...

What do you like most about AWS WAF?

The most valuable feature of AWS WAF is its highly configurable rules system.

What do you like most about Fastly?

Support is good; the product works as advertised. We have a Slack connection with them. So we can basically ask for help, live, engage, and ring when they respond. Very quickly.

What is your experience regarding pricing and costs for Fastly?

You need to pay a premium price for the tool.

What needs improvement with Fastly?

What I don't like about Fastly is that they charge a heavy price. The pricing is different per region. If you have a customer who is international and has deployments in different regions, it is ve...

Azure Web Application Firewall vs AWS WAF

Comparisons

Compared 19% of the time

F5 Advanced WAF vs AWS WAF

Compared 14% of the time

Microsoft Azure Application Gateway vs AWS WAF

Compared 12% of the time

Cloudflare Web Application Firewall vs AWS WAF

Compared 8% of the time

Imperva Web Application Firewall vs AWS WAF

Compared 7% of the time

More AWS WAF Competitors

Cloudflare vs Fastly

Compared 18% of the time

Akamai vs Fastly

Compared 15% of the time

F5 Advanced WAF vs Fastly

Compared 11% of the time

Imperva Web Application Firewall vs Fastly

Compared 6% of the time

Azure Web Application Firewall vs Fastly

Compared 4% of the time

More Fastly Competitors

Product Reports

Download AWS WAF product report

AWS WAF

November 2024

Download Fastly product report

November 2024

Also Known As

AWS Web Application Firewall

No data available

Learn More

Amazon Web Services (AWS)

Overview

AWS Web Application Firewall (WAF) is a firewall security system that monitors incoming and outgoing traffic for applications and websites based on your pre-defined web security rules. AWS WAF defends applications and websites from common Web attacks that could otherwise damage application performance and availability and compromise security.

You can create rules in AWS WAF that can include blocking specific HTTP headers, IP addresses, and URI strings. These rules prevent common web exploits, such as SQL injection or cross-site scripting. Once defined, new rules are deployed within seconds, and can easily be tracked so you can monitor their effectiveness via real-time insights. These saved metrics include URIs, IP addresses, and geo locations for each request.

AWS WAF Features

Some of the solution's top features include:

Web traffic filtering: Get an extra layer of security by creating a centralized set of rules, easily deployable across multiple websites. These rules filter out web traffic based on conditions like HTTP headers, URIs, and IP addresses. This is very helpful for protection against exploits such as SQL injection and cross-site scripting as well as attacks from third-party applications.

Bot control: Malicious bot traffic can consume excessive resources and cause downtime. Gain visibility and control over bot traffic with a managed rule group. You can easily block harmful bots, such as scrapers and crawlers, and you can allow common bots, like search engines and status monitors.

Fraud prevention: Effectively defend your application against bot attacks by monitoring your application’s login page with a managed rule group that prevents hackers from accessing user accounts using compromised credentials. The managed rule group helps protect against credential stuffing attacks, brute-force login attempts, and other harmful login activities.

API for AWS WAF Management: Automatically create and maintain rules and integrate them into your development process.

Metrics for real-time visibility: Receive real-time metrics and captures of raw requests with details about geo-locations, IP addresses, URIs, user agents, and referrers. Integrate seamlessly with Amazon CloudWatch to set up custom alarms when events or attacks occur. These metrics provide valuable data intelligence that can be used to create new rules that significantly improve your application protections.

Firewall management: AWS Firewall Manager automatically scans and notifies the security team when there is a policy violation, so they can swiftly take action. When new resources are created, your security team can guarantee that they comply with your organization’s security rules.

Reviews from Real Users

AWS WAF stands out among its competitors for a number of reasons. Two major ones are its user-friendly interface and its integration capabilities.

Kavin K., a security analyst at M2P Fintech, writes, “I believe the most impressive features are integration and ease of use. The best part of AWS WAF is the cloud-native WAF integration. There aren't any hidden deployments or hidden infrastructure which we have to maintain to have AWS WAF. AWS maintains everything; all we have to do is click the button, and WAF will be activated. Any packet coming through the internet will be filtered through.”

Fastly helps the world’s most popular digital businesses keep pace with their customer expectations by delivering fast, secure, and scalable online experiences. Businesses trust Fastly’s edge cloud platform to accelerate the pace of technical innovation, mitigate evolving threats, and scale on demand.

Sample Customers

eVitamins, 9Splay, Senao International

Twitter, Airbnb, Alaska Airlines, Pinterest, Vimeo, The Guardian, The New York Times, Ticketmaster, The Drupal Association, Opera, about.com, imgur, Etsy, Foursquare, GitHub, New Relic, shopify, Shazam, Firebase