


Microsoft Azure Application Gateway and Azure Web Application Firewall compete in web application security and traffic management. Azure Web Application Firewall has the upper hand in security features, whereas Azure Application Gateway is preferred for traffic routing and load balancing.
Features:Azure Application Gateway provides URL-based routing, SSL termination, and WebSocket support, enhancing traffic management. Azure Web Application Firewall offers protection against SQL injection, cross-site scripting, and supports custom rules for strong security.
Room for Improvement:Azure Application Gateway could improve by simplifying the setup process, enhancing DDoS protection, and better API integration. Azure Web Application Firewall could benefit from expanded rule sets, more intuitive management dashboards, and improved real-time threat analysis.
Ease of Deployment and Customer Service:Azure Web Application Firewall boasts a straightforward deployment and easier integration with customer service due to its focus on security. Azure Application Gateway presents setup complexities but offers extensive traffic management support.
Pricing and ROI:Azure Application Gateway generally has lower setup costs, offering a moderate ROI focused on traffic management. Azure Web Application Firewall, though more expensive, delivers a higher ROI through advanced security features when dealing with high-risk threats.
My experience with the pricing or licensing of Cloudflare Web Application Firewall is that many features can be accessed for free, so the pricing is definitely reasonable.
Recently, they have been under serious attack with major exploits, such as Log4j, affecting Fortinet and Palo Alto, and even Cisco and VMware.
AI-based recommendations save on time and money.
Microsoft Azure Application Gateway significantly impacts our cost savings while maintaining higher performance.
If we can use a shared resource, then the return on investment is really nice.
We have seen a return on investment in terms of time-saving and cost-saving by not creating our own infrastructure.
I would rate the technical support with Cloudflare as excellent every time I've had to contact them.
The technical support of Cloudflare Web Application Firewall rates between five and seven at maximum.
They are good at troubleshooting and configuring things.
I am very satisfied with the response from Microsoft dedicated architects if it happens that I have to call for their support.
I reached out to their support, and they helped me resolve the issue effectively.
I would say they provide the best support for Application Gateway because they own the product, so their support is top-notch.
There is room for improvement, specifically in paid support, by providing more direct contact.
I would rate Microsoft support as good because they have a very skilled technical support team in the background
The scalability of Cloudflare Web Application Firewall rates between 8 to 9, as it depends upon the use cases and what exactly the client needs.
Some Azure applications, like the web application firewall, require a certain level of SKU for hosting setup.
For our company, Azure Web Application Firewall works effectively for scalability.
Microsoft Azure Application Gateway is a very scalable product.
It has the autoscaling feature, so there is not much concern around performance; it can scale significantly.
Microsoft Azure Application Gateway is a scalable solution.
The stability of Cloudflare Web Application Firewall deserves a perfect 10 out of 10.
Very rarely do I see any latency issues.
We have been using it for the past two to three years, and there have been good results with no problems so far.
The stability is good, and except for a few instances, I don't see the non-availability of Azure Cloud services.
The product can improve by having more multitenancy capability, which is currently not available.
I think they're doing a good job with DNS and as support for any domains that I create or that my clients create, it's mandatory for me to ensure they have Cloudflare as their DNS provider.
And maybe something similar to Pushpin that Fastly has, which is an option where you can push messages that then can be scaled globally over the network.
Upgrading the platform regularly is necessary for security, however, frequent updates every six months or year from Azure can be a maintenance overhead.
The pricing needs improvement, and I think for beginners it will be a little bit complicated, so the ease of use could be enhanced.
One feature I mentioned is the support for non-HTTPS protocols such as TCP, which could allow one endpoint for all kinds of protocols.
There is room for improvement in terms of support, such as assigning agents directly for more straightforward engagement.
In future releases of Microsoft Azure Application Gateway, I would like to see more AI functionalities and a better dashboard as well as some customizations.
It is even a lower cost compared to AWS and GCP.
Sometimes, when opting for a higher SKU, it's not the WAF itself that's costly but the additional requirements.
I would place Azure Web Application Firewall at an eight on a scale from one to 10, with one being cheap and 10 being expensive.
We would prefer to have it cheaper, but it is still expensive.
Azure solutions are quite expensive.
When it comes to pricing for Microsoft Azure Application Gateway, I would rate it a seven out of ten.
The custom rules and the geo-redundant geographical rule feature, which allows me to implement geographical rules for customers, add significant value.
The best features of Cloudflare Web Application Firewall are multiple, including the WAF, rate limiter, and bot attack protection.
Cloudflare Web Application Firewall's advanced reporting and analytics tools add a layer that we're able to visualize and see before it actually hits the local firewall.
With Microsoft, everything is within a single suite, making it easier to configure and plan.
It is almost impossible to access these assets from outside, requiring a very skilled attacker to obtain asset tokens of a customer using Azure.
It integrates effectively with things such as Sentinel and Defender for Cloud, so mostly it's the analytics and now the AI capabilities that have been introduced with Co-pilot.
We are using it for some of the security features for our applications, particularly for securing traffic in transit with SSL.
The Web Application Firewall (WAF) in Microsoft Azure Application Gateway has been very effective in protecting applications from security threats.
The gateway's Web Application Firewall feature enhances security as it is the first entry point to your network from the outside world.
| Product | Market Share (%) |
|---|---|
| Microsoft Azure Application Gateway | 5.4% |
| Cloudflare Web Application Firewall | 5.6% |
| Azure Web Application Firewall | 3.0% |
| Other | 86.0% |
| Company Size | Count |
|---|---|
| Small Business | 16 |
| Midsize Enterprise | 6 |
| Large Enterprise | 6 |
| Company Size | Count |
|---|---|
| Small Business | 6 |
| Large Enterprise | 12 |
| Company Size | Count |
|---|---|
| Small Business | 22 |
| Midsize Enterprise | 6 |
| Large Enterprise | 24 |
Cloudflare Web Application Firewall's intuitive dashboard enables users to build powerful rules through easy clicks and also provides Terraform integration. Every request to the WAF is inspected against the rule engine and the threat intelligence curated from protecting over 27 Million websites. Suspicious requests can be blocked, challenged or logged as per the needs of the user while legitimate requests are routed to the destination, agnostic of whether it lives on-premise or in the cloud. Analytics and Cloudflare Logs enable visibility into actionable metrics for the user.
Azure Web Application Firewall (WAF) provides centralized protection of your web applications from common exploits and vulnerabilities. Web applications are increasingly targeted by malicious attacks that exploit commonly known vulnerabilities. SQL injection and cross-site scripting are among the most common attacks.
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Traditional load balancers operate at the transport layer (OSI layer 4 - TCP and UDP) and route traffic based on source IP address and port, to a destination IP address and port.
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.