No more typing reviews! Try our Samantha, our new voice AI agent.

F5 Advanced WAF vs The Fastly Next-Gen WAF (powered by Signal Sciences) comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 1, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cloudflare Web Application ...
Sponsored
Ranking in Web Application Firewall (WAF)
7th
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
26
Ranking in other categories
No ranking in other categories
F5 Advanced WAF
Ranking in Web Application Firewall (WAF)
3rd
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
72
Ranking in other categories
No ranking in other categories
The Fastly Next-Gen WAF (po...
Ranking in Web Application Firewall (WAF)
33rd
Average Rating
7.6
Reviews Sentiment
4.8
Number of Reviews
4
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Web Application Firewall (WAF) category, the mindshare of Cloudflare Web Application Firewall is 4.0%, down from 5.8% compared to the previous year. The mindshare of F5 Advanced WAF is 4.1%, down from 8.5% compared to the previous year. The mindshare of The Fastly Next-Gen WAF (powered by Signal Sciences) is 1.1%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Web Application Firewall (WAF) Mindshare Distribution
ProductMindshare (%)
F5 Advanced WAF4.1%
Cloudflare Web Application Firewall4.0%
The Fastly Next-Gen WAF (powered by Signal Sciences)1.1%
Other90.8%
Web Application Firewall (WAF)
 

Featured Reviews

DB
CTO at PlayNirvana
Advanced security reporting has protected high-traffic betting platforms from constant attacks
I don't see room for improvement to Cloudflare Web Application Firewall. One thing I don't know much about because we have a dedicated IT team for that, and I'm not involved with Cloudflare much anymore. But if I were to compare them to F5, I would like to see more features that F5 offers. F5 has an option to bring the whole infrastructure, the whole WAF and all their packages, Bot Management, and everything else on your infrastructure. You need to install certain services from their side, and then you can choose if you would like requests to hit your servers immediately or if requests need to be proxied through F5 backbone. That would be a nice addition because we have 90% of the traffic as legit traffic coming from whitelisted servers. If it comes from whitelisted servers, I don't need to go every request through the backbone; I could easily just IP whitelist everything. Then I could maybe have Bot Management on my infrastructure that drastically reduces the price of Cloudflare. I would like to see Push CDN more improved in the next release of Cloudflare Web Application Firewall. And maybe something similar to Pushpin that Fastly has, which is an option where you can push messages that then can be scaled globally over the network. From our perspective, if we have a listener that listens for stock updates, I would just need to have one processor that pushes those updates to the Cloudflare API, and then Cloudflare would broadcast that message to all listeners. Cloudflare will check the order of the message, and if you, as a customer, are not connected or have some kind of network issue, when you reconnect, you will receive the latest state and missing updates.
reviewer2797602 - PeerSpot reviewer
Senior Security Systems Engineer at a tech services company with 11-50 employees
Granular security policies have protected critical applications and ensure safe user and admin access
Improvements could be made regarding the log information from the backend CLI. There are enhancements needed; if a request gets blocked on the TCP layer, there should be traces or data to verify which source generated these requests, including the source and port information for initiation. These data are missing from F5 Advanced WAF. Besides that, another improvement could be refining the bot detection to minimize false positives; it should be able to verify more granularly between legitimate and non-legitimate clients. Overall, I find everything else good. A wish list feature I have is for the Technical Assistance Center (TAC) to respond more promptly. Their response time needs improvement; while they do not take excessive time, it can be enhanced, especially given it is a security product.
reviewer2161107 - PeerSpot reviewer
Staff Engineer at a retailer with 1,001-5,000 employees
Room for improvement with user interface while competitive pricing impresses
It is managed through Infrastructure as Code, so all configurations can be managed in the code itself, which is beneficial. Because it uses rules, it is easy to set up, and we have many different sites where the configurations are straightforward. Though the UI is not very interactive, which is a downside, we can manage many things. The UI is not very intuitive and could be better. However, we manage all the configurations through code, which is easy to maintain. It has extensive anomaly detection capabilities, so the traffic is classified into several categories where thresholds can be defined and customized based on false positives and false negatives. This is advantageous because you do not need to tweak it very often. Once you set it up, an audit once a quarter would suffice. Because The Fastly Next-Gen WAF (powered by Signal Sciences) is API-driven, we have integrations with the CI/CD pipeline through GitHub Actions, making it easy to integrate.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The Cloudflare Web Application Firewall's most valuable feature is its ease of configuration."
"The initial setup process is simple."
"Caching is the most valuable feature of Cloudflare Web Application Firewall."
"The solution protects our application, which runs on the HTTP protocol, from DDoS attacks."
"Technical support has a very fast response time and they are helpful."
"The integration of Cloudflare with Cloud Suite is its most valuable feature."
"This solution does a good job of preventing web application attacks, SQL injections, and cross-site scripting attacks."
"I have not had any issues with this solution, and I would recommend it to others who are interested in using it."
"It protects and mitigates damage in the network."
"The most valuable feature of F5 Advanced WAF is its grand unity of the implementation, where you have the freedom to configure based on how it affects your use case or your organization. With the default setting of implicit deny, you can gradually start defining and deploying the tool to align with your environment, whether it is outdated, recent, or futuristic. This allows you to customize the solution to protect you from threat actors. You have the ability to define what the advanced threat act should do - whether it should alert, deny, or both - and it will deliver based on your configuration. Unlike other online solutions, F5 Advanced WAF provides flexibility to deliver to your unique environment the way you want."
"The most valuable feature of F5 Advanced WAF is its ability to mitigate attacks: DDoS and DNS, or layer seven application attacks, OWASP, and email."
"In terms of F5 Advanced WAF's most valuable features, I would definitely say its stability, as F5 is one of the most stable products and either as the load balancer or the web application firewall, it is very stable."
"The solution is stable."
"I appreciate the way F5 Advanced WAF builds policies by configuring a basic policy and queuing it in learning mode."
"F5 technical support is excellent. They are experts who always provide the right solution, and they understand the problem. Their response and resolution times are good."
"I like the security features, especially against SQL injection."
"When configuring a web application firewall using Signal Sciences, we configure a rule whereby no one except a few people can access the application."
"Fastly (Signal Sciences) integrates and tags the intermittent traffic based on patterns. It generates signals and provides them in a dashboard where we can view them and decide whether to allow or deny traffic. It's a more advanced and easy-to-navigate dashboard."
"Because The Fastly Next-Gen WAF (powered by Signal Sciences) is API-driven, we have integrations with the CI/CD pipeline through GitHub Actions, making it easy to integrate."
"The product's most valuable feature is its ability to set up the rules easily."
 

Cons

"The rate limiting functionality could be enhanced, as we find it somewhat limited."
"Its stability could be better."
"It would be ideal if the solution offered better log integration and more integration with different platforms."
"We have noticed some latency when the call goes through the firewall. That could be improved."
"They need to improve their support because getting a response for basic requests took around 48 hours, which is too long."
"I have experienced some difficulties with Cloudflare's support as a customer based in India."
"The solution's learning curve can still be further reduced"
"The notification part could be improved. It's very much connected to Web Application Firewall, rate-limiting, and DDoS protection."
"The DDoS capabilities should be enhanced."
"The solution's dashboard could be improved. When you're moving from policy to policy, the logs and the integration of the logs in other systems aren't straightforward."
"F5 Advanced WAF could improve on its funding for WAF features. There is a need to be more advanced WAF features."
"There is a learning curve that extends the time of implementation."
"The product could be more user-friendly for administrators."
"F5 Advanced WAF could improve the reporting. It's a bit difficult to populate, them. If you're not so familiar with the functions, such as where to find the logs and other settings."
"What needs to be improved in this solution is the accuracy of its automatic learning feature, because we frequently have to help it manually, particularly to stop blocking things it isn't supposed to block."
"More legacy protocols should be added to the solution."
"The areas that could be improved in Signal Sciences include the effectiveness of rules, as many didn't function optimally and required custom rule-writing to address bypasses for WAF."
"The UI is not very intuitive and could be better."
"Fastly don't support caching for China users. That's the only feature lacking compared to Akamai."
"Even if we create some custom rules, Signal Sciences cannot capture some of the malicious traffic."
 

Pricing and Cost Advice

"The solution is expensive."
"The solution's pricing option needs to be more transparent for enterprise clients."
"It starts at $20 and can easily go up to $200 monthly"
"What's my experience with pricing, setup cost, and licensing? I believe the pricing is not the best, but it's reasonable and acceptable. We also use the McAfee system in parallel. In terms of pricing, its okay - not great, but not bad either. It falls in the middle, which is acceptable. In terms of support licensing, last time, we were searching for a solution, and we considered products from resellers rather than directly from the cloud provider. However, the pricing we encountered was exceptionally high. As a result, we are inclined to select support from the reseller."
"Cloudflare offers different types of subscriptions for businesses, enterprises, and personal users, and the pricing is negotiable."
"We pay $210 per month for CloudFlare WAF."
"It is not too pricey."
"The pricing model is very straightforward compared to the competition. You just pay per month for the product and usage."
"There is an annual subscription for this solution."
"A yearly license for F5 Advanced WAF is expensive."
"It is expensive. Its price should be better. Its licensing is on a yearly basis. Its licensing is also based on the model. There are no additional costs."
"The price of the solution is reasonable when compared with other products, such as FortiWeb. I am very satisfied with the price."
"F5 Advanced WAF technical support comes at a cost, and it's expensive."
"There are various plans available for Fortinet FortiWeb Cloud WAF as a Service, including a trial version."
"The pricing of F5 Advanced WAF is more expensive than other solutions like Radware and CD18, it is quite high."
"The price of F5 Advanced WAF could improve it is expensive."
"The product has an affordable cost."
"The pricing is 50% less than Akamai."
"Signal Sciences is pretty cheap compared to other solutions."
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
904,054 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
17%
Financial Services Firm
9%
Comms Service Provider
9%
Manufacturing Company
7%
Financial Services Firm
16%
Computer Software Company
9%
Comms Service Provider
9%
Government
8%
Manufacturing Company
10%
Retailer
10%
Financial Services Firm
9%
Comms Service Provider
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business16
Midsize Enterprise6
Large Enterprise6
By reviewers
Company SizeCount
Small Business27
Midsize Enterprise16
Large Enterprise31
No data available
 

Questions from the Community

What needs improvement with Cloudflare Web Application Firewall?
I don't see room for improvement to Cloudflare Web Application Firewall. One thing I don't know much about because we...
What is your primary use case for Cloudflare Web Application Firewall?
We are using Cloudflare Web Application Firewall's advanced reporting and analytics tools with their Zero Trust, so e...
What is your experience regarding pricing and costs for F5 Advanced WAF?
F5 Advanced WAF is somewhat costly compared to other vendors, but it is worth the investment due to the stability it ...
What needs improvement with F5 Advanced WAF?
Improvements could be made regarding the log information from the backend CLI. There are enhancements needed; if a re...
What is your primary use case for F5 Advanced WAF?
My main use case for F5 Advanced WAF is to protect external and internal applications from cyber attacks and to preve...
What is your experience regarding pricing and costs for Signal Sciences?
The pricing is very competitive compared to other providers. The pricing is definitely a factor in our decision-makin...
What needs improvement with Signal Sciences?
We do use it, but the UI can be improved as we mostly work through the CI/CD. It provides support, but sometimes it i...
What is your primary use case for Signal Sciences?
The CDN is for caching and The Fastly Next-Gen WAF (powered by Signal Sciences) is for protecting the servers from ma...
 

Also Known As

Cloudflare WAF
No data available
Signal Sciences Next-Gen WAF, Signal Sciences RASP
 

Overview

 

Sample Customers

crunchbase, udacity, marketo, okcupid, zendesk
MAXIMUS, Vivo, American Systems, Bangladesh Post Office, City Bank
Chef, Adobe, Datadog, Etsy, GrubHub, Vimeo, SendGrid, Under Armour, Duo, AppNexus
Find out what your peers are saying about F5 Advanced WAF vs. The Fastly Next-Gen WAF (powered by Signal Sciences) and other solutions. Updated: June 2026.
904,054 professionals have used our research since 2012.