F5 Advanced WAF vs The Fastly Next-Gen WAF (powered by Signal Sciences) comparison

"F5 Advanced WAF offers features not available in other products."

"It also has antivirus and DDoS mitigation capabilities. We have enabled these features."

"The solution isn't too expensive. The license allows you to license what you need and leave out what you don't need."

"The most valuable feature of F5 Advanced WAF is its grand unity of the implementation, where you have the freedom to configure based on how it affects your use case or your organization. With the default setting of implicit deny, you can gradually start defining and deploying the tool to align with your environment, whether it is outdated, recent, or futuristic. This allows you to customize the solution to protect you from threat actors. You have the ability to define what the advanced threat act should do - whether it should alert, deny, or both - and it will deliver based on your configuration. Unlike other online solutions, F5 Advanced WAF provides flexibility to deliver to your unique environment the way you want."

"The bot defense capability, as well as protection from brute force attacks and OWASP Top Ten, are notable features."

"WAF functionality is valuable for protecting applications from attacks."

"In terms of F5 Advanced WAF's most valuable features, I would definitely say its stability. F5 is one the most stable products. Either as the load balancer or the web application firewall, it is very stable."

"The product has valuable features for load balancing, monitoring tools, and HPXpress services."

"When configuring a web application firewall using Signal Sciences, we configure a rule whereby no one except a few people can access the application."

"The product's most valuable feature is its ability to set up the rules easily."

"Because The Fastly Next-Gen WAF (powered by Signal Sciences) is API-driven, we have integrations with the CI/CD pipeline through GitHub Actions, making it easy to integrate."

"Fastly (Signal Sciences) integrates and tags the intermittent traffic based on patterns. It generates signals and provides them in a dashboard where we can view them and decide whether to allow or deny traffic. It's a more advanced and easy-to-navigate dashboard."

"The interface is old-looking, it's not modern, which is why it's not always comfortable to use."

"I would like to see improved features in the F5 Advanced WAF solution, especially with a focus on enabling Kubernetes fully."

"You have to buy another module with an extra license, to have the authentication feature."

"It should be a little bit easy to deploy in terms of the overall deployment session. One of our customers is a bit unhappy about the reporting options. Currently, it automatically deletes event logs after some limit if a customer doesn't have any external Syslog server. It is a problem for those customers who want to review event logs after a week or so because they won't get proper reports or event logs. They should increase the duration to at least a month or two for storing the data on the device. F5 is not a leader in Gartner Quadrant, which affects us when we go and pitch this solution. Customers normally go and take a look at such annual reports, and because F5 is currently not there as a leader, the customers ask about it even though we are saying it is good in all things. F5 is not known for something totally different or unique. They were a major player in ADP, and they are just rebranding themselves into security. They should improve or increase their marketing as a security company now. They have already started to do that, but they should do it more so that when it comes to security, customers can easily remember F5. At the moment, if we say F5, load balancing comes to mind. With rebranding and marketing, all customers should get the idea that F5 is now mainly focusing on the security part of it, and it is a security company instead of load balancing. This is the first solution that should come to a customer's mind for a web application firewall."

"Initially, policy tuning could be simpler, as while the learning engine is powerful, initial tuning still requires experienced engineers, which can be challenging for new teams due to the complexity of options and parameters."

"The solution is tedious. It takes a lot of discrete settings so one needs to get detailed and granular when they use the solution. It takes you a whole lot of energy and concentration to configure. It needs to be much more straight-forward, like other web solutions."

"More legacy protocols should be added to the solution."

"Users would like to have an additional IP intelligence license to handle this within WAF itself without needing to engage with the SOC team."

"The areas that could be improved in Signal Sciences include the effectiveness of rules, as many didn't function optimally and required custom rule-writing to address bypasses for WAF."

"The UI is not very intuitive and could be better."

"Even if we create some custom rules, Signal Sciences cannot capture some of the malicious traffic."

"Fastly don't support caching for China users. That's the only feature lacking compared to Akamai."

"I rate F5 Advanced WAF's pricing a three out of ten."

"I am not sure about pricing but licenses are available on Google."

"The price of the solution is reasonable when compared with other products, such as FortiWeb. I am very satisfied with the price."

"It is a little bit costly, but it has all the features that are required."

"There are different licenses available to use F5 Advanced WAF, such as BT, ASM, and LPM."

"The solution is very expensive so should only be used in the right environment."

"I would rate the pricing as seven out of ten"

"The pricing for F5 Advanced WAF is comparable to a Rolls-Royce. Its price is a bit high when you compare it with other vendors. F5 Advanced WAF is a bit expensive. The customer was on a three-year plan and it was around $560,000."

"Signal Sciences is pretty cheap compared to other solutions."

"The product has an affordable cost."

"The pricing is 50% less than Akamai."