F5 Advanced WAF Reviews

The most valuable features of F5 Advanced WAF are SSL uploading, signature, and anomaly detection. It is overall a high-quality solution.

The solution could improve by having an independent capture module. It has a built feature that you can deploy the capture on your published website. However, it's not very user-friendly. When you compare this feature to Google Capture or other enterprise captures, they are very simple. It needs a good connection to the F5 Advanced WAF sandbox. When you implement this feature in the data center, you may suffer some complications with connecting to the F5 Advanced WAF sandbox. This should be improved in the future.

I have been using F5 Advanced WAF for approximately 10 years. This includes my experience when the solution was  formerly named Advanced Security Module(ASM).

F5 Advanced WAF is an extremely stable solution.

I have found F5 Advanced WAF scalable.

Technical support is handy and useful when you have your contract available. Once you lose it, you are all alone and there is a penalty to extend your subscription.

I have used FortiWeb previously.

These products are not meant to be compared, because they are serving in different areas of expertise. When you are low on budget, it's better to use the FortiWeb. When you have a budget and want quality, it's most recommended to use the F5 Advanced WAF. We are talking about different classes of quality.

When you are using the F5 Advanced WAF for any reason, you have to employ an expert. It's not the same as other solutions, such as FortiWeb, it is not easy to use. It's an advanced device, and you have to have an advanced person to operate it. This is the biggest problem that F5 Advanced WAF.

The price of the solution is reasonable when compared with other products, such as FortiWeb. I am very satisfied with the price.

My advice to those wanting to implement F5 Advanced WAF is they will need to have an expert on any stage of operation. Then once they decide to use the F5 Advanced WAF they have to have very good expert advisors for choosing the product because there are a variety of license options, and you may spend more than what you need. 

In the implementation stage, you have to have experts. At least three experts for the implementation phase. When it comes to the operation, you can't have a temporary expert that comes and goes, you have to have the F5 Advanced WAF expert in your company. It's an advanced device. It's completely different from the FortiWeb and the other devices. It gives you lots of options but it's complicated to implement. You have to have an expert to support you.

I rate F5 Advanced WAF an eight out of ten.

I use F5 Advanced WAF to secure web applications and load balance for connectivity.

F5 Advanced WAF secures our connectivity and combines both the main functions of WAF (balancing and web application security).

F5 Advanced WAF's best feature is that it's a combination of LTM and ASM in one license.

It's sometimes difficult to customize APIs with F5 Advanced WAF, which could be made easier.

I've been using F5 Advanced WAF for three-and-a-half years.

F5 Advanced WAF is stable.

I previously used FortiWeb, but after comparison, I preferred F5.

The initial setup was moderate, and I would rate my experience as four out of five. Deployment took a month because we had to put it in learning mode, customize policies, and get the security signature.

We used a third-party team.

A yearly license for F5 Advanced WAF is expensive. I would rate the pricing at two out of five.

I would give F5 Advanced WAF a rating of nine out of ten.

We use the solution to secure web applications running in the organization.

F5 is one of the best products. We use it for multiple segments within our organization and applications. It is a central point of all the applications being scrubbed and checked.

The customer service could be improved.

I have been using F5 Advanced WAF for more than ten years.

The product is stable.

I rate the solution’s stability a seven out of ten.

The solution is scalable.

Our entire organization and clients use the solution.

The initial setup is easy since I have used the technology for almost 20 years. Some applications require more attention depending on what you are doing and trying to achieve with the particular module. You need some assistance from the team in configuring the different components within the application through the web.

The solution is worth the money that you spend.

The solution is expensive.

Whatever you are looking for can be done on the platform. Some features may not be available with IO components. A few features give you the flexibility that no other product can.

Overall, I rate the solution an eight out of ten.

We use this solution for web application protection. The solution offers layer seven protection of the applications and can be configured against attacks.

There are a lot of good features.

I would like for there to be a cloud-based solution, this would also help to improve scalability.

I have been using this solution for about a year or so.

This solution is quite stable.

Scalability is limited since it is an on-premise solution. You will have to size your box properly, based your throughput and capacity. Our company uses it to protect all traffic of out 5.5 thousand users and we have plans to expand the usage.

Support was helpful when we reached out.

We used Kona Defender and Akamai Web Application Firewall for about a year prior to using F5. The main reason that we switched was due to costs.

The initial setup was rather complex taking a lot of time and information to be configured. We have two administrators for maintenance. 

Our consultant was able to help us integrate the solution in a day or two.

There is a perpetual license that comes with your hardware. There is also an additional fee for support.

When you choose to go with F5, be sure to size your box properly so that the capacity is taken care of. From there, you will be able to easily configure the platform to provide you with a lot of value. Overall, I would rate the solution a seven out of ten.

I was working in sales. We would provide more corporate products. I am not implementing or deploying this solution. I would sell it for projects in the enterprise direction, but it was mostly for financial institutions and some government companies.

It usually used for e-commerce and financial services. Products that banks provide to their customers. It also offers protection of the services.

It is easy to use, and it's also easy to configure. 

The most valuable feature is that it is secure.

The interface is old-looking, it's not modern, which is why it's not always comfortable to use.

I would hope that they provide some updates sooner rather than later.

I have used F5 Advanced WAF for three months in the last year.

We were using the latest version and we update on a regular basis.

It's a very stable solution.

This is a scalable product.

Our customers are in the banking system and we have approximately 200 to a few thousand customers.

We have official support from the distribution channel. One of our distributors is in Ukraine.

They have their own support definition provided with some certifications who are responsible for providing support at the vendor level.

We usually ask for their support and they provide it to us.

Previously, we used BIG-IP and we used Web Application Firewall.

I was not involved in the installation.

I am currently working on a B2C channel, which is more for retail companies.

I have also been working with Apple company for a little bit more than a month.

I am working with all-in-one products with all services included.

I would recommend this solution to others who are interested in using it. It's not popular in our country but it's unique in itself. There are some segments that became more important on a regular basis, especially for large companies and enterprise segments.

It's a secure product. I would rate F5 Advanced WAF an eight out of ten.

We are a PPS payment providing services company in banking, so, we are using it for that. We are banking company and we are using it as a web application firewall.

We have an SOC, and for collecting logs we are also using the F5 logs to analyze the securities and events. So having a central log management and F5 really helped us to analyze the security logs. It also helps with blocking the attacks on web applications.

Everything is good about the F5 WAF, except the reporting. It's really difficult to set records from that device, the UI is kind of hard to work with, and the reporting must be improved.

As a suggestion to the F5 company, they have to put in shells to have the next generation WAF. So, instead of buying different modules and different hardware and appliances, they can offer an all-in-one solution for WAF.

The initial setup was was easy to install. Our department wasn't installing it, the infrastructure department installed it, so we gave them the policy that we wanted to use.

Because of the sanctions, we couldn't buy it straight from the US, so we bought it from an Iranian company. They provided us that solution. The company that sold us the device also had some people to consult with us to give us best practices from the previous companies that installed it.

I think it's a good product but the F5 uses shells, so the people who want to work with the device have to be pro in Linux. If they can put everything in the UI so every regular security engineer can work with it, it's fabulous.

I would rate the solution 8 out of 10. We are concerned about the other factors but it's actually not F5 company's fault. The pricing is really high here right now because of the dollar rate but it has nothing to do with the F5, it's because of the sanctions I imagine. At the moment it's a really expensive solution for us, not only F5 but the other appliances. 
If I went to another company, and the other company hired me, I would suggest they use this device. Although we don't have a lot of options to choose from around here.

We are using F5 Advanced WAF to defend against web application attacks.

The most valuable features of the F5 Advanced WAF are the enhanced ASM and the performance. Additionally, the usability and effectiveness are very good.

F5 Advanced WAF could improve on its funding for WAF features. There is a need to be more advanced WAF features.

I have been using F5 Advanced WAF for several years.

My advice to others is F5 Advanced WAF is a powerful WAF for many years in the market, and it has powerful security features.

F5 Advanced WAF is a stable solution.

I have found that F5 Advanced WAF is scalable but there is a limit.

We have hundreds of people using this solution in my organization.

I have not used the support from F5 Advanced WAF.

The initial setup of F5 Advanced WAF is straightforward, but the process is lengthy.

We did the deployment of F5 Advanced WAF in-house. We have a team that's always ready and aligned with the process of maintaining F5 Advanced WAF.

There are different licenses available to use F5 Advanced WAF, such as BT, ASM, and LPM.

I rate the price of F5 Advanced WAF a four out of five.

I rate F5 Advanced WAF an eight out of ten.

F5 is a web application firewall and load balancer. 

The primary use case of this solution is for data protection and security.

I like all of the features, but the main one is the attack signatures.

If they could separate the control plane from the data plane, it would give us more flexibility, especially with the Hyper Cloud. This could be the reason they purchased NGINX.

They have released the first production release but they are not there yet. It would be good to have this separation in the near future.

Also, automation on the cloud is not easy. It's a bit of a job, and it doesn't auto-scale very well.

They need to work on the BIG-IQ, which is centralized management. There are too many devices. Managing them individually is inconvenient. Essentially, BIG-IQ is supposed to centralize the management for all of the boxes but it's not very effective.

I have been using this solution for more than five years.

The stability is very good.

There is no solution that is bug-free, but when comparing it with other vendors, I would say that F5 is less buggy than the others.

The scalability is an issue at the moment, which is the reason they need to separate the control plane from the data plane.

We are using this solution daily. It runs 24/7.

The technical support is very good. They are knowledgeable and helpful.

The initial setup was simple and it took an hour to deploy.

This solution does not require a lot of maintenance but we need to do the patching regularly.

We do the implementation but at times we get consultations from F5.

It's more expensive than other solutions and depending on the modules, there can be additional fees.

If I would compare F5 with other solutions, the main differences are the support and the stability of the code, it has fewer bugs.

For on-premises deployments I would recommend F5, but for the cloud, it would be questionable.

I would rate this solution a seven of ten.