F5 Advanced WAF Reviews

We use the solution for load balancing and web application firewall (WAF) balancing. We operate in a data center and use it for web application security and services.

The solution provides strong web security, particularly against web attacks, and has effective bot detection that helps reduce bot attacks.

Web attack signatures are very important for detecting web attacks. The bot detection feature is also crucial in reducing bot attacks.

The product could be more user-friendly, particularly the user interface for administrators. Additionally, configuration can be quite complex and needs improvement to be less complex.

I've been using it for almost three years.

The product is very stable. From one to ten, I would rate its stability at a nine out of ten.

The solution is scalable. We use it for multiple customers and data centers, and I would rate its scalability as nine.

The customer service is good. That siad, sometimes it takes too long to reach the right person. I would rate their effectiveness as an eight.

Positive

I am familiar with Citrix NetScaler and F5.

The initial setup was not too challenging. Post-initial configurations can be complex.

Two to three engineers are typically involved in maintenance operations.

I don't know the exact pricing. It is not the cheapest yet not the most expensive. It depends on needs, budget, and vision.

I have experience with Citrix solutions.

I recommend this product to others.

I'd rate the solution eight out of ten.

We use this solution for web application protection. The solution offers layer seven protection of the applications and can be configured against attacks.

There are a lot of good features.

I would like for there to be a cloud-based solution, this would also help to improve scalability.

I have been using this solution for about a year or so.

This solution is quite stable.

Scalability is limited since it is an on-premise solution. You will have to size your box properly, based your throughput and capacity. Our company uses it to protect all traffic of out 5.5 thousand users and we have plans to expand the usage.

Support was helpful when we reached out.

We used Kona Defender and Akamai Web Application Firewall for about a year prior to using F5. The main reason that we switched was due to costs.

The initial setup was rather complex taking a lot of time and information to be configured. We have two administrators for maintenance. 

Our consultant was able to help us integrate the solution in a day or two.

There is a perpetual license that comes with your hardware. There is also an additional fee for support.

When you choose to go with F5, be sure to size your box properly so that the capacity is taken care of. From there, you will be able to easily configure the platform to provide you with a lot of value. Overall, I would rate the solution a seven out of ten.

The anti-bot protection has been the most valuable.

I think the deployment template can be better, like the iApps they have in the F5 MPM. I think the deployment templates can be better.

The solution is pretty stable.

The technical support is very good. I'm using the F5 technical support, maybe once a quarter. Something like three to five times a year. When I find a bug then I post them to their forum because I'm using it a lot. I can find the bugs. But its very good support.

The initial setup was very simple. The initial setup is done by the machine. The ASM HS, the WAF itself, not the deployment of the application. So it was very simple, I am working with VIP for almost a full year. Something like ninety percent of my activities are F5 related. I specialize in F5 now and everything in F5 is very, very simple.

I'm an integrator.

I think the price is very high. This is what I hear from the customers. Sometimes we cannot sell the product because it is a higher price.

I evaluated a few other options. Kemp, for example, but Kemp is not a WAF it's a load balancer, it's for another model of the F5 so its not related to do WAF. And we're speaking about the WAF. 

I would recommend this solution. It would be the best solution for WAF.

I think the dashboard can be improved. When you move from the policy to policy, the logs and the integration of the logs are without a system. Maybe make it like other SIEM systems and system servers like Splunk. They do have a lot of training videos and manuals. This helps. But not really about integration or feature improvement.

I would rate this solution a ten out of ten.

F5 is a web application firewall and load balancer. 

The primary use case of this solution is for data protection and security.

I like all of the features, but the main one is the attack signatures.

If they could separate the control plane from the data plane, it would give us more flexibility, especially with the Hyper Cloud. This could be the reason they purchased NGINX.

They have released the first production release but they are not there yet. It would be good to have this separation in the near future.

Also, automation on the cloud is not easy. It's a bit of a job, and it doesn't auto-scale very well.

They need to work on the BIG-IQ, which is centralized management. There are too many devices. Managing them individually is inconvenient. Essentially, BIG-IQ is supposed to centralize the management for all of the boxes but it's not very effective.

I have been using this solution for more than five years.

The stability is very good.

There is no solution that is bug-free, but when comparing it with other vendors, I would say that F5 is less buggy than the others.

The scalability is an issue at the moment, which is the reason they need to separate the control plane from the data plane.

We are using this solution daily. It runs 24/7.

The technical support is very good. They are knowledgeable and helpful.

The initial setup was simple and it took an hour to deploy.

This solution does not require a lot of maintenance but we need to do the patching regularly.

We do the implementation but at times we get consultations from F5.

It's more expensive than other solutions and depending on the modules, there can be additional fees.

If I would compare F5 with other solutions, the main differences are the support and the stability of the code, it has fewer bugs.

For on-premises deployments I would recommend F5, but for the cloud, it would be questionable.

I would rate this solution a seven of ten.

We primarily use the solution to protect web and API applications. You can choose either web classic or API to protect against different types of attacks.

With Advanced WAF protection, F5 was able to protect multiple kind of Web Application, supporting both HTTP & API protocols access

There are two main features that we love on F5.

The first is the hardware itself. It's extremely stable and reliable. We never face any issues with it and performance is never affected. 

The second is the features on offer. Feature-wise, they are always cutting edge and up-to-date. Many features aren't available via competitors. There's always a lot of enhanced critical features that just aren't available through anyone else, or, if they are, are too lightweight. They're the leaders in the space.

We usually use a third-party tool for logging and reporting. It would be nice if we could do that right on this solution. They have one, but it's not very stable. Logging and reporting effectively would be a big enhancement.

The solution still needs some development to handle more traffic, especially in huge environments. In small environments, it's not an issue. 

I've bee using the solution for more than ten years.

The solution is extremely stable and robust. There are no issues with bugs or glitches. It doesn't crash or freeze. It's great. The stability is a huge selling feature.

It's scalable. There's always options to upgrade the hardware. Any hardware you buy from a store, you have the basic model and the upgraded model. For example, if you buy the 4600 appliance, you can upgrade up to 4800. You get double specs for everything, so you can just upgrade the license of the hardware. However, hardware eventually has a limitation. If you buy too small of a size of hardware, eventually there's some development limitations for the hardware. You can, however, do a cluster. You can add multiple hardware devices. This makes it very scalable.

The solution is not user-based. It's more connection-based, so there's no limitation on the number of users. It's more of a limitation on total throughput or total connection. Limitations depend on the application and how much traffic it generates. We've seen it in Telco environment where there's more than millions of users. We've also seen it do well with online banking where there are thousands of users. Small companies can use it too. It can vary, however, we've seen it in millions of users at Telco.

Technical support is great. We always open tickets. They're always very fast and very professional, and they always solve the issues. We're extremely satisfied with the level of support we receive.

If you want to do the basic installation and get the system up and running, then it's pretty straightforward. However, you have the flexibility to go very advanced and you can get into very complicated scenarios. That's what we like about the solution. There's a lot of use cases where you're required to have the ability to create some advanced features or some complicated scenarios. It gives you the capabilities to handle them.

You have the flexibility to go beyond that and have advanced scripting rules and advanced features in order to have more capability to do new things that are not as common. You need to have the space to improvise things if you need to.

While a straightforward deployment may only take a few hours, as it has a pre-defined rough template, there's always tuning to be done. It's a security product. It's not like it's plug-and-play. There's always a learning phase and tuning is necessary. This is common with any security product. That said, to get it up and operational, it's a matter of hours.

For a proper work deployment, to be frank, you need an ether professional because there's an ether configuration change. You also need a security professional to do the rules and policies and everything. Then, you need the involvement of the web application developer, so you can understand the content of the web application. Security people don't know which link is good and which link is bad inside the application. Usually, you need three people from the team - one each from network, security, and application - to have a proper deployment.

We're an integrator.

We have a big customer base, therefore we always have to be up to date with the latest versions. We feed to constantly look at things so that we know the new features.

I highly recommend the solution to other companies. F5 has a huge portfolio of plug-ins. You can add it to the top of the web. On the same appliance, you can have your balancer, you can have your application authentication, and those things that turn on. You can have multiple other features on the same hardware. It is definitely a technology that adapts. I can use the application in different ways beyond just security.

On a scale from one to ten, I'd rate it at a perfect ten.

We use F5 Advanced WAF to protect our web applications.

What I found most valuable in F5 Advanced WAF is its automatic policy feature.

What needs to be improved in this solution is the accuracy of its automatic learning feature, because we frequently have to help it manually, particularly to stop blocking things it isn't supposed to block.

The technical support for F5 Advanced WAF, though fast and accurate, is costly. The cost could be improved.

I find F5 Advanced WAF a very stable solution.

The scalability of F5 Advanced WAF is very good.

The technical support for this tool is fast and accurate, but it's expensive.

The initial setup for F5 Advanced WAF was straightforward.

We are the integrator and reseller, so we deployed the solution in-house.

F5 Advanced WAF technical support comes at a cost, and it's expensive.

I'm using the latest version of F5 Advanced WAF: version 16.0.

We don't only use this solution for ourselves, as we also have some customers we implemented it for, because we are a reseller.

Deployment of F5 Advanced WAF took two to three days.

The advice I'd like to give to people who are looking into implementing this product is for them to read the documentation. It's all there.

I'm rating F5 Advanced WAF eight out of ten.

The anti-bot protection is the solution's most valuable feature. Safe-guard or credential staffing are also useful features.

The templates of the iApps could be better.

The solution's dashboard could be improved. When you're moving from policy to policy, the logs and the integration of the logs in other systems aren't straightforward.

The solution has a lot of training material, but not about integration in a virtual improvement. They should create more documentation around this for users. 

The solution is stable.

Technical support is very good. I only use it four ot five times a year. If I find any bugs I post it to their file. It's very good support. They offer excellent service.

The initial setup was very simple. It was just for the machine: the ASM port and the WAF itself, not the deployment of the appliance, which is why it was easy.

I'm an integrator, so I help implement the solution for clients.

The pricing of the solution is very high.

Before selecting this solution, we looked at Kemp. We were concerned with the WAF, which is why we decided not to go with Kemp.

We're using several versions of the solution; anything between versions 12 to 14.

I would recommend the solution. It's the best option for WAF, at least in the last year or so.

I would rate the solution ten out of ten.

In general, the web interface is not really catchy. It's very powerful, very customizable, but it doesn't have a very nice GUI interface for a new adopter. For them, they'd have to do a lot of configuring. At least the reporting and monitoring parts, let's say, to be honest, should have a better interface. A few other products have very nice dashboards, out of the box, and F5 is not that friendly to use.

Also, when you buy WAF, you have to buy another module called APM to do authentication. You have to buy another module with an extra license, to have the authentication feature. Other vendors have it interwoven. For example, I don't know if Barracuda has it, but Citrix has it under the same license. So maybe add authentication functionality in the AOS license, and not separate.

The stability is perfect. 10 out of 10. We've not had any trouble with any deployment ever. And they are very big deployments: service providers, TelCos, banking, everywhere. Even on distant parts of the network, we have not had any kind of performance issues. Of course, as long as the sizing is within the appliance performance range. But it never has had a failure in performance or degradation of service or anything like this, as long as the full-time traffic is within the box capability, we've never had an issue.

It's scalable. 

We are a partner for F5, or a system integrator, not the client. So we do the implementation for other companies. I've been working with F5 for more than 10 years, so I know them very well. 

I like them because I like the security solution. They get extra marks compared to other solutions or competitors. There are more features than any other product I can think of. They're always monitoring, and the security features offer more than other, lesser products.

I would rate this solution 10 out of 10.