F5 Advanced WAF Reviews

In general, the web interface is not really catchy. It's very powerful, very customizable, but it doesn't have a very nice GUI interface for a new adopter. For them, they'd have to do a lot of configuring. At least the reporting and monitoring parts, let's say, to be honest, should have a better interface. A few other products have very nice dashboards, out of the box, and F5 is not that friendly to use.

Also, when you buy WAF, you have to buy another module called APM to do authentication. You have to buy another module with an extra license, to have the authentication feature. Other vendors have it interwoven. For example, I don't know if Barracuda has it, but Citrix has it under the same license. So maybe add authentication functionality in the AOS license, and not separate.

The stability is perfect. 10 out of 10. We've not had any trouble with any deployment ever. And they are very big deployments: service providers, TelCos, banking, everywhere. Even on distant parts of the network, we have not had any kind of performance issues. Of course, as long as the sizing is within the appliance performance range. But it never has had a failure in performance or degradation of service or anything like this, as long as the full-time traffic is within the box capability, we've never had an issue.

It's scalable. 

We are a partner for F5, or a system integrator, not the client. So we do the implementation for other companies. I've been working with F5 for more than 10 years, so I know them very well. 

I like them because I like the security solution. They get extra marks compared to other solutions or competitors. There are more features than any other product I can think of. They're always monitoring, and the security features offer more than other, lesser products.

I would rate this solution 10 out of 10.

We use the product for load-balancing purposes.

The product has valuable features for load balancing, monitoring tools, and HPXpress services.

They could provide better pricing.

We have been using F5 Advanced WAF for a year.

I rate the product's stability an eight out of ten. 

The product is highly scalable. It is suitable for enterprise businesses. I rate its scalability an eight out of ten.

I rate the initial setup process a seven out of ten.

I rate F5 Advanced WAF's pricing a three out of ten.

I rate F5 Advanced WAF an eight out of ten.

We use the solution to secure web applications running in the organization.

F5 is one of the best products. We use it for multiple segments within our organization and applications. It is a central point of all the applications being scrubbed and checked.

The customer service could be improved.

I have been using F5 Advanced WAF for more than ten years.

The product is stable.

I rate the solution’s stability a seven out of ten.

The solution is scalable.

Our entire organization and clients use the solution.

The initial setup is easy since I have used the technology for almost 20 years. Some applications require more attention depending on what you are doing and trying to achieve with the particular module. You need some assistance from the team in configuring the different components within the application through the web.

The solution is worth the money that you spend.

The solution is expensive.

Whatever you are looking for can be done on the platform. Some features may not be available with IO components. A few features give you the flexibility that no other product can.

Overall, I rate the solution an eight out of ten.

I was working in sales. We would provide more corporate products. I am not implementing or deploying this solution. I would sell it for projects in the enterprise direction, but it was mostly for financial institutions and some government companies.

It usually used for e-commerce and financial services. Products that banks provide to their customers. It also offers protection of the services.

It is easy to use, and it's also easy to configure. 

The most valuable feature is that it is secure.

The interface is old-looking, it's not modern, which is why it's not always comfortable to use.

I would hope that they provide some updates sooner rather than later.

I have used F5 Advanced WAF for three months in the last year.

We were using the latest version and we update on a regular basis.

It's a very stable solution.

This is a scalable product.

Our customers are in the banking system and we have approximately 200 to a few thousand customers.

We have official support from the distribution channel. One of our distributors is in Ukraine.

They have their own support definition provided with some certifications who are responsible for providing support at the vendor level.

We usually ask for their support and they provide it to us.

Previously, we used BIG-IP and we used Web Application Firewall.

I was not involved in the installation.

I am currently working on a B2C channel, which is more for retail companies.

I have also been working with Apple company for a little bit more than a month.

I am working with all-in-one products with all services included.

I would recommend this solution to others who are interested in using it. It's not popular in our country but it's unique in itself. There are some segments that became more important on a regular basis, especially for large companies and enterprise segments.

It's a secure product. I would rate F5 Advanced WAF an eight out of ten.

I use F5 for on-premises infrastructure to provide protection.

The most valuable features of this solution are the WAF protection, Data Safe, and the seven-layer DDoS.

I would like to see the API Protection improved.

I have been using F5 Advanced WAF for two years.

We are using the latest version.

It's a stable product. We have no issues with the stability of the F5 Advanced WAF.

We have not yet tried to scale with this solution. We have increased by 15% to 20%. 

There are approximately 100 people in our company who use this solution.

I have contacted technical support several times. They have support consultants to provide help with your cases. I have received advice from them when I have tried to build new systems.

Overall, the technical support is excellent.

I am using it on my personal account on Google Cloud. It is used with cloud solutions. I use Google, Gmail, and Google Drive.

I was not a part of the initial setup.

The solution does not require any maintenance.

This solution was installed by a third party. It may have been the reseller.

I don't have any issue with the pricing of this solution. I am only involved with the technical portion of it.

I am not sure about recommending solutions.

I would rate F5 Advance WAF a nine out of ten.

We are a system integrator and we design solutions for our customers. We provide all kinds of networking solutions, as well as security, and we are sometimes responsible for the integration as well.

We are partners with F5 and this is one of the solutions that we provide to our clients.

Our customers are organizations, including government departments, who use their firewall for load-balancing purposes. However, for some time now, they have wanted to add an additional layer of security, which is why they implement this solution.

We normally propose the on-premises deployment model to our customers.

This solution is an enterprise-class firewall that provides both load-balancing and security.  Once it's deployed, it works smoothly and without issue.

I would like to see the pricing of this solution improved. There are a lot of other products that are trying to compete with this solution, and there are a few now that are very good. I know that F5 doesn't always worry about the pricing because of the branding, but if they want to capture more of the market then they need to consider that not everybody thinks about the brand. Some are concerned with the price, and some of the competitors offer solutions at a lower cost. While it is true that price is only one of the things that people consider, it is one of the major factors that can cause them to lose the battle to a competitor.

This solution can be made more user-friendly.

This is an enterprise-class product, and as long it is deployed properly it is quite stable. We have not had any issues post-deployment. This is one of the reasons that customers are paying for F5.

This is a very scalable solution.

Technical support for this solution is good. We have had a couple of tickets, and it was pretty good.

The complexity of the initial setup is on a case-by-case basis.

If the customer is primarily interested in load-balancing then it is straightforward and it takes a few days. Once the customer is ready with all of their information, it doesn't take much time. In more advanced scenarios, it can take months to fully set up and configure.

Keep in mind that this is an enterprise-level product, so many of the competitors will take less time in setup. Not every engineer can configure F5 WAF.

We perform the integration for our clients. We have our own deployment team that keeps up to date with the latest features in the market. They have the latest training materials and are aware of technical changes that are happening when it comes to these solutions.

When we have this kind of project, one person will be dedicated to the deployment and they will ensure that the solution has been deployed properly. After this, things will be taken care of by the general engineering team. We have a pool of resources who can handle maintenance such as upgrades.

Licensing fees for this solution are paid on a yearly basis.

My advice to anybody who is considering this solution is to have clarity with respect to their own scenario, or application. They have to know what they are expecting out of this deployment. As the system integrator, I may not be sure about the client's applications or how they work internally, so I have to rely on them.

I would rate this solution a nine out of ten.

This solution inspects your traffic and based on that, automatically create distinct qualities for you, so you can add this to the policy already created. That's what I like most.

I would not expect traffic details to pass through the web application firewall across the length of the whole application. I think that there is a web application where it can let the application function without traffic going in into the WAF.

I think the solution is already being phased out. They are now going for a more advanced option but I'm referring to the web crawler. The web crawler should be able to allow a web application on its own to create policies, rather than wait for traffic to go to the WAF.

There are templates for creating policies, so the initial setup is very straightforward.

I would want to use ASM, or Area Security Manager, which I would rate as seven of ten. That offers lending passability, where the device should be able to lend or call the application and know the component of an application.

I work for a bank and our use case of WAF is to protect our applications, including mobile ones. We are users of this solution and I am an IT specialist engineer. 

Protection from attacks is the best feature of this product. 

We sometimes get pages with false positives. The F5 team does its best to deal with this problem. I'd like to see this product compatible with more mobile applications, like protecting something devices from a malicious server or from the mobile application itself.

We've been using this solution for one year. 

The stability is good. 

The version we are using is not very scalable. 

The technical support is generally good although in some cases they take a long time to respond and we then need to escalate the case to get an answer from a higher level. The team is mature and they are able to solve our problems.

Positive

F5 has good documentation available on their website so deployment is relatively straightforward. 

This is a mature solution and a very powerful device for protecting web applications. I rate this solution eight out of 10.