The product could be more user-friendly, particularly the user interface for administrators. Additionally, configuration can be quite complex and needs improvement to be less complex.
The GUI interface can be confusing due to similar-looking tabs for policy building, traffic learning, and event logs. A more explanatory GUI would be beneficial. However, F5 solutions are a bit expensive compared to others, although they provide the best service and options.
Senior Security Engineer at a financial services firm with 1,001-5,000 employees
Real User
Top 5
2024-04-05T10:58:00Z
Apr 5, 2024
More legacy protocols should be added to the solution. The aforementioned protocols are generally less used and might have been phased out from multiple solutions. But some of the large corporations that are clients of our company are unwilling to let go of applications that have been developed. The aforementioned clients believe that as some of the new websites do not use these technologies, it wouldn't be ideal to replace the existing applications; for example, a bank with millions of dollars connected to a software wouldn't be willing to replace it instantly. It often takes years for enterprise-level businesses to replace applications. The vendor of F5 Advanced WAF needs to consider that even if legacy protocols are not necessarily used for new projects, existing or prior applications projects rely heavily on them, and such protocols need to be protected until they are completely phased out of the market. The vendor needs to provide complete support for the legacy protocols, just like the latest protocols in the market, until they are assured that none of the customers are using them. I would like to witness the expansion of the supported protocols set by the solution. The tool should be promoted as an advanced protection solution that supports all types of protocols. In future versions, some protocols offered by the solution need to be more specialized. All public-facing protocols should be added to F5 Advanced WAF.
Founder roverupgrades.com.ng at 22 TEAM RESOURCES LIMITED
Real User
Top 10
2023-10-26T16:14:47Z
Oct 26, 2023
One area for improvement in the product is its SSO integration, which posed challenges and required significant effort to resolve. The complexity of SSO deployment, coupled with high associated costs, could be addressed to enhance usability. Streamlining the SSO process and revisiting cost considerations would contribute to an improved user experience.
Application Security Engineer at a financial services firm with 10,001+ employees
Real User
Top 20
2023-04-12T11:56:02Z
Apr 12, 2023
We sometimes get pages with false positives. The F5 team does its best to deal with this problem. I'd like to see this product compatible with more mobile applications, like protecting something devices from a malicious server or from the mobile application itself.
Information Security Manager at Chong Hua Hospital
Real User
Top 5
2023-02-16T06:24:50Z
Feb 16, 2023
F5 Advanced WAF could improve the reporting. It's a bit difficult to populate, them. If you're not so familiar with the functions, such as where to find the logs and other settings. In a future release, it would be beneficial to have a DNS boost feature.
While F5 Advanced WAF does limit the number of partners in certain regions to ensure successful business transactions, they could also benefit from expanding their partnerships and making it easier for more people to learn about and become experts in F5 Advanced WAF. By doing so, they could increase the reach and exposure of their solution, similar to how Cisco has become widely recognized in the security industry.
The solution requires a bit of advanced knowledge. They are trying to make configurations less complicated by including guides, particularly for application protection in the cloud. Nothing is complicated but it takes a hands-on approach and a few hours to a few months to become familiar with how the solution works. The solution should include RASP which is runtime application security protection. Imperva includes RASP but the solution does not at this point. RASP would provide another level of application protection at the code itself.
F5 Advanced needs to improve its bot protection. The solution needs to have machine learning to learn the behavior of the customer to recognize the human versus the bot. This is a difficult feature to explain to our customers. I would like documentation about the bot feature to make it easier for the customer to understand.
F5 Advanced WAF could improve resource usage, it is CPU intensive. Additionally, adding automated remediation would be a benefit. For example, an easy button alerts us of the events that are occurring, and what we want to do at the time. An automated approach where somebody could be alerted very quickly. Instead of going and reconfiguring everything, an automated approach is what I'm looking at.
SOC Analyst at a financial services firm with 1,001-5,000 employees
Real User
2022-05-11T16:17:00Z
May 11, 2022
The reporting portion of F5 Advance WAF is not great. They need to work out something better, as it is very basic. You only see the top IPs, I think there is more they can offer.
Product Manager at a comms service provider with 501-1,000 employees
Real User
2022-01-14T12:01:31Z
Jan 14, 2022
The vendor needs to work on developing an MSP model for this solution as that is what's trending on the market, plus integrating this solution under a SASE model. Not all vendors' products are compatible with SASE, and not compatible with delivering multi-deployment options from hardware appliance, VM-based, shared cluster, etc. The compatibility of F5 Advanced WAF with multiple public cloud environments also needs to be improved, and not to be overlooked with the VMware environment. This solution shouldn't only focus on Azure public cloud compatibility, as they need to also work with and be compatible with private cloud on multiple environments. I'm not aware of the latest updates in terms of features, but they need to work on enhancing their product, because it seems they have an issue in the market. Day by day, they seem to be lagging behind all the new products in the market.
The interface is old-looking, it's not modern, which is why it's not always comfortable to use. I would hope that they provide some updates sooner rather than later.
Solution Architect at Softcell Technologies Limited
Real User
2020-11-04T16:20:44Z
Nov 4, 2020
It should be a little bit easy to deploy in terms of the overall deployment session. One of our customers is a bit unhappy about the reporting options. Currently, it automatically deletes event logs after some limit if a customer doesn't have any external Syslog server. It is a problem for those customers who want to review event logs after a week or so because they won't get proper reports or event logs. They should increase the duration to at least a month or two for storing the data on the device. F5 is not a leader in Gartner Quadrant, which affects us when we go and pitch this solution. Customers normally go and take a look at such annual reports, and because F5 is currently not there as a leader, the customers ask about it even though we are saying it is good in all things. F5 is not known for something totally different or unique. They were a major player in ADP, and they are just rebranding themselves into security. They should improve or increase their marketing as a security company now. They have already started to do that, but they should do it more so that when it comes to security, customers can easily remember F5. At the moment, if we say F5, load balancing comes to mind. With rebranding and marketing, all customers should get the idea that F5 is now mainly focusing on the security part of it, and it is a security company instead of load balancing. This is the first solution that should come to a customer's mind for a web application firewall.
Security Consultant at a tech services company with 501-1,000 employees
Real User
2020-10-11T08:59:00Z
Oct 11, 2020
We usually use a third-party tool for logging and reporting. It would be nice if we could do that right on this solution. They have one, but it's not very stable. Logging and reporting effectively would be a big enhancement. The solution still needs some development to handle more traffic, especially in huge environments. In small environments, it's not an issue.
Executive Director IT Security at a printing company with 501-1,000 employees
Real User
2020-09-21T06:33:20Z
Sep 21, 2020
I think the contextual-based component needs a lot of help. It is all based on regular-expressions. That is something I think companies like Signal Sciences are doing a really good job with. We are transitioning off to Signal Sciences on some of our WAF components because of the capabilities Signal Science has. I think that contextual-base signatures would definitely help in F5 WAF.
Senior Technical Specialist | Cloud Platforms at a financial services firm with 5,001-10,000 employees
Real User
2020-08-02T08:16:00Z
Aug 2, 2020
If they could separate the control plane from the data plane, it would give us more flexibility, especially with the Hyper Cloud. This could be the reason they purchased NGINX. They have released the first production release but they are not there yet. It would be good to have this separation in the near future. Also, automation on the cloud is not easy. It's a bit of a job, and it doesn't auto-scale very well. They need to work on the BIG-IQ, which is centralized management. There are too many devices. Managing them individually is inconvenient. Essentially, BIG-IQ is supposed to centralize the management for all of the boxes but it's not very effective.
Network Engineer at a tech services company with 11-50 employees
Real User
2020-08-02T08:16:00Z
Aug 2, 2020
If I had to summarize what needed improvement, I'd say they are currently in the process of updating their software. But more specifically, I would say their graphical interface, the GUI. I don't like the GUI as much as before, but now I think they're focusing on it. We are getting some new good features in the latest update. But there is still room for improvement on the user interface as well. It's easy to use. It's not difficult but it is not pleasing to the eye. Most of the time you want to see something dynamic, something like the reporting section or the system usage, the CPU, some detailed graphs, anything of that sort. So I guess they have some room for improvement there. Don't make it more complicated, just make it more pleasing to the eye. We are using the most stable version. Because recently we got an email from F5 suggesting that if you have any user on the 14.1.2.0 that there was a vulnerability on that feature. And it was quite a severe one, so they asked us to immediately update that license to another version. They currently have 15 versions, but they are not stable. They didn't recommend them to us. So most of the customers in Pakistan are using the 14.1.2.6 version. That is the most stable version and is recommended by F5. My focus is normally on logging and reporting, because customers always ask for a clear reporting criteria. I would like it if they could simplify the reporting process. If I create something, I want to get a good report on it that I can read in seconds or in minutes. I don't want extra details in it. They should work on the exporting of the logging and reporting.
Technical Team Leader at a tech services company with 201-500 employees
Real User
2019-09-24T05:43:00Z
Sep 24, 2019
I would like to see the pricing of this solution improved. There are a lot of other products that are trying to compete with this solution, and there are a few now that are very good. I know that F5 doesn't always worry about the pricing because of the branding, but if they want to capture more of the market then they need to consider that not everybody thinks about the brand. Some are concerned with the price, and some of the competitors offer solutions at a lower cost. While it is true that price is only one of the things that people consider, it is one of the major factors that can cause them to lose the battle to a competitor. This solution can be made more user-friendly.
Cyber & Security Application Delivery Expert at Hewlett Packard Enterprise
Real User
2019-09-23T06:34:00Z
Sep 23, 2019
The templates of the iApps could be better. The solution's dashboard could be improved. When you're moving from policy to policy, the logs and the integration of the logs in other systems aren't straightforward. The solution has a lot of training material, but not about integration in a virtual improvement. They should create more documentation around this for users.
Works at a financial services firm with 10,001+ employees
Real User
2019-09-19T08:39:00Z
Sep 19, 2019
I would not expect traffic details to pass through the web application firewall across the length of the whole application. I think that there is a web application where it can let the application function without traffic going in into the WAF. I think the solution is already being phased out. They are now going for a more advanced option but I'm referring to the web crawler. The web crawler should be able to allow a web application on its own to create policies, rather than wait for traffic to go to the WAF.
The solution is tedious. It takes a lot of discrete settings so one needs to get detailed and granular when they use the solution. It takes you a whole lot of energy and concentration to configure. It needs to be much more straightforward, like other web solutions. They need to have a way to define attack signatures. It might help improve the user experience.
IT Engineer at a tech vendor with 51-200 employees
Reseller
2019-09-02T06:55:00Z
Sep 2, 2019
This solution is the best out there on the market. One thing that can be improved, is to increase the quantity over predefine policy. I know it's impossible to do it all, but what I would have liked to increase the ready-to-deploy templates with only a few clicks.
Security Specialist at a energy/utilities company with 51-200 employees
Real User
2019-06-26T05:25:00Z
Jun 26, 2019
The administrator's user interface and some of the settings can sometimes be very complicated to understand. It would really help if they could be easier and more user-friendly. Perhaps the developers can add a training video that shows users what to do. I am sure it is a good product and you only need some experience to become familiar with it. Another thing that may need improvement, is upgrading from one version to another. It is good, but it can be faster.
Senior Engineer at a tech services company with 51-200 employees
Real User
2019-06-26T05:25:00Z
Jun 26, 2019
For F5 Advanced WAF, it's only 70% different over time with upgrades. F5 can still build AWS support after many long years of absence. It's difficult to use. F5 Advanced WAF needs better integration within the application, like remote dashboards. The pricing is too high. It needs better security features with the interface or dashboard. We go through some problems with the Disc Doctor services and F5 was recommended to fix or avoid the same situation in the future. F5 now is the product we use for the web products to have a web application firewall. We need better integration in the application and more security features in the future.
Security Consultant at a tech services company with 501-1,000 employees
Real User
2019-06-26T05:25:00Z
Jun 26, 2019
In general, the web interface is not really catchy. It's very powerful, very customizable, but it doesn't have a very nice GUI interface for a new adopter. For them, they'd have to do a lot of configuring. At least the reporting and monitoring parts, let's say, to be honest, should have a better interface. A few other products have very nice dashboards, out of the box, and F5 is not that friendly to use. Also, when you buy WAF, you have to buy another module called APM to do authentication. You have to buy another module with an extra license, to have the authentication feature. Other vendors have it interwoven. For example, I don't know if Barracuda has it, but Citrix has it under the same license. So maybe add authentication functionality in the AOS license, and not separate.
Everything is good about the F5 WAF, except the reporting. It's really difficult to set records from that device, the UI is kind of hard to work with, and the reporting must be improved. As a suggestion to the F5 company, they have to put in shells to have the next generation WAF. So, instead of buying different modules and different hardware and appliances, they can offer an all-in-one solution for WAF.
F5 Advanced WAF is a web application security solution for financial and government sectors, e-commerce, and public-facing websites. It offers protection against various attacks, including botnets, web scraping, and foreign entities. The solution can be deployed on-premises or in the cloud and is often used with other security tools. Its most valuable features include DDoS and DNS attack protection, SSL uploading, anomaly detection, and the ability to input custom rules.
F5 Advanced WAF...
The product could be more user-friendly for administrators. The user interface could be easier.
The product could be more user-friendly, particularly the user interface for administrators. Additionally, configuration can be quite complex and needs improvement to be less complex.
The GUI interface can be confusing due to similar-looking tabs for policy building, traffic learning, and event logs. A more explanatory GUI would be beneficial. However, F5 solutions are a bit expensive compared to others, although they provide the best service and options.
More legacy protocols should be added to the solution. The aforementioned protocols are generally less used and might have been phased out from multiple solutions. But some of the large corporations that are clients of our company are unwilling to let go of applications that have been developed. The aforementioned clients believe that as some of the new websites do not use these technologies, it wouldn't be ideal to replace the existing applications; for example, a bank with millions of dollars connected to a software wouldn't be willing to replace it instantly. It often takes years for enterprise-level businesses to replace applications. The vendor of F5 Advanced WAF needs to consider that even if legacy protocols are not necessarily used for new projects, existing or prior applications projects rely heavily on them, and such protocols need to be protected until they are completely phased out of the market. The vendor needs to provide complete support for the legacy protocols, just like the latest protocols in the market, until they are assured that none of the customers are using them. I would like to witness the expansion of the supported protocols set by the solution. The tool should be promoted as an advanced protection solution that supports all types of protocols. In future versions, some protocols offered by the solution need to be more specialized. All public-facing protocols should be added to F5 Advanced WAF.
The self-service aspect could be improved. The user interface (UI) also seems a bit outdated. Making it more user-friendly would be beneficial.
The customer service could be improved.
They could provide better pricing.
One area for improvement in the product is its SSO integration, which posed challenges and required significant effort to resolve. The complexity of SSO deployment, coupled with high associated costs, could be addressed to enhance usability. Streamlining the SSO process and revisiting cost considerations would contribute to an improved user experience.
Most customers encounter stability issues with the product's Big-IP logs. It works slowly while retrieving logs.
The tool needs to improve its pricing.
We sometimes get pages with false positives. The F5 team does its best to deal with this problem. I'd like to see this product compatible with more mobile applications, like protecting something devices from a malicious server or from the mobile application itself.
F5 Advanced WAF could improve the reporting. It's a bit difficult to populate, them. If you're not so familiar with the functions, such as where to find the logs and other settings. In a future release, it would be beneficial to have a DNS boost feature.
While F5 Advanced WAF does limit the number of partners in certain regions to ensure successful business transactions, they could also benefit from expanding their partnerships and making it easier for more people to learn about and become experts in F5 Advanced WAF. By doing so, they could increase the reach and exposure of their solution, similar to how Cisco has become widely recognized in the security industry.
The solution requires a bit of advanced knowledge. They are trying to make configurations less complicated by including guides, particularly for application protection in the cloud. Nothing is complicated but it takes a hands-on approach and a few hours to a few months to become familiar with how the solution works. The solution should include RASP which is runtime application security protection. Imperva includes RASP but the solution does not at this point. RASP would provide another level of application protection at the code itself.
F5 should consider adding network detection and response.
The delay times on firmware patches and software updates could be better and improved.
The overall price of F5 Advanced WAF could improve.
F5 Advanced needs to improve its bot protection. The solution needs to have machine learning to learn the behavior of the customer to recognize the human versus the bot. This is a difficult feature to explain to our customers. I would like documentation about the bot feature to make it easier for the customer to understand.
F5 Advanced WAF could improve on its funding for WAF features. There is a need to be more advanced WAF features.
F5 Advanced WAF could improve resource usage, it is CPU intensive. Additionally, adding automated remediation would be a benefit. For example, an easy button alerts us of the events that are occurring, and what we want to do at the time. An automated approach where somebody could be alerted very quickly. Instead of going and reconfiguring everything, an automated approach is what I'm looking at.
The reporting portion of F5 Advance WAF is not great. They need to work out something better, as it is very basic. You only see the top IPs, I think there is more they can offer.
I would like for there to be a cloud-based solution, this would also help to improve scalability.
The vendor needs to work on developing an MSP model for this solution as that is what's trending on the market, plus integrating this solution under a SASE model. Not all vendors' products are compatible with SASE, and not compatible with delivering multi-deployment options from hardware appliance, VM-based, shared cluster, etc. The compatibility of F5 Advanced WAF with multiple public cloud environments also needs to be improved, and not to be overlooked with the VMware environment. This solution shouldn't only focus on Azure public cloud compatibility, as they need to also work with and be compatible with private cloud on multiple environments. I'm not aware of the latest updates in terms of features, but they need to work on enhancing their product, because it seems they have an issue in the market. Day by day, they seem to be lagging behind all the new products in the market.
The Sandbox integration feature could be improved.
Although we're getting some reports, we're not getting all the reports we need. There seems to be a gap in report management.
I would like to see the API Protection improved.
Its price should be better. It is expensive.
The interface is old-looking, it's not modern, which is why it's not always comfortable to use. I would hope that they provide some updates sooner rather than later.
It should be a little bit easy to deploy in terms of the overall deployment session. One of our customers is a bit unhappy about the reporting options. Currently, it automatically deletes event logs after some limit if a customer doesn't have any external Syslog server. It is a problem for those customers who want to review event logs after a week or so because they won't get proper reports or event logs. They should increase the duration to at least a month or two for storing the data on the device. F5 is not a leader in Gartner Quadrant, which affects us when we go and pitch this solution. Customers normally go and take a look at such annual reports, and because F5 is currently not there as a leader, the customers ask about it even though we are saying it is good in all things. F5 is not known for something totally different or unique. They were a major player in ADP, and they are just rebranding themselves into security. They should improve or increase their marketing as a security company now. They have already started to do that, but they should do it more so that when it comes to security, customers can easily remember F5. At the moment, if we say F5, load balancing comes to mind. With rebranding and marketing, all customers should get the idea that F5 is now mainly focusing on the security part of it, and it is a security company instead of load balancing. This is the first solution that should come to a customer's mind for a web application firewall.
We usually use a third-party tool for logging and reporting. It would be nice if we could do that right on this solution. They have one, but it's not very stable. Logging and reporting effectively would be a big enhancement. The solution still needs some development to handle more traffic, especially in huge environments. In small environments, it's not an issue.
I think the contextual-based component needs a lot of help. It is all based on regular-expressions. That is something I think companies like Signal Sciences are doing a really good job with. We are transitioning off to Signal Sciences on some of our WAF components because of the capabilities Signal Science has. I think that contextual-base signatures would definitely help in F5 WAF.
If they could separate the control plane from the data plane, it would give us more flexibility, especially with the Hyper Cloud. This could be the reason they purchased NGINX. They have released the first production release but they are not there yet. It would be good to have this separation in the near future. Also, automation on the cloud is not easy. It's a bit of a job, and it doesn't auto-scale very well. They need to work on the BIG-IQ, which is centralized management. There are too many devices. Managing them individually is inconvenient. Essentially, BIG-IQ is supposed to centralize the management for all of the boxes but it's not very effective.
If I had to summarize what needed improvement, I'd say they are currently in the process of updating their software. But more specifically, I would say their graphical interface, the GUI. I don't like the GUI as much as before, but now I think they're focusing on it. We are getting some new good features in the latest update. But there is still room for improvement on the user interface as well. It's easy to use. It's not difficult but it is not pleasing to the eye. Most of the time you want to see something dynamic, something like the reporting section or the system usage, the CPU, some detailed graphs, anything of that sort. So I guess they have some room for improvement there. Don't make it more complicated, just make it more pleasing to the eye. We are using the most stable version. Because recently we got an email from F5 suggesting that if you have any user on the 14.1.2.0 that there was a vulnerability on that feature. And it was quite a severe one, so they asked us to immediately update that license to another version. They currently have 15 versions, but they are not stable. They didn't recommend them to us. So most of the customers in Pakistan are using the 14.1.2.6 version. That is the most stable version and is recommended by F5. My focus is normally on logging and reporting, because customers always ask for a clear reporting criteria. I would like it if they could simplify the reporting process. If I create something, I want to get a good report on it that I can read in seconds or in minutes. I don't want extra details in it. They should work on the exporting of the logging and reporting.
The scalability could be improved. There is a version with 25 and 200 Mbps, no options in between
I would like to see the pricing of this solution improved. There are a lot of other products that are trying to compete with this solution, and there are a few now that are very good. I know that F5 doesn't always worry about the pricing because of the branding, but if they want to capture more of the market then they need to consider that not everybody thinks about the brand. Some are concerned with the price, and some of the competitors offer solutions at a lower cost. While it is true that price is only one of the things that people consider, it is one of the major factors that can cause them to lose the battle to a competitor. This solution can be made more user-friendly.
The templates of the iApps could be better. The solution's dashboard could be improved. When you're moving from policy to policy, the logs and the integration of the logs in other systems aren't straightforward. The solution has a lot of training material, but not about integration in a virtual improvement. They should create more documentation around this for users.
I would not expect traffic details to pass through the web application firewall across the length of the whole application. I think that there is a web application where it can let the application function without traffic going in into the WAF. I think the solution is already being phased out. They are now going for a more advanced option but I'm referring to the web crawler. The web crawler should be able to allow a web application on its own to create policies, rather than wait for traffic to go to the WAF.
The solution is tedious. It takes a lot of discrete settings so one needs to get detailed and granular when they use the solution. It takes you a whole lot of energy and concentration to configure. It needs to be much more straightforward, like other web solutions. They need to have a way to define attack signatures. It might help improve the user experience.
This solution is the best out there on the market. One thing that can be improved, is to increase the quantity over predefine policy. I know it's impossible to do it all, but what I would have liked to increase the ready-to-deploy templates with only a few clicks.
I think the deployment template can be better, like the iApps they have in the F5 MPM. I think the deployment templates can be better.
The administrator's user interface and some of the settings can sometimes be very complicated to understand. It would really help if they could be easier and more user-friendly. Perhaps the developers can add a training video that shows users what to do. I am sure it is a good product and you only need some experience to become familiar with it. Another thing that may need improvement, is upgrading from one version to another. It is good, but it can be faster.
For F5 Advanced WAF, it's only 70% different over time with upgrades. F5 can still build AWS support after many long years of absence. It's difficult to use. F5 Advanced WAF needs better integration within the application, like remote dashboards. The pricing is too high. It needs better security features with the interface or dashboard. We go through some problems with the Disc Doctor services and F5 was recommended to fix or avoid the same situation in the future. F5 now is the product we use for the web products to have a web application firewall. We need better integration in the application and more security features in the future.
In general, the web interface is not really catchy. It's very powerful, very customizable, but it doesn't have a very nice GUI interface for a new adopter. For them, they'd have to do a lot of configuring. At least the reporting and monitoring parts, let's say, to be honest, should have a better interface. A few other products have very nice dashboards, out of the box, and F5 is not that friendly to use. Also, when you buy WAF, you have to buy another module called APM to do authentication. You have to buy another module with an extra license, to have the authentication feature. Other vendors have it interwoven. For example, I don't know if Barracuda has it, but Citrix has it under the same license. So maybe add authentication functionality in the AOS license, and not separate.
Everything is good about the F5 WAF, except the reporting. It's really difficult to set records from that device, the UI is kind of hard to work with, and the reporting must be improved. As a suggestion to the F5 company, they have to put in shells to have the next generation WAF. So, instead of buying different modules and different hardware and appliances, they can offer an all-in-one solution for WAF.