AWS WAF Reviews

Support for AWS WAF needs improvement.

I've been using AWS WAF for a very short period, e.g. just a few weeks.

I find AWS WAF to be a stable product.

AWS WAF is a scalable product.

Technical support for AWS WAF could still be improved, e.g. support could be faster, more knowledgeable, and friendlier.

The initial setup for AWS WAF was straightforward. It could take between two days to two weeks.

We implemented AWS WAF through our in-house team and a consultant.

I've been using a mix of AWS products, including AWS WAF.

I'm satisfied with AWS WAF, and I've had no issues with it. I can't really find fault in the product. It's a good product.

We have hundreds of AWS WAF users within our company. We also have plans of increasing the number of users of the product.

The advice I would give to people who want to start using AWS WAF is that it's a good option if they're migrating to the cloud. It can take up a lot of legacy systems, e.g. it's scalable. Most of my customers are on the cloud, and for anyone who's struggling, it would be good to start anytime. Start small and scale, rather than just going fully onto the cloud.

Users need to pay for the product license.

My rating for AWS WAF is eight out of ten.

We use the product for the protection of our public-facing web applications. 

We preferred the product based on its cost. AWS WAF is an out-of-the-box solution and integrates with the AWS services that we use. It's natively integrated with AWS. 

We have issues with reporting, troubleshooting, and analytics. AWS WAF needs to bring costs down. 

I have been working with the solution for 18 months. 

AWS WAF is stable. 

The solution is scalable. 

We use Amazon enterprise support. It is good but expensive. 

We used Cloudflare and Palo Alto before. We chose AWS WAF since it integrates with native services. 

The tool's setup is complex but it is easy after installation. 

I would rate AWS WAF's pricing a seven out of ten. 

I would rate AWS WAF a seven out of ten. 

AWS WAF is a tool we use in my company since we don't currently have a firewall. We can be safer if we have a firewall, and the receive protection side can avoid any vulnerability attacks.

AWS WAF is a firewall we use from time to time in my company.

I don't think any improvement is needed in AWS WAF.

As technology develops and grows, AWS WAF will have to improve as a product.

AWS WAF should provide better protection to its users, and the security features need to improve.

I have been using AWS WAF for six years. There is no specific version of the product since the vendor provides the services for the solution, and my company just uses it.

AWS WAF is a stable solution. The performance of the solution is very good.

Stability-wise, I rate the solution a ten out of ten.

My company doesn't rely on AWS WAF's scalability since it's a tool that is totally on the cloud. If the tool goes down by any chance, AWS provides the solution on the steps that need to be taken.

Around 30 employees in my company use AWS WAF.

The product is not extensively used in my company.

My company has no plans to increase the number of users of AWS WAF. If our client wants to increase the number of users, we need to act on the server.

The solution's technical support is good.

The product's setup phase was pretty easy.

Sharing the code files and database configurations are the two steps we follow for deploying the product.

The product's setup phase was carried out in-house.

There are no separate licensing costs we pay for since it is included in the plan we purchase.

AWS WAF has been releasing the product on a test-case basis.

It's always good to take precautionary methods for the production website. If everything goes fine, do work in your staging and UAT, not in the production part. The aforementioned details are the precautionary methods we have to follow.

Overall, I rate the solution a ten out of ten.

We use the solution as a firewall to protect the network from malicious requests.

The solution helps our organization to comply with our security standards.

The solution allows us to set up rules for blocking malicious requests. We can configure a pool of such sources and choose what to do (allow/block/count) when a request comes from them.

The solution can include provisions to block requests targeted at specific URIs (/.env) which are obviously malicious. Also, sometimes it blocks legitimate requests. We have to keep changing some of our rules in this case. It would be great if they maintained the AWS-managed rule sets properly.

We have been using the solution for the last eight months.

It is a stable solution. Although sometimes even legitimate requests fail.

I rate its stability an eight out of ten.

It is a scalable solution. We have two users in our organization.

The solution's initial setup process is easy.

I advise others to set their security principles while building the software itself, as WAF is not entirely reliable. I rate it an eight out of ten.

We use the solution for publishing important applications. These sites are accessed by hundred to one million users every day.

We do not have to maintain the solution. Amazon maintains the product.

We have a lot of issues related to attacks on our cloud. There is a limitation on how to mitigate the issues in the solution. The product should improve the DDoS-related features.

The solution should provide an advanced tool for DDoS migration and a better reporting method. Compared to other solutions, we do not get all the information we need for reporting.

I am dealing with the solution right now.

The solution is stable. It does not depend on the data centre or browser consumption.

The product has high scalability. I can increase the resources without any effort.

The support team is very helpful.

Positive

The initial setup is too simple on the AWS. It is not complex at all. If we take certain courses and view a lot of videos on how to implement the solution, it is very easy. Support helps us with the deployment.

Our teams do not manage the product. The deployment process includes adding a new customer, reserving their information on the cloud, creating the nodes, publishing the service and testing it on the old security aspects. Then, the solution is deployed on the cloud. 

The time taken for deployment depends on the customer's requirements. Usually, there is a delay due to missing information from the customers. One or two engineers can handle the deployment. We do not need a big team for it.

We have decided to use Cloudflare to integrate with AWS, and most of our issues have been resolved. I would recommend the solution. However, it depends on the customer’s data confidentiality. If there are confidential data on the servers, they should not be on the cloud. They can use the cloud solution if the data is normal and not critical. Overall, I rate the product a seven out of ten.

The solution's price is affordable compared to Fastly.

They should make the solution's implementation process faster. Presently, we have to write code and work a lot more for integration. It doesn't provide any default logs. So, we need help getting logs, audio, and dashboard queries. Also, there should be technical documentation for the solution in case of errors. Every time we have to log a support case with AWS to obtain details to resolve it. Instead, it would be better if they provide a proper document for reference.

The solution is stable.

The solution is very scalable. We have 150 solution users in our organization.

The solution's technical support is good.

We have used Fastly before. It is easier to implement but is expensive compared to AWS.

The solution's initial setup process is very complex. We need to write code for image optimization. Overall, its implementation is time-consuming.

The solution's cost depends on the use cases.

I rate the solution a ten. It requires executives with technical knowledge to understand the use cases.

I use the solution for firewall protection. It can also be used for authentication and authorization.

AWS WAF is a great solution. We can host any DB or application on the solution.

The solution can improve its price.

I have been using the solution for five years.

The solution is very stable.

The solution is very scalable. Approximately 1000 people in our organization use the solution.

The initial setup is straightforward.

When we had set it up for a large insurance company, the deployment took us over six weeks. We deployed the solution with an in-house team. We need quite a bit of technical staff to maintain the solution.

I use the latest version of the solution. I have used Oracle and Azure too. Overall, I rate the solution a five out of ten.

The most valuable feature of AWS WAF is the extra layer of security that I have when connecting to my web applications.

AWS WAF could improve by making the overall management easier. Many people that have started working with AWS WAF do not have an easy time. They should make it easy to use. 

The AWS WAF documentation sometimes is not clear and could improve for all levels of people using the solution, such as developers. The interface could be easier to use.

I have been using AWS WAF for approximately three years.

AWS WAF is a highly stable solution.

We have approximately 35 applications that are using the AWS WAF.

The support from AWS WAF is good, I have used them often. 

I was previously using Cisco and I switched to AWS WAF because I was working mostly with cloud environments and needed more services. Additionally, I have used Microsoft Azure.

The initial setup is AWS WAF complex. The steps to complete the implementation could be easier, such as making the web traffic go through the WAF and then through the web service. The information for connectivity could be documented or done easier. The whole process can take approximately 20 minutes.

The price of AWS WAF is expensive if you do not know how to manage your software up or down. I price of the solution is average amongst the other competitors but it would be better if it was less expensive.

My advice to others is they should give AWS WAF a try. It works well, secures the applications, and it improves them against attacks.