Cloudflare Web Application Firewall Reviews

We use the solution for the web application firewall.

The solution protects our application, which runs on the HTTP protocol, from DDoS attacks.

Cloudflare Web Application Firewall should include port forwarding features. It would be good if the solution provided communication channels like a WhatsApp group other than email to provide customer support.

I have been using Cloudflare Web Application Firewall for more than four years.

Cloudflare Web Application Firewall is a stable solution.

The technical support is easy because we use the enterprise plan. Whenever we have technical difficulties, we can use the tech support. However, if there is any impact on the production, we can call the nearest support. Users can email customer support if they have questions about the solution's features.

I previously used F5 NGINX in my previous organization.

F5 NGINX supports on-premise servers. F5 NGINX cannot support my current company, a cloud-native organization with no on-premise servers. Only a few products, like Akamai and Cloudflare, can support cloud-native environments. We chose Cloudflare Web Application Firewall because it's much more affordable than other tools.

Cloudflare Web Application Firewall is more affordable than other solutions.

Compared to other products, Cloudflare Web Application Firewall is easier to configure. Cloudflare Web Application Firewall is accurate in finding potential threats. Almost all the threats we faced before using the solution were mitigated after implementing Cloudflare Web Application Firewall.

The solution protects us from DDOS attacks and botnet attacks. Bots can call our application in botnet attacks, causing high resource consumption.

Overall, I rate the solution a seven out of ten.

I'm highly satisfied. It's remarkably user-friendly, enabling me to quickly identify issues, and deploy solutions, and it offers the necessary features. This ease of use makes it efficient in resolving our problems. 

Improvements should be done according to our customer's requirements. 

I have been using Cloudflare Web Application Firewall for more than a year. 

Regarding satisfaction, I would say that typically, we don't require support for the usual setup. We can manage it without significant difficulty. However, a key challenge arises when dealing with numerous integrations with HVAC systems. Depending on the specifics, there might be some configuration mismatches, which necessitate specific support.

They offer an array of features within a single service, including comprehensive functionality for web apps. However, we sometimes struggle to find experts who can help us harness these capabilities effectively. In some instances, their support team may lack the cost-effectiveness needed to address certain challenges, leading customers to consider alternative solutions like Skylight.

As for the typical implementation time for Cloudflare WAF, it usually takes around a week. This initial setup is quite straightforward and rarely poses any issues. The complete setup, including configuration and initial testing, typically extends over a month. However, the precise duration may vary based on the account and specific requirements. Some straightforward setups can be completed within a week.

When it comes to Cloudflare, you can initiate a basic setup within a week, but a more comprehensive implementation with fine-tuned configurations may take longer, potentially up to a month. The exact timeline depends on the intricacies of your specific service and the level of detail required in the configuration for each service.

I believe the pricing is not the best, but it's reasonable and acceptable. We also use the McAfee system in parallel. In terms of pricing, it's okay - not great, but not bad either. It falls in the middle, which is acceptable.

In terms of support licensing, last time, we were searching for a solution, and we considered products from resellers rather than directly from the cloud provider. However, the pricing we encountered was exceptionally high. As a result, we are inclined to select support from the reseller.

Typically, a larger solution is preferable, not a small one. I believe it depends on the project's financial considerations. If the project can benefit from a larger solution and the revenue generated can cover the associated costs, then we opt for that. It's not solely based on the company's size; it's about the customer's business and its specific needs.

When considering the use of a web app, it's crucial to perform a comprehensive self-analysis. This analysis should focus on understanding aspects like bandwidth, connections, and content sessions. By assessing these factors, you can make informed decisions about the most suitable solution. Pricing is a significant component, as it directly impacts your service and, by extension, your business. The challenge with bandwidth is that it's not always within your control, especially when dealing with increased demands. Therefore, before choosing a web app, it's important to conduct a thorough self-analysis. Once you've identified your needs and requirements, you can seek a solution tailored to your specific circumstances. Trying to cover every possible scenario can be a daunting and costly task, so a well-informed and targeted approach is key.

I would rate the solution a nine out of ten.

We use this solution to protect our websites and services.

The solution prevented several attacks, such as Log4j two years ago when it emerged as a major vulnerability. 

Cloudflare Web Application Firewall released protective rules a few hours after we discovered the potential problem and provided protection.

The firewall has rate-limiting, managed, and custom firewall rules.

Some of the features we’re using to a limited extent because they require an extra subscription. We have just the basic one. For example, advanced rate-limiting features are available, but we only use basic rate-limiting. 

We mainly use custom and managed firewall rules, which work well for us. We also use DDoS protection, which is probably one of the main features of the Cloudflare solution. DDoS protection was the initial thing we signed up for Cloudflare to protect our exposed web services and sites.

We also use Cloudflare DNS, logs, and analytics.

Cloudflare is evolving so quickly that we can't even keep up. In the past two years, they have released two major upgrades to their Web Application Firewall. 

However, the notification part could be improved. It's very much connected to Web Application Firewall, rate-limiting, and DDoS protection. 

The notification could be better configurable. Sometimes it makes too much noise. It should have better threshold handling or some setup features, which could set some thresholds because it tries to do it automatically. So, sometimes it just notifies about things that are not worth noticing and vice versa.

I have been using Cloudflare Web Application Firewall for two years. We are using the latest version of this solution.

We extensively use the solution every day. The solution is very stable; we haven’t seen any glitches.

I rate the solution’s stability a nine out of ten.

The solution is very scalable.

You can have multiple zones (domains), and manage them in Web GUI or using APIs.

They have pretty good documentation regarding APIs and in case you have a lot of zones you can automate their management via API calls/scripts, etc.

I rate the solution’s scalability a nine or ten out of ten.

The solution works 24/7 in front of our web service. I don't have to touch it every day, as it functions automatically. Once you set it up, it's done.

I login into the service daily to verify the alerts it has sent to us. Sometimes notifications are noisy, but I still look into each one to see if it's worth taking action.  The firewall itself functions around the clock.

The support is really good and helpful.

Positive

We switched to Cloudflare because DDoS and other scanning attacks were increasing in 2020. We had several DDoS attacks on our sites and needed a solution. 

We also looked at some local telecom solutions in the Baltics, but they were not well-functioning for us. Then, one of our engineers suggested that we use Cloudflare, and it was a great decision. Layer 3/4 DDoS attacks were no longer a problem after we deployed Cloudflare. In fact, DDoS attacks are on the rise worldwide, forcing us to start looking for more serious protective measures.

The initial setup is rather easy. I rate my experience with the initial setup an eight on a scale of ten, where ten is easy and one is difficult.

We have dozen of sites, and the firewall itself was deployed seamlessly. Setting up some additional configurations took some time.

While the file firewall deployed so to say "itself", we had to deal with transferring our sites and services behind it.

There were two main tasks - migrate DNS records and set up new TLS certificates as Cloudflare acts of us as a reverse proxy. There are specific TLS certificates between our sites and Cloudflare as and we cannot use for example LetsEncrypt anymore because our sites are no longer exposed directly to the internet.

So all-in-all it took around one-two months to get a dozen of domains behind Cloudflare WAF. And that's mainly not because of Cloudflare but our own organizational complexity.

We did the implementation ourselves but with the help of Cloudflare's support team. Their support is very good.

Since we are an Eastern European company, the solution is relatively expensive for us. We have to get used to it. Some features like Bot Management software we would like to use are still out of our budget. I would rate it three out of ten, where one is expensive, and ten is cheap.

There are no other expenses around the standard licensing cost. The support is included. When I get some questions, they're not charged separately.

We compared offers from two other providers as well. One was a local telecom provider and the other was Akamai.

I would definitely recommend using the solution.

Overall, I rate the solution a nine out of ten.

The primary use case of Cloudflare Web Application Firewall involves setting up DNS zones and implementing zero trust policies.

Cloudflare Web Application Firewall has enhanced security by effectively managing and cutting off unwanted traffic.

Some of the most valuable features of Cloudflare Web Application Firewall include its DNS zone setup and the zero trust policy.

The dashboard could be more user-friendly, and a console approach like Cloudflare CLI could enhance its usability.

We have been using Cloudflare Web Application Firewall for four years.

On a scale from one to ten, the stability of Cloudflare is a nine.

The scalability of Cloudflare is a ten out of ten.

I had to contact technical support twice, and both times, my issues were resolved satisfactorily. Therefore, I rate them a ten out of ten.

Positive

The initial setup was straightforward, taking only five minutes using Terraform.

From my perspective, the price of Cloudflare Web Application Firewall is quite affordable, rating around an eight or nine.

I highly recommend Cloudflare Web Application Firewall due to its extensive knowledge base and ease of integration with Terraform.

I'd rate the solution ten out of ten.

It is used in the banking sector.

Cloudflare WAF provides protection through rules and functionalities like Cloudflare's SDRAP. Machine learning enables numerous policies that protect traffic flowing through Cloudflare's CDN and endpoints of the application. Additionally, specific protections are implemented against DDoS attacks and to block suspicious IP addresses attempting to access the sites.

Cloudflare provides numerous ready-to-use policies that can be easily enabled with minimal configuration. One such policy is WAF, which includes predefined rulesets for common threats like DDoS attacks. These policies are pre-configured for immediate use, making tuning straightforward. Adjustments may be needed for specific configurations, but the majority are ready to be deployed directly.

Support can be challenging at times. Personally, I recently had an issue with costs and contacted support—they promptly resolved my problem. However, understanding features can be more complex. While much information is freely available, for specific needs, professional support might be necessary and could pose difficulties, if there isn't an in-house engineering team. Despite this, Cloudflare facilitates easy development of custom functionalities. Alternatively, engaging with dedicated communities can also yield valuable insights with the right investment of time.

I have been using Cloudflare Web Application Firewall as an integrator for one year.

Sometimes, as a software vendor, Cloudflare needs to upgrade their software, which can encounter faults but resolve such issues.

I rate the solution's stability an eight out of ten.

The solution is scalable. I rate the solution's scalability a nine out of ten. 

It's challenging to find technical expertise, for technical issues. While there is a network for sales, finding knowledgeable technical support can be difficult.

Neutral

This level of protection is essential, whether the website is an e-commerce platform or simply a gateway for customers accessing banking services. Maintaining visibility and ensuring the site is consistently up and running are critical requirements for such services.

Integration is quite easy when migrating DNS to Cloudflare, as they manage DNS implementation. Once DNS is set up, traffic redirection to their platform is straightforward. However, it's important to manage your IP addresses carefully, possibly using additional tools or configurations to ensure they are properly protected and directed.

Cloudflare leverages AI-driven solutions, with policies set using machine learning, which forms the foundation of their AI capabilities. They offer AI functionalities for developers looking to optimize or distribute their applications, such as Workers, a serverless solution enabling application deployment without the need for dedicated machines. This setup is also AI-enabled, enhancing its capabilities

Overall, I rate the solution a nine out of ten.

The primary use case for Cloudflare Web Application Firewall involves comprehensive security functionality across various access protocols. The system acts as a gateway, managing authentication, authorization pass-through, and traffic routing based on regional considerations. It encompasses web component modules and a reverse web application firewall, allowing secure authorization and authentication processes based on particular application sets.

The product has a valuable security control functionality. It monitors authorization processes to identify and address potential errors. We can view different components and prerequisites simultaneously, including time stamps, peak time, load time, etc. We only have to ensure that we have scaled all the authentication measures as per requirements.

The platform's control features related to real-time authentication and response time need improvement.

I rate Cloudflare Web Application Firewall a seven out of ten.

We use Cloudflare Web Application Firewall for verification of applications from various domains. Also protecting the server from exposure by implementing the Proxy Server feature on front end i.e. on client's side. Also implemented both hosts based & Cloud based WAF. 

We are required to follow a specific and separate set of rules for web applications for DDoS attacks while working with AWS and Azure. Instead, there could be an option to duplicate the cluster to maintain the consistency of rules.

We have been using Cloudflare Web Application Firewall for three to four years.

I rate Cloudflare Web Application Firewall's stability a nine out of ten.

It is a scalable platform. Although it lacks some features. We have two to three users for it. I rate its scalability an eight out of ten.

The initial setup process is simple.

I implemented the product myself.

Cloudflare Web Application Firewall has certain limitations for rules. I rate it a seven out of ten.

We use the solution to protect web applications.

The solution is easy to use.

Sometimes, it is challenging to access our applications using the solution. They should work on this particular area. Also, its availability needs improvement.

We have been using the solution for two years.

We encounter stability issues regarding the solution's availability to access applications.

We have 200 solution users in our organization. We use it extensively and plan to increase the usage.

We contact our service provider for any technical issues with the solution.

The solution's deployment takes two to three days to complete.

Our service provider helps us install the solution.

The solution is expensive. We purchase a yearly based license for it.

I recommend the solution to others and rate it a six out of ten.