F5 Advanced WAF Reviews

We use the solution for load balancing.

They should improve the capability, and then they should work on the virtualization of NGINX. Currently, most environments are virtualized. F5 Advanced WAF will not be able to protect it.

I have been using F5 Advanced WAF as a reseller for 5 years.

Technical support is good but not enough. It takes a lot of time to get support.

Neutral

The initial setup is not so easy nor not so complex. There is a learning phase, and there are policies to apply. It complies with regulations. Recently, we used it for Formula One, and it proved very effective.

ROI is covered in one year. You can see how it protects and mitigates damages in the network.

The product is not so expensive. It depends on the assets.

There are other solutions for data loss prevention, such as Symantec and IP solutions. There are options available for DNS blocking. While these solutions may specialize in certain aspects, They offer comprehensive coverage across various areas. Each vendor specializes in different aspects, but F5 Advanced WAF excels in its particular domain.

I recommend the solution. Most of the environment is going to virtualization.

Overall, I rate the solution an 8 out of 10.

F5 is a web application firewall and load balancer. 

The primary use case of this solution is for data protection and security.

I like all of the features, but the main one is the attack signatures.

If they could separate the control plane from the data plane, it would give us more flexibility, especially with the Hyper Cloud. This could be the reason they purchased NGINX.

They have released the first production release but they are not there yet. It would be good to have this separation in the near future.

Also, automation on the cloud is not easy. It's a bit of a job, and it doesn't auto-scale very well.

They need to work on the BIG-IQ, which is centralized management. There are too many devices. Managing them individually is inconvenient. Essentially, BIG-IQ is supposed to centralize the management for all of the boxes but it's not very effective.

I have been using this solution for more than five years.

The stability is very good.

There is no solution that is bug-free, but when comparing it with other vendors, I would say that F5 is less buggy than the others.

The scalability is an issue at the moment, which is the reason they need to separate the control plane from the data plane.

We are using this solution daily. It runs 24/7.

The technical support is very good. They are knowledgeable and helpful.

The initial setup was simple and it took an hour to deploy.

This solution does not require a lot of maintenance but we need to do the patching regularly.

We do the implementation but at times we get consultations from F5.

It's more expensive than other solutions and depending on the modules, there can be additional fees.

If I would compare F5 with other solutions, the main differences are the support and the stability of the code, it has fewer bugs.

For on-premises deployments I would recommend F5, but for the cloud, it would be questionable.

I would rate this solution a seven of ten.

It is used for application security and load balancing. As we have a few customers who are using banking applications, and stock market applications, they are more concerned about security and how to protect the product and their business applications. And that's why we offer security applications. Besides that, there are new features for load balancing in the F5.

Customers find the load balancer feature as the most valuable.

The tool needs to improve its pricing. 

I have been using it for two years.

It is a very stable product. It is the favourite product of banking customers in Egypt.

It is a very scalable product. You can write down any iRule you want as it is very convenient.

We used Citrix ADC, Fortinet FortiWeb, and Barracuda before F5 Advanced WAF. We switched to F5 Advanced WAF due to its efficiency and the port lockdown feature that the customers in Egypt like. Also since it's certified by Gartner, the customers feel confident using it.

The initial setup was simple.

If you are looking for a really good product, you should consider F5 Advanced WAF.

I would rate it a nine out of ten.

For me, the primary use case is to secure web applications from external threats, including cross-site scripting, SQL injection attacks, file inclusion vulnerabilities, and many more. The tool has simplified protection against web applications and recent threats that might be visible. If your applications are vulnerable, it gets protected by F5.

It is a very flexible solution. iRules is quite appealing when it comes to F5, and they apply it throughout their solution. BIG-IP is a known platform, and it is a part of F5 now. Application delivery or web application firewalls, F5 understands these terms and then suggests better data policies. But you have to do the work on your application's performance first. You have to look in the logs and understand the total attack you should prevent when we put it in the circuit protection mode, which works perfectly well.

iRules truly excites me because it has the ability to prevent the end-user and infrastructure from external threats.

Even if the F5’s default signatures and the default behavior are unable to help you, you can customize iRules to reach the objectives.

I don't like the management control of F5.

Moreover, if you are not an expert, it would be really difficult to set it up.

I have been using the product for fifteen years or more.

It is a stable solution.

It is definitely a scalable solution.

The initial setup is quite straightforward. I didn't experience any complexity. It could be difficult for somebody who is not familiar with application load balancers or web applications. It takes a month to understand the entire architecture. It primarily depends upon how great deployment could be.

It usually takes about five to seven days to configure and deploy the F5 Advanced WAF in production mode. It is essential to ensure that your configuration works properly before putting it into production mode.

When you have already designed it, it takes around five to seven days to set up. But it takes more than a month to understand the entire architecture of the F5.

I would rate it an eight out of ten.

The anti-bot protection has been the most valuable.

I think the deployment template can be better, like the iApps they have in the F5 MPM. I think the deployment templates can be better.

The solution is pretty stable.

The technical support is very good. I'm using the F5 technical support, maybe once a quarter. Something like three to five times a year. When I find a bug then I post them to their forum because I'm using it a lot. I can find the bugs. But its very good support.

The initial setup was very simple. The initial setup is done by the machine. The ASM HS, the WAF itself, not the deployment of the application. So it was very simple, I am working with VIP for almost a full year. Something like ninety percent of my activities are F5 related. I specialize in F5 now and everything in F5 is very, very simple.

I'm an integrator.

I think the price is very high. This is what I hear from the customers. Sometimes we cannot sell the product because it is a higher price.

I evaluated a few other options. Kemp, for example, but Kemp is not a WAF it's a load balancer, it's for another model of the F5 so its not related to do WAF. And we're speaking about the WAF. 

I would recommend this solution. It would be the best solution for WAF.

I think the dashboard can be improved. When you move from the policy to policy, the logs and the integration of the logs are without a system. Maybe make it like other SIEM systems and system servers like Splunk. They do have a lot of training videos and manuals. This helps. But not really about integration or feature improvement.

I would rate this solution a ten out of ten.

We use this solution for web application protection. The solution offers layer seven protection of the applications and can be configured against attacks.

There are a lot of good features.

I would like for there to be a cloud-based solution, this would also help to improve scalability.

I have been using this solution for about a year or so.

This solution is quite stable.

Scalability is limited since it is an on-premise solution. You will have to size your box properly, based your throughput and capacity. Our company uses it to protect all traffic of out 5.5 thousand users and we have plans to expand the usage.

Support was helpful when we reached out.

We used Kona Defender and Akamai Web Application Firewall for about a year prior to using F5. The main reason that we switched was due to costs.

The initial setup was rather complex taking a lot of time and information to be configured. We have two administrators for maintenance. 

Our consultant was able to help us integrate the solution in a day or two.

There is a perpetual license that comes with your hardware. There is also an additional fee for support.

When you choose to go with F5, be sure to size your box properly so that the capacity is taken care of. From there, you will be able to easily configure the platform to provide you with a lot of value. Overall, I would rate the solution a seven out of ten.

We use F5 Advanced WAF to secure our public cloud. We also use it to secure firewalls for applications and websites. Whether on-premises or on public cloud, these are the usual use cases for WAF.

The most valuable feature of F5 Advanced WAF is its ability to mitigate attacks: DDoS and DNS, or layer seven application attacks, OWASP, and email.

The vendor needs to work on developing an MSP model for this solution as that is what's trending on the market, plus integrating this solution under a SASE model. Not all vendors' products are compatible with SASE, and not compatible with delivering multi-deployment options from hardware appliance, VM-based, shared cluster, etc.

The compatibility of F5 Advanced WAF with multiple public cloud environments also needs to be improved, and not to be overlooked with the VMware environment.

This solution shouldn't only focus on Azure public cloud compatibility, as they need to also work with and be compatible with private cloud on multiple environments.

I'm not aware of the latest updates in terms of features, but they need to work on enhancing their product, because it seems they have an issue in the market. Day by day, they seem to be lagging behind all the new products in the market.

We've been working with this solution for one year.

The stability of this solution is not great. It's stable, but you are aware of the performance stability when you are relying on a VM-based environment, so there is another layer of performance of the infrastructure itself which you need to take into consideration when talking about stability.

Sometimes the product performance is good, but the infrastructure you are using causes some performance issues.

Now VMware is doing great when it comes to performance, so the performance of the F5 Advanced WAF licensed on our VMware environment is good as well.

This solution is not easy to scale. F5 is suffering from scalability issues. They are struggling with scalability.

I never contacted F5's technical support team because we are the main service provider, and this means we have our own support.

The initial setup for F5 Advanced WAF is complex.

We implemented this solution through our in-house team.

Pricing for this solution is higher than average in the market, when compared to its competitors. They should revise their prices in the market.

There is no additional cost besides the licensing, and it will also depend on the service delivery model: VM-based or hardware-based. The licensing model, however, is similar among all the vendors.

I evaluated FortiWeb.

I work with F5 Advanced WAF (Web Application Firewall). It's hardware-based and VM-based.

We are a partner of F5 as a technology vendor.

Deployment of this solution could either be on-premises, via cloud, or both. F5 and VMware has a partnership, so our infrastructure is based on the VMware environment which comes with the F5 capabilities for the WAF.

The technology is evolving every day and vendors are doing well. Each technology has its pros and cons, and it will take a long time to discuss areas for improvement.

One of the issues of this solution is that it is complex.

How long deployment will take will depend on the customer's environment and use cases.

Maintenance of this solution requires patching the vendor update which is most important for product maintenance or solution maintenance, and doing monitoring for availability and performance.

F5 Advanced WAF works among all segmentations and all market size: small, medium, or large companies. However, I am seeing based on my experience, that Fortinet's WAF technology: FortiWeb, is now doing much better than F5.

Fortinet is doing much better in all aspects: in the protection itself, user-friendliness, threat intelligence, etc. The capabilities of FortiWeb is doing good in the market. Both pricing and delivery models are also more competitive than F5 Advanced WAF's.

My advice to future customers of F5 Advanced WAF or to people thinking of using it is that there is a much better product in the market. One of the better products is Fortinet (FortiWeb).

I'm rating this solution a six out of ten.

We use the product for load-balancing purposes.

The product has valuable features for load balancing, monitoring tools, and HPXpress services.

They could provide better pricing.

We have been using F5 Advanced WAF for a year.

I rate the product's stability an eight out of ten. 

The product is highly scalable. It is suitable for enterprise businesses. I rate its scalability an eight out of ten.

I rate the initial setup process a seven out of ten.

I rate F5 Advanced WAF's pricing a three out of ten.

I rate F5 Advanced WAF an eight out of ten.