F5 Distributed Cloud WAF leverages F5's Advanced WAF technology, delivering WAF-as-a-Service and combining signature- and behavior-based protection for web applications. It acts as an intermediate proxy to inspect application requests and responses to block and mitigate a broad spectrum of risks stemming from the OW ASP Top 10, persistent and coordinated threat campaigns, bots, and layer 7 DoS.
Well Suited: Perfect for hosting your own website. And, I don't mean just an individual with a port of MySpace. I mean an industrial strength, commercial grade replacement for Microsoft IIS. If you need a web server that provides a feature-rich environment with support for multiple sites (hosted in the same server), with such features as virtual hosting, and modular feature design, than Apache Web Server is right on the money. Less Well-Suited: Single page, small feature-set websites. Apache is a lot of trouble for developers to set up, just to send/receive JSON strings of a few bytes. You're really better off using something smaller and faster/simpler (lighttpd for example).
It is doing its job effectively, and its scalability is superb. So, if you have a mixed environment with cloud and on-premise systems to protect this product, provide a solution to the challenge. However, its management is more suited to DevOps teams rather than to the ones responsible for on-premise systems, making the management a bit more complex.
Apache is Open Source, governed well (the foundation) and probably the most stable computing platform ever.
Apache is probably one of the most customizable and configurable pieces of software that I have ever run across in more than 30 years of development.
If there is something that Apache can not do, then you need to ask yourself; should I be doing that? The point here is that it is a solid solution and seems to only integrate other technologies that are of the highest caliber.
Apache will live forever and you can not go wrong with it.
Layer seven attacks are becoming far more common. Traditionally it was always layered three, layer four, where you get an additional firewall, but with the application layer attacks become more frequent, more popular, et cetera. So having the web application firewall protecting us, and then with the recent Log4j, that's the most recent use case when it gave us that instant level of protection whilst we remediated the Log4j that we had that and the F5 Distributed Cloud WAF was protecting us.
I have a great relationship with the account manager, my account manager, and I think he drives the best price possible, um, for me, and I'm happy with that price.
F5 Distributed Cloud WAF is always innovating and evolving.
We run a very competitive proof value where we run numerous competitors against each other, and then we evaluate from that and then make the selection, and F5 Distributed Cloud WAF was the winner.
Fail over between devices feels unstable if there are thousands of objects attached to the traffic-group. Needs to be more simpler.
We have seen issues with malicious user detection where we have used open protocols due to legacy applications, and have been caught with legitimate traffic being blocked.
I would continue using F5 Distributed Cloud WAF because I am highly satisfied with its robust and comprehensive features that effectively protect our applications from evolving cyber threats. The advanced AI capabilities enhance threat detection and response, providing proactive security. Additionally, the excellent customer support ensures quick resolution of any issues, making the overall experience reliable and efficient. Trust in the manufacturer’s innovation and continuous updates further motivates me to keep this solution as a core part of our security infrastructure.
I believe is a solution that was designed from the start to be simple and easy to use. Coming from Imperva, it simply eased the burden and complexity of managing and securing our apps on different environments (cloud and on-prem). It easy to scale and very quick to deploy (as a cloud waf should be), provide us with DevOps integrations, visibility and automatic insights from multiple events that guarantee peace of mind for us analysts and opp managers.
I give this rating because there is so much Apache documentation and information on the web that you can literally do anything. This has to do with the fact that there is a huge Open Source community that is beyond mature and perhaps one of the most helpful to be found. The only thing that should hold anyone back from anything is that they can not read. RTFM, my friend. And I must say that the manual is excellent.
The comparison with other products from IBM or Oracle is difficult. These are mostly software that has to be paid for. The only fair comparison at eye level is probably the NGINX web server: It is also free and offers even higher performance. In the meantime, there is also a paid Plus version of NGINX. This has extended support and special functions.
This plaform has advanced threat detection technology and mitigation of this tool is also great that's why why it helps us in securing from many attacks including damages from 7 attcks, BOTS Mitigations and DDoS Protection. Also this plaform has customised security management policy to tailor security measures according to our specific needs.
Apache web server helped us in building client applications without much investment in the underlying server configuration which gives us the ability to start on a new project quickly and upgrade its resources as and when needed.
Using software which is well-supported by a community of open source contributors makes tasks easy and affordable when need help since a couple of minutes on Google saves a couple of dollars every time and you don't need a specialized support person unless there is something significant needing to be changed.