F5 Distributed Cloud WAF leverages F5's Advanced WAF technology, delivering WAF-as-a-Service and combining signature- and behavior-based protection for web applications. It acts as an intermediate proxy to inspect application requests and responses to block and mitigate a broad spectrum of risks stemming from the OW ASP Top 10, persistent and coordinated threat campaigns, bots, and layer 7 DoS.
N/A
Fastly Edge Cloud Platform
Score 8.0 out of 10
N/A
Fastly, headquartered in San Francisco, offers the Fastly Edge Cloud Computing, Content Delivery Network (CDN) (formerly Fastly Deliver@Edge). Priced by bandwidth in gigabytes and number of file requests, Fastly supports image optimization, video and streaming, load balancing, and cloud security via web application firewall (WAF) and DDoS protection. Additionally, Fastly is available as a managed CDN.
When comparing F5 Distributed Cloud WAF, Akamai, Cloudflare, and Fastly, Fastly generally stands out for its raw speed and focus on developer-friendly features, while Cloudflare is often considered the best balance of speed, security, and ease of use, making it a popular choice …
It helps our website to manage well during high traffic seasons and Holidays. This plaform manages the website overall performance and also protect it against DDoS attacks during these High demand period. It also protects transactions done on our website for the booking of services and products buying by our customers and keep their data safe.
The service is really well-suited for pretty much any site that is primarily display-driven (that is, mostly GET requests). The network is able to handle massive volumes of traffic and their POPs have spread out pretty much anywhere that it's easy to get them (so basically everywhere but China and Russia). My team witnessed several large-scale attack attempts on some high-profile websites (attacks in the 10s of millions of requests per second) that were mitigated before ever coming back to the actual application; in one case we didn't realize the attack had happened until we looked at the logs the next day. Because it's a cache store option, the default configuration does not cache POST responses, and it can be difficult to set up things like authenticated paywalls as a result.
Layer seven attacks are becoming far more common. Traditionally it was always layered three, layer four, where you get an additional firewall, but with the application layer attacks become more frequent, more popular, et cetera. So having the web application firewall protecting us, and then with the recent Log4j, that's the most recent use case when it gave us that instant level of protection whilst we remediated the Log4j that we had that and the F5 Distributed Cloud WAF was protecting us.
I have a great relationship with the account manager, my account manager, and I think he drives the best price possible, um, for me, and I'm happy with that price.
F5 Distributed Cloud WAF is always innovating and evolving.
We run a very competitive proof value where we run numerous competitors against each other, and then we evaluate from that and then make the selection, and F5 Distributed Cloud WAF was the winner.
Fail over between devices feels unstable if there are thousands of objects attached to the traffic-group. Needs to be more simpler.
We have seen issues with malicious user detection where we have used open protocols due to legacy applications, and have been caught with legitimate traffic being blocked.
We gave it an 8 because it protects our web apps well and is reliable. The WAF is flexible and meets most of our needs. It could improve in user interface and make integrations easier, but overall, it’s a solid and effective security tool for us.
I believe is a solution that was designed from the start to be simple and easy to use. Coming from Imperva, it simply eased the burden and complexity of managing and securing our apps on different environments (cloud and on-prem). It easy to scale and very quick to deploy (as a cloud waf should be), provide us with DevOps integrations, visibility and automatic insights from multiple events that guarantee peace of mind for us analysts and opp managers.
Fastly Edge Cloud Platform is a powerful tool with robust capabilities, but it requires deep technical knowledge to integrate effectively into existing applications. While its performance and features are excellent, the lack of a user-friendly interface and the need for advanced configuration can make it challenging for teams without experienced developers.
It provides fewer false positives and a more granular approach to eliminating them, allowing us to focus on threats. Also, with the need to secure both on-premise and cloud-based web applications, we can only use Azure on the cloud part, but we still need to cover on-premise apps with WAF, so we would need to double the time to deploy and manage. Also, its flexibility of deployment scenarios offers us a faster time to deploy WAF without adjusting the app delivery process to WAF's existence.
The biggest gain for us was speed. Before F5 Distributed Cloud WAF, onboarding a new app to our WAF stack meant manual rule tuning, traffic sampling and regression testing. Right now, we spin up a service, tag it with the right policy and its ready (production ready) within hours
