TrustRadius: an HG Insights company

F5 Distributed Cloud WAF (Web Application Firewall)

Score9 out of 10

136 Reviews and Ratings

What is F5 Distributed Cloud WAF (Web Application Firewall)?

F5 Distributed Cloud WAF leverages F5's Advanced WAF technology, delivering WAF-as-a-Service and combining signature- and behavior-based protection for web applications. It acts as an intermediate proxy to inspect application requests and responses to block and mitigate a broad spectrum of risks stemming from the OW ASP Top 10, persistent and coordinated threat campaigns, bots, and layer 7 DoS.

Read more details.

Media

F5 Distributed Cloud WAF (Web Application Firewall)
F5 Distributed Cloud WAF (Web Application Firewall)

1 / 2

Who Buys & Uses F5 Distributed Cloud WAF (Web Application Firewall)

Pros

  • Robust Layer 7 DDoS protection
  • Easy configuration and deployment for security policies
  • Effective prevention of security incidents and data breaches

Cons

  • Limited AI and automation for advanced rule setup and detection
  • Complex user interface and dashboard navigation
  • Initial configuration and deployment can require extensive knowledge

When Rule sets aren't enough F5 Distributed Cloud WAF brings the brains

Use Cases and Deployment Scope

The big problem it mainly solves for us is zero day and unknown attack vectors. Right now every customer facing app and all our internal admin portals run behind F5 Distributed Cloud WAF. We've also wired it into our SIEM and SOAR tools to enrich alerts with traffic metadata and auto-initiate playbooks.

Pros

  • Identifying exposure risks
  • Mitigating bot and automation abuse
  • The superb dynamic inspection capabilities

Cons

  • Policy testing in pre production still requires some finesse. Maybe a sandbox environment with traffic replay built in would go a long way.

Return on Investment

  • The biggest gain for us was speed. Before F5 Distributed Cloud WAF, onboarding a new app to our WAF stack meant manual rule tuning, traffic sampling and regression testing. Right now, we spin up a service, tag it with the right policy and its ready (production ready) within hours

Alternatives Considered

Cloudflare

Other Software Used

Splunk SOAR, ThreatConnect Threat Intelligence Operations Platform, Atlassian Jira

F5 Distributed Cloud WAF Reviews

Use Cases and Deployment Scope

To secure, monitor and manage traffic in the web applications and APIs.
To address problems like manual and slow response to threats, DDOS, and applications and API security risks.
Scope of use case includes securing enterprise web apps, providing security, metering, and routing at API gateways.

Pros

  • API protection
  • Real-time analytics and threat Intel
  • Easy deployment

Cons

  • To reduce cost for small businesses
  • To reduce learning curve for basic use case
  • To have a wider community support

Return on Investment

  • Increases response time to threats using ML-based detection, auto-mitigation, and fast policy updates.
  • Protects against OWASP bot attacks, and 0-day vulnerabilities.

Alternatives Considered

Azure Web Application Firewall

Other Software Used

Cloudflare Zero Trust Services

F5 Distributed Cloud WAF (Web Application Firewall) Review

Use Cases and Deployment Scope

We are using this product in one of our project & it’s really best user experience & working fine.

Pros

  • Real time bot detection
  • Device finger printing
  • Automatically mitigates malicious traffic
  • API Security

Cons

  • Complexity of policy configuration
  • Rule visibility
  • Pricing transparency

Return on Investment

  • Reduced risk of data breaches
  • Application availability
  • Lower total cost

Alternatives Considered

(EOL) Cisco CloudCenter

Other Software Used

Tenable Nessus

Simplify my life

Use Cases and Deployment Scope

We have legacy application which does not have easy solution to protect. F5 Distributed Cloud WAF makes our life easier.

Pros

  • Easy to understand rules
  • Logs to enable troubleshooting

Cons

  • NA
  • NA
  • NA

Return on Investment

  • It provides overall security to all my apps

Usability

Protect your web applications, protect your data, protect your availability, and protect your integrity!

Use Cases and Deployment Scope

This product gives us the ability to protect our web applications from attacks from the internet. This will help strengthen the overall security posture of our organization.

Pros

  • Protect against malicious attacks
  • Give us visibility into vulnerabilities associated with our cload applications
  • Provide our blue teams with valuable threat insights.

Cons

  • More streamlined advanced AI capabilities. Sometimes the AI fails to provide answers.
  • More simplified less cluttered screens and menus. Too many modules and windows to navigate through. Consider reducing the complexity of the overall application.

Return on Investment

  • Mitigation of potentially deadly attacks.
  • Greater confidence in our web facing apps and their associated data security and integrity
  • Increased availability of our systems

Alternatives Considered

NetScaler

Other Software Used

Palo Alto Networks Advanced Threat Prevention, Palo Alto Networks Next-Generation Firewalls - PA Series, SentinelOne Singularity, Proofpoint Advanced Threat Protection, IBM Security QRadar EDR, BlueCat Integrity (Address Manager + DNS/DHCP Server)