Insights from F5 Distributed Cloud WAF (Web Application Firewall) Reviewers
Based on 11 verified reviews published in the last 18 months
TrustRadius Community Insights are summaries of user sentiment data from TrustRadius reviews and, when relevant, HG Insights data.
Overview
Synthesised from 11 reviews | Last Published June 17, 2026
In TrustRadius reviews, F5 Distributed Cloud WAF is primarily used by Professional, Scientific, and Technical Services firms to secure distributed digital assets, client data, intellectual property, and proprietary APIs across hybrid and multi-cloud environments. Reviewers value its robust application security, effectively defending against cyber threats and minimizing false positives, preventing disruptions to complex workflows. Three of ten reviewers specifically noted its aid in safeguarding customer information, critical for compliance needs.
Reviewers appreciate its role in streamlining security operations and adapting to project requirements. However, some desire more sophisticated AI for automated rule training, and integration challenges with critical business systems like CRM were noted by 2 of 10 reviewers. The complexity of WAF policy management, particularly with dynamic configurations, presents an operational overhead. Overall sentiment is positive regarding its ability to enhance security posture and operational efficiency, despite areas for automation and integration improvement.
Pros
Robust defense against cyber threats, protecting sensitive client data and intellectual property.
Minimizing false positives to prevent disruptions in complex project workflows and client services.
Advanced API security crucial for protecting intellectual property and data exchanges common in this sector.
Simplified deployment and management across hybrid and multi-cloud client environments.
Agile rule creation enabling highly specific security postures for diverse client projects.
Cons
Limited AI capabilities for automated rule training and configuration.
Integration challenges with critical business systems like CRM and scheduling software.
Complexity of WAF policy management, especially with overlapping exception rules.
Need for more dynamic policy configuration to support custom applications and client-specific requirements.
Operational overhead due to manual configuration in agile service delivery models.
We have integrated the WAF in our environment to use in conjunction with our edge services to protect our application services between Layers 4-7. The application servers are running with high resources which limits the ability to perform SSL offloading. The WAF gave us the option to protect these servers along with providing the ability to perform SSL offloading and also working as an app firewall. This helped us save costs on installing a firewall with sub standard UTM services.
Pros
Very good data analysis and dashboard
ease of configuration
DDOS protection
API services
Cons
Better integration between different F5 solutions
Fail over between devices feels unstable if there are thousands of objects attached to the traffic-group. Needs to be more simpler.
We have seen issues with malicious user detection where we have used open protocols due to legacy applications, and have been caught with legitimate traffic being blocked.
Likelihood to Recommend
The WAF provides a good outline for protecting the services on the edge and gives flexibility to tune the applications for security. We have used WAF for SSL offloading, and L4-7 protection. These are best used for external customers coming in to access your services. Setting up the application servers behind LTM, DNS and WAF provides end to end security and visibility which helps in tracking unwanted actors & traffic.
It has helped us a lot in terms of setting up the proxy firewall rules and making sure we are blocking the right traffic. We are not getting a lot of false positives out of it. That is one thing which has been working well.
Cons
Allowing features to configure dynamic policies.
Likelihood to Recommend
I think it's more suited for enterprise applications where they want to configure the proxies at the network level, it works really well. But the cons side, I can't think of a negative scenario where it'll not work for the large enterprises.
VU
Verified User
Manager in Information Technology (10,001+ employees)
F5 Distributed Cloud WAF (Web Application Firewall) help us in enhacing the security of our online websites and social media pages and make our digital presence much stronger. We interact with lots of personal data of our customers like names, number, address details and many more but this software helps in keeping these data safe from hackers and fraudsters.
Pros
The chats and conversation done through this plaform is safe and protected
The plaform improves our payment activities with the help of PCI DSS along with complined regulations
Not only security it makes our websites more efficient and lagfree for better customer experience
Cons
The main challange is it's dashboard complexity as it becomes very difficult for non-technical person to understand and search for critical functionalities without tapping complex settings
The software can be integrated with lots of CRM and scheduling softwares and this is great but the data flow is something which bothers us in longrun
If they can have s real time security system that can reach out to our customers when, possibility of threat occurs then that would be great
Likelihood to Recommend
It helps our website to manage well during high traffic seasons and Holidays. This plaform manages the website overall performance and also protect it against DDoS attacks during these High demand period. It also protects transactions done on our website for the booking of services and products buying by our customers and keep their data safe.
Using a cloud native firewall to protect our APIs and users who are dispersed worldwide and accessing API all over the globe looking for security and ease of employment
We use F5 Distributed Cloud WAF (Web Application Firewall) in our environment as an additional layer of added security. Business problems are application security and protects our API's.
Pros
SQL injections
Cross-site scripting
API injections
Cons
global security policies
threat signatures
behavioral analysis
Likelihood to Recommend
Really assists with the SQL injections.
VU
Verified User
Administrator in Information Technology (5001-10,000 employees)
F5 Distributed Cloud WAF has allowed us to extend WAF protections to all of our apps whether they are on-premise or cloud providers. It allows for the flexibility to move workloads between on-premise and cloud without compromising protection.
Pros
Learning mode for rule creation
API security giving organizations visibility
Easy of use
Cons
Extend the 256 character limit when exempting URIs
Manage on-premise deployments within the cloud console
Automated remediation
Likelihood to Recommend
F5 Distributed Cloud WAF is wonderful when you have multiple workloads and API gateways between different cloud providers. It allows companies to optimize their WAF deployments and policies across their ecosystem.
VU
Verified User
Director in Information Technology (1001-5000 employees)