F5 Distributed Cloud WAF (Web Application Firewall) Reviews & Insights

Score9 out of 10

136 Reviews and Ratings

Get a Demo

#1 most frequent

Finance and Insurance

60.0%

3 installations of 5

“It definitively improved the security and efficacy in our internal systems”
— Devops, Euronet (5001-10,000 employees)

#2 most frequent

Information

40.0%

2 installations of 5

“More controlled applications and simplified management Aplicaciones mas controladas y gestion simplificada”
— Dir.Comercial, Veriopoint HN (11-50 employees)

Overview

Synthesised from 62 reviews | Last Published June 17, 2026

F5 Distributed Cloud WAF is widely used by organizations to secure web applications and APIs against a diverse range of cyber threats, often serving as a critical first line of defense for internet-facing applications. In TrustRadius reviews, users deploy it across multi-cloud and hybrid environments for consistent protection, valuing its robust application security, particularly its Layer 7 DDoS defense, and simplified deployment and configuration.

Emerging positives include its effective bot protection and ability to limit false positives. However, reviewers frequently suggest enhancements in AI and automation for rule setup and detection, along with improvements to the user interface and dashboard usability, which some find complex. Despite these areas for refinement, the platform is generally seen as a valuable investment, significantly improving security posture and offering operational efficiencies.

Pros

Robust Layer 7 DDoS protection
Easy configuration and deployment for security policies
Effective prevention of security incidents and data breaches
Strong application protection against common threats like SQL injection and XSS
Efficient bot protection with limited false positives

Cons

Limited AI and automation for advanced rule setup and detection
Complex user interface and dashboard navigation
Initial configuration and deployment can require extensive knowledge
Search functionality within the GUI needs improvement

What other products like F5 Distributed Cloud WAF (Web Application Firewall) have you used or evaluated?

From 62 reviews | Last Published June 17, 2026

Summary

Reviews of F5 Distributed Cloud WAF indicate that users frequently have experience with other F5 products, particularly within the BIG-IP family. F5 BIG-IP Local Traffic Manager (LTM) was the most commonly cited alternative or related product, mentioned by 10% of reviewers. This suggests a tendency for organizations already invested in the F5 ecosystem to consider or evaluate other F5 solutions for their web application firewall needs. Beyond F5's own offerings, a smaller segment of reviewers, 5%, also reported experience with Akamai App & API Protector. Another F5 product, F5 Big-IP Advanced Web Application Firewall, was also noted by 3% of reviewers, reinforcing the prevalence of F5 solutions in the competitive landscape for these users. The overall sentiment across these mentioned products was positive, indicating satisfaction or familiarity with their capabilities.

Top Quotes

F5 Big-IP Advanced WAF

“F5 Big-IP Advanced Web Application Firewall”

F5 BIG-IP LTM

“F5 BIG-IP Local Traffic Manager (LTM)”

Akamai App & API Protector

“Akamai App & API Protector”

F5 Distributed Cloud WAF (Web Application Firewall) aims to reduce the complexity of securing apps anywhere - across multiple environments including on-premises, in and across cloud providers and at the edge. How have you benefited, at all, from being able to simplify the process of securing apps?

From 62 reviews | Last Published June 17, 2026

Summary

Reviewers frequently report that F5 Distributed Cloud WAF has significantly simplified the process of securing applications, a benefit cited by 24% of reviewers. This simplification is largely attributed to the platform's ability to manage security across diverse environments, including on-premises and multiple cloud providers, as noted by 6% of reviewers. The ease of use and setup, highlighted by 10% of the review sample, further contributes to this streamlined security posture. Reviewers appreciate the product's capacity for simplified management (6% of reviewers), often through a centralized control plane, which 5% of reviewers specifically mentioned as improving visibility and oversight. This integrated approach allows organizations to deploy and maintain consistent security policies more efficiently, reducing the complexity traditionally associated with securing distributed applications.

Top Quotes

Reduced False Positives

“Less time lost chasing false positives, easier to identify and close security gaps that allow fraud.”

Security Benefits

“Many benefits of securing my sites simply with availability and the information is reliable for internal and external users from anywhere in the world you can access without risks and the VIPs feel that they can work without risks of attacks or possible security breaches even providers who access apps Muchos beneficios de asegurar mis sitios simplemente con disponibilidad y la información es fidedigna para los usuarios internos y externos desde cualquier part del mundo puedes acceder sin riesgos y los vip se sienten que pueden trabajar sin riesgos a ataques o posibles huecos de seguridad incluso proveedores que accedan apps”

Reduced Complexity

“El hecho de no tener que depurar la politica de waf y atravesar El proceso de learning. The fact of not having to debug the WAF (Web Application Firewall) policy and go through the learning process”

What positive or negative impact (i.e. Return on Investment or ROI) has F5 Distributed Cloud WAF (Web Application Firewall) had on your overall business objectives?

From 62 reviews | Last Published June 17, 2026

Summary

F5 Distributed Cloud WAF is widely perceived by reviewers as a valuable investment that positively impacts business objectives, primarily through enhanced security and operational efficiencies. The most frequently cited benefit, noted by 26% of reviewers, is a significantly improved security posture, which includes safeguarding customer data and strengthening internal systems. This is complemented by a general improvement in overall security, as reported by 11% of the sample, leading to more trusted applications and advanced protection like TLS 1.3 upgrades. Beyond security, the platform contributes to tangible returns through operational advantages. Reviewers frequently highlight the ease and speed of deployment and use, with 10% appreciating its simplified setup and rapid application of security measures. These efficiencies translate into direct financial benefits, as 8% of reviewers specifically mentioned cost savings and a reduced Total Cost of Ownership (TCO), largely due to the prevention of costly data breaches and downtime. Furthermore, 6% of reviewers experienced significant time savings, particularly in managing WAF rules and leveraging managed services. These combined factors indicate that F5 Distributed Cloud WAF delivers a strong return on investment by bolstering security while streamlining operations and reducing associated costs.

Top Quotes

Improved Connection

“Improve connection environments”

Improved Security Posture

“Improve security posture”

Improved Security

“More Secured Trust Application”

Besides F5 Distributed Cloud WAF (Web Application Firewall), what other software do you regularly use? How likely would you be to recommend it to a friend or colleague?

From 62 reviews | Last Published June 17, 2026

Summary

Reviewers frequently integrate F5 Distributed Cloud WAF with a diverse array of other security and networking software, indicating a common practice of layered security architectures. Palo Alto Networks products are the most frequently cited, with 13% of reviewers mentioning their Next-Generation Firewalls, Cortex XDR, or advanced threat prevention solutions. This suggests a strong preference for Palo Alto's comprehensive security suite as a complement. Another significant portion, 11% of reviewers, also utilizes other F5 BIG-IP solutions, such as Local Traffic Manager and Advanced Firewall Manager, pointing to an extended reliance on the F5 ecosystem for application delivery and security. Cloud-native and network infrastructure solutions also feature prominently. AWS services, including Firewall Manager and AWS WAF, are mentioned by 5% of reviewers, indicating integration within cloud environments. Similarly, 5% of reviewers incorporate various Cisco products, such as ACI, Meraki Dashboard, and Umbrella, suggesting F5 Distributed Cloud WAF operates within established Cisco network infrastructures. Zscaler's cloud-based security offerings, including Data Protection and Internet Access, are noted by 3% of reviewers, highlighting the use of secure access service edge (SASE) solutions alongside the WAF. The pattern across these mentions suggests that F5 Distributed Cloud WAF is typically deployed as part of a broader, multi-vendor security and network architecture.

Top Quotes

Azure

“AWS WAF, Certificate Authority Service by Google Cloud, Azure AI Bot Service”

Zscaler

“Zscaler Data Protection, Broadcom Application Delivery Analysis”

Cisco

“Cisco Application Centric Infrastructure (Cisco ACI), Infoblox DDI (BloxOne)”

Describe how you use F5 Distributed Cloud WAF (Web Application Firewall) in your organization. What are the business problems the product addresses and what is the scope of your use case?

From 62 reviews | Last Published June 17, 2026

Summary

F5 Distributed Cloud WAF is predominantly utilized by organizations to bolster the security of their web applications and APIs against a wide array of cyber threats. A significant majority of reviewers, 35%, highlight its crucial role in providing robust application security protection, addressing business problems such as safeguarding against cyberattacks, preventing data theft, and ensuring compliance with standards like PCI DSS, GDPR, and HIPAA. The product is frequently deployed as a first line of defense for internet-facing applications, with 21% of reviewers specifically noting its effectiveness in protecting web applications and APIs from common threats like SQL injection, XSS, and bot attacks. Reviewers also value the solution's operational benefits, with 10% appreciating its simplified deployment and management, and 8% citing its ease of use and configuration, particularly its policy learning capabilities. Furthermore, the WAF's ability to support multi-cloud and hybrid environments is a key advantage, enabling consistent protection across diverse infrastructure setups.

Top Quotes

Application Security Protection

“F5 Distributed Cloud WAF Addresses unpatachable vulnerabilities in legacy applications for us.”

Load Balancing and Firewall Rules

“We Primarily use F5 Distributed Cloud WAF as a WAF but have plans for more in the future.”

Web Application and API Protection

“Securing external applications and API”

Please provide some detailed examples of areas where F5 Distributed Cloud WAF (Web Application Firewall) has room for improvement.

From 62 reviews | Last Published June 17, 2026

Summary

Reviewers of F5 Distributed Cloud WAF frequently identify several areas for potential enhancement, reflecting a desire for more streamlined and intelligent operations. A notable area for development is the integration of AI and automation, with 11% of reviewers suggesting more advanced AI capabilities for rule setup, configuration, and detection. User interface and experience also emerged as a significant point for improvement, as 10% of reviewers found the GUI complex and desired better search functionality and a more user-friendly control panel. Similarly, dashboard usability was a concern for 8% of reviewers, who noted difficulties in navigating complex settings and accessing critical information efficiently. While these areas highlight opportunities for refinement, some reviewers expressed positive sentiment regarding advanced protection features, mentioning capabilities like anomaly and DDoS protection, suggesting these are valuable aspects that could be further developed. Finally, initial configuration and deployment processes were cited by 5% of reviewers as requiring extensive knowledge and offering limited options, indicating a need for greater simplicity and flexibility in setup.

Top Quotes

On-Premise Management

“I know some of these products are on the road map but it would be really cool to be able to use F5 Distributed Cloud WAF to manage on prem F5s.”

Configuration Options

“Not as much configuration options as I am used to in ASM”

Policy Management

“Sometimes WAF exception rules overlap somewhat, forcing further tuning”

Please provide some detailed examples of things that F5 Distributed Cloud WAF (Web Application Firewall) does particularly well.

From 62 reviews | Last Published June 17, 2026

Summary

F5 Distributed Cloud WAF is frequently recognized by reviewers for its strong capabilities in security and ease of use. A significant portion of reviewers, 19%, highlighted its effectiveness in DDoS protection, specifically mentioning Layer 7 defense. Similarly, 19% of reviewers praised the platform for its ease of configuration and deployment, noting its simplicity in setting up security levels and reducing complexity for application teams. Beyond these core strengths, the WAF is also commended for its general security features, with 11% of reviewers appreciating its ability to prevent security incidents and provide secure-by-default protection. Reviewers further noted its proficiency in application protection, including defense against cross-site scripting, brute force attacks, and code injection, cited by 10% of the sample. Additionally, 8% of reviewers specifically pointed out the product's effective bot protection capabilities. The platform's ability to limit false positives was also positively received, indicating efficient and accurate threat detection.

Top Quotes

Protection

“Protection”

Logging

“Logging”

OWASP Compliance

“proteccion owasp top 10”

View All Reviews

F5 Distributed Cloud WAF (Web Application Firewall) Reviews

145 Reviews

F5 Distributed Cloud WAF Review

Rating: 9 out of 10

Incentivized

June 17, 2025

Use Cases and Deployment Scope

We have our main web application where we offer our products and service offers.

Pros

Protect again cross site scripting
Brute force attacks
Code modification

Cons

Automation
Zero day attacks

Likelihood to Recommend

In front of critical business application

Verified User

Director in Product Management (201-500 employees)

Vetted Review

Reseller

5 years of experience

F5 Distributed Cloud WAF review

Rating: 10 out of 10

Incentivized

June 17, 2025

Use Cases and Deployment Scope

It helped me protect information from my DBs and it helped me extract information about the use of my DBs.
An attack was stopped very well and they couldn't steal information.

Me ayudó a cuidar información de mis DB y me ayuda a sacar información del uso de mis DB un ataque lo detuvo muy bien y no pudieron robar información

Pros

Usage reports
Suspicious analysis
Bad configurations
Reportes de uso
Análisis sospechosos
Malas configuraciones

Cons

Risk analysis
Recommendations
Automatic reports
Análisis de riesgo
Recomendaciones
Reportes automáticos

Likelihood to Recommend

Because I can share experiences that helped me in an information theft attack, no matter what type of DB or site you have, you give it to protect your sites and it starts acting immediately, taking care of the availability of the sites and makes it so that clients see it all the time without the risk of it being taken down.

Porque puedo dar experiencias de que me ayudó en un ataque de robo de información sin importa que tipo de DB o site tienes le das que te proteja tus sitios y empieza a actuar inmediatamente cuídando la disponibilidad de los sitios y hace que los clientes la vean todo el tiempo sin riesgo a que la vayan a tumbar

This review was originally written in Spanish and has been translated into English using a third-party translation tool. While we strive for accuracy, some nuances or meanings may not be perfectly captured.

Verified User

Consultant in Information Technology (51-200 employees)

Vetted Review

30 years of experience

F5 Distributed Cloud WAF Review

Rating: 10 out of 10

Incentivized

June 16, 2025

Use Cases and Deployment Scope

Currently, our clients' requirements are focused on improving security and customer experience. To achieve this, it is necessary to have technologies like those of F5 Distributed Cloud, providing all the experience of its cutting-edge technologies that allow us to deliver quality and secure applications and services that the business requires.

Actualmente los requerimientos de nuestros clientes estan enfocados en mejorar la seguridad y la experiencing de sus clientes , para esto es necesario disponer de technologies como las de F5 distributed Cloud., aportando toda esa experiencia de sus technologies de vanguardia que permiten entregar aplicaciones y servicios de calidad y seguridad que require el negocio.

This review was originally written in Spanish and has been translated into English using a third-party translation tool. While we strive for accuracy, some nuances or meanings may not be perfectly captured.

Pros

Deploying Fast and Secure Applications
Despliegue de Aplicaciones rapidas y seguras

Cons

More user-friendly control panel
El panel de control mas amigable

Likelihood to Recommend

Fernando Garcia

Dir.Comercial in Information Technology at Veriopoint HN (11-50 employees)

Vetted Review

7 years of experience

Amazing

Rating: 10 out of 10

Incentivized

June 15, 2025

Use Cases and Deployment Scope

I use to protect my app against to cyberattackers to deny or stole my organization data.

Pros

Web application protection
L7 DDos
Owasp compliance
Granular policies
geographic protection

Cons

APi protection to applications environment
Protect injections codes
Make aplication ever available

Likelihood to Recommend

F5 Distributed Cloud WAF make us protection to on-line application multi-cloud and multi-data centers on premise.

Verified User

Administrator in Corporate (10,001+ employees)

Vetted Review

4 years of experience

USO WAF (I use WAF)

Rating: 9 out of 10

Incentivized

June 15, 2025

Use Cases and Deployment Scope

Uso WAF de F5 para proteccion de portales en AWS, con esto mitigamos ataques de del OWASP, El On-boarding es muy rapido e intuitivo.

I use F5 Distributed Cloud WAF to protect my AWS portals. This mitigates OWASP attacks. Onboarding is very fast and intuitive.

Pros

Proteccion de DDos
DDos Protecction
Balanceo
Balancing
Monitoreo
Monitoring

Cons

Un modo aprendizaje o auditoria de la pagina a proteger
A learning or audit mode of the page to be protected

Likelihood to Recommend

En cualquier escenario de portables Web

In any Web portable scenario

Verified User

Manager (501-1000 employees)

Vetted Review

1 year of experience

thanks

Rating: 10 out of 10

Incentivized

June 15, 2025

Use Cases and Deployment Scope

Estamos comenzando a pasar algunos servicios de nuestra organización por f5 XC, no tenemos mucha experiencia pero si es un producto al cual le queremos sacar el maximo provecho. De momento la funcionalidad que nos permite es utilizar El waf de f5 que es mas robusto que El de azure, y uno de los sitios que estamos pasando por xc esta hosteado en azure.

We're starting to migrate some of our organization's services to F5 XC. We don't have much experience, but it's a product we want to get the most out of. Currently, the functionality it allows us to use is the F5 Distributed Cloud WAF, which is more robust than the Azure one. One of the sites we're migrating to XC is hosted on Azure.

Pros

facilidad de implementacion
ease of implementation
proteccion owasp top 10
Owasp Top 10 Protection
proteccion contra amenazas avanzadas
protection against advanced threats
proteccion contra bots maliciosos
protection against malicious bots

Cons

ofrecer mas facilidad para buscar los logs de waf con El support id
Provide easier access to WAF (Web Application Firewall) logs with the support ID

Likelihood to Recommend

por la facilidad de implementación y El integration con muticloud.

For the ease of implementation and integration with multi-cloud

Verified User

Engineer in Information Technology (1001-5000 employees)

Vetted Review

3 years of experience

F5 A Great Ally

Rating: 8 out of 10

Incentivized

June 15, 2025

Use Cases and Deployment Scope

Distributed Cloud Services es un aliado estrategico para el posicionamiento de nuestros productos de manera global y agregando una capa de seguridad robusta que permite exponer servicios a la Internet y bloquear amenazas dentro de Las capas de Aplicacion y Delivery.

F% Distributed Cloud Services (WAF) is a strategic ally for positioning our products globally, adding a robust security layer that allows services to be exposed to the Internet and blocks threats within the Application and Delivery layers.

Pros

Redireccionamiento de puertos HTTP a HTTPS forzando connexion Segura de nuestros clientes.
Redirecting HTTP ports to HTTPS, forcing secure connections for our clients.
Manejo de mensajes de Aplicacion para correcto rastreo de las transactions.
Handling application messages for correct transaction tracking.
Gestion de firmas de amenazas de WAF de forma transparente
Managing WAF threat signatures transparently

Cons

Generar dashboards personalizados sobre amenazas
Generate custom threat dashboards
Adicionar Boton de export para El discovery de API Security
Add Export Button for API Security Discovery

Likelihood to Recommend

Es adecuado para proteger portales de amenazas en capa aplicativa y que carecen de seguridad en la capa de transporte, no es recomendable en servicios que tienen mechanismos internos de seguridad entre endpoint y server.

F5 Distributed Cloud WAF is suitable for protecting portals from application-layer threats that lack transport-layer security. It is not recommended for services that have internal security mechanisms between the endpoint and the server.

Verified User

Administrator in Engineering (1001-5000 employees)

Vetted Review

12 years of experience

F5 WAF: A Robust and Efficient Solution

Rating: 9 out of 10

Incentivized

June 15, 2025

Use Cases and Deployment Scope

Es una excelente solución, protege de ataques malicioso y de más incidente cibernéticos de los principales portales web, estamos analizando la viabilidad de contratarla para aumentar la seguridad de sistemas de información académicos como la website, plataforma académica, aula virtual, entre otras. Próximamente, agendemos una prueba de concepto PoC.

F5 Distributed Cloud WAF is an excellent solution; it protects major web portals from malicious attacks and further cyber incidents. We're analyzing the feasibility of using it to increase the security of academic information systems such as our website, academic platform, virtual classroom, and others. We'll schedule a proof-of-concept (PoC) soon.

Pros

Detección de DoS
Detection of DoS
Bloqueo de ataque de fuerza fruta
Blocking fruit force attack
Protección ante inyección de código
Code injection protection

Cons

Protección ante botnets
Protection against botnets
Anti DoS
Bloque de inyección de código a base de datos
Database code injection block

Likelihood to Recommend

Es una excelente solución muy robusta y eficiente, trabajo garantizado en su equipo de soporte y asesoria, es calidad a pesar de su precio un poco elevado.

It is an excellent, very robust and efficient solution, guaranteed work by its support and advisory team, it is quality despite its slightly high price.

Verified User

Engineer in Information Technology (1001-5000 employees)

Vetted Review

1 year of experience

F5 WAF

Rating: 10 out of 10

Incentivized

June 14, 2025

Use Cases and Deployment Scope

En este momento estamos interesados en revisar la solución, tenemos bastante expectativas al respecto. Creemos que con la solución podemos resolver muchas de las necesidades de seguridad que tenemos a nivel de aplicaciones. Ahora con la Inteligencia Artificial lograste simplificar y aumentar el alcance de trabajo, para nosotros ya es un objetivo estratégico.

We're currently interested in reviewing the solution; we have high expectations for it. We believe the solution can address many of our application security needs. Now, with Artificial Intelligence, you've managed to simplify and expand the scope of work; for us, that's already a strategic objective.

Pros

ERP
Aplicaciones de negocio
Business Applications
Accesibilidad
Accessibility

Cons

Cloud
Balanceo
Balancing
Protección de dominios
Domain Protection

Likelihood to Recommend

Protección de dominios

Domain Protection

Farley Bonfante Diaz

Cloud Architecture and IT Services Coordinator in Engineering at Mutualser EPS (1001-5000 employees)

Vetted Review

F5 Distributed Cloud WAF (Web Application Firewall) Review

Rating: 10 out of 10

Incentivized

June 11, 2025

Use Cases and Deployment Scope

F5 Distributed Cloud WAF being the crucial component in application security, F5 offers a wide range of attack protection with it's distributed Cloud WAF with real-time protection updates and attack protection.