Managed Web Application Firewall, part of Alert Logic Enterprise vs AWS WAF

Likelihood to Recommend

Great at web-based attack protection.
Easy to add sites within a few minutes once familiar with the interface and process.

IT Security Infrastructure Coordinator

Northside HospitalHospital & Health Care, 10,001+ employees

AWS WAF is highly appropriate to interrupt or prevent cyber attacks because when implementing rules, whether they are specific or centralized, so any application that has these vulnerabilities is protected.

Implementing managed rules creates greater security to protect both API and applications.If implemented along with other AWS tools, the security is much better, so if you want to protect applications against more specific attacks, it is ideal to integrate with Amazon CloudFront, which is a great benefit because it warns when thresholds are exceeded or specific attacks occur.AWS WAF is ideal to avoid common web attacks. For more specific attacks and scenarios, I don't recommend this.

Read full review

Hanna Bedoya

Software Developer

iModulesComputer Software, 51-200 employees

View all 6 answers on this topic

Pros

Web-based attack protection
Site monitoring
Notification and alerting from the vendor

Read full review

Brian Hoadley

IT Security Infrastructure Coordinator

Northside HospitalHospital & Health Care, 10,001+ employees

View all 1 answers on this topic

AWS WAF has the most developer-friendly API to create firewall rules.
AWS WAF provides OWASP security controls, which reduces developers' burden (i.e., SQL injection and cross-site scripting).
AWS WAF has customizable web security rules. The user can even push the rules through the API available, which is the great feature and helped me a lot.
It protects applications at layer 7 (HTTP) of the OSI model and not just layer 4 (TCP).

Read full review

Saim Jamali

Head of Software & Services

SamiPharmaHealth, Wellness and Fitness, 10,001+ employees

View all 6 answers on this topic

Cons

Initial professional services engagement for setup/implementation
Vendor change management without notification

Read full review

Brian Hoadley

IT Security Infrastructure Coordinator

Northside HospitalHospital & Health Care, 10,001+ employees

View all 1 answers on this topic

The documentation offered is somewhat confusing, so it would be ideal if it were much more direct and precise.
Your initial configuration may be confusing, so the best option is to use the rule templates provided by AWS.
Its configuration is not unified with AWS, so it must be done separately and it takes some time.
The number of rules to be established is somewhat limited.

Read full review

maría jose gonzalez ortiz

Software Developer

KANA SoftwareComputer Software, 501-1000 employees

View all 6 answers on this topic

Usability

No score

No answers yet

No answers on this topic

AWS WAF 9.0

Based on 1 answer

The product is highly scalable. It is easy to configure the rules and thereby helps us to mitigate many vulnerabilities.The interface and programming of the firewall provisions were easy to setup. Amazon clearly spent a lot of time figuring this out and perfecting it. It allows users to do customized configurations based on their needs. It provides protection against a number of security issues like XSS, SQL injection, etc. I would definitely recommend this for protecting your infra as you scale, since this basically protects and filters all requests hitting your application server.

Read full review

Saim Jamali

Head of Software & Services

SamiPharmaHealth, Wellness and Fitness, 10,001+ employees

View all 1 answers on this topic

Support Rating

No score

No answers yet

No answers on this topic

AWS WAF 9.3

Based on 4 answers

If you're intending to use AWS WAF, I would say that you absolutely should sign up for support. AWS Support is excellent and they can help you in a really good way to solve your issues.

Read full review

Oscar Martinez

DevOps

Aval Digital LabsFinancial Services, 201-500 employees

View all 4 answers on this topic

Alternatives Considered

No answers on this topic

Amazon's support was better for us in the end. Implementation was also easier as we're using other Amazon services currently.

Read full review

Tony Ortiz

Database Administrator

Northside ISDEducation Management, 501-1000 employees

View all 6 answers on this topic

Return on Investment

Filled a critical business need to protect home grown websites.
Integrated well with SIEM.

Read full review

Brian Hoadley

IT Security Infrastructure Coordinator

Northside HospitalHospital & Health Care, 10,001+ employees

View all 1 answers on this topic

The overall security of the web application increased effectively after deploying AWS WAF
No negative impacts were seen in the business
The developers were more confident in the overall security model of the web application being developed and it was easy to integrate WAF into the existing system as the application was also using AWS platform

Read full review

Verified User

Engineer in Professional Services

Computer Software Company, 501-1000 employees

View all 6 answers on this topic

Pricing Details

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

Managed Web Application Firewall, part of Alert Logic Enterprise Editions & Modules

—

Additional Pricing Details

—

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

AWS WAF Editions & Modules

Edition

Resource Type - Web ACL	$5.00¹
Resource Type - Rule	$1.00¹
Resource Type - Request	$0.60²

per month (prorated hourly)
per 1 million requests

Additional Pricing Details

—