Amazon EC2 Auto Scaling helps users maintain application availability and allows users to automatically add or remove EC2 instances according to definable conditions.
F5 Distributed Cloud WAF leverages F5's Advanced WAF technology, delivering WAF-as-a-Service and combining signature- and behavior-based protection for web applications. It acts as an intermediate proxy to inspect application requests and responses to block and mitigate a broad spectrum of risks stemming from the OW ASP Top 10, persistent and coordinated threat campaigns, bots, and layer 7 DoS.
If you need to establish a system right away, in the past it took weeks or months to request a quote from the vendor and receive the equipment. Now, with Amazon EC2 in less than tens of minutes or hours, you can create a test environment and test it without any inconvenience.
It helps our website to manage well during high traffic seasons and Holidays. This plaform manages the website overall performance and also protect it against DDoS attacks during these High demand period. It also protects transactions done on our website for the booking of services and products buying by our customers and keep their data safe.
Layer seven attacks are becoming far more common. Traditionally it was always layered three, layer four, where you get an additional firewall, but with the application layer attacks become more frequent, more popular, et cetera. So having the web application firewall protecting us, and then with the recent Log4j, that's the most recent use case when it gave us that instant level of protection whilst we remediated the Log4j that we had that and the F5 Distributed Cloud WAF was protecting us.
I have a great relationship with the account manager, my account manager, and I think he drives the best price possible, um, for me, and I'm happy with that price.
F5 Distributed Cloud WAF is always innovating and evolving.
We run a very competitive proof value where we run numerous competitors against each other, and then we evaluate from that and then make the selection, and F5 Distributed Cloud WAF was the winner.
Fail over between devices feels unstable if there are thousands of objects attached to the traffic-group. Needs to be more simpler.
We have seen issues with malicious user detection where we have used open protocols due to legacy applications, and have been caught with legitimate traffic being blocked.
We gave it an 8 because it protects our web apps well and is reliable. The WAF is flexible and meets most of our needs. It could improve in user interface and make integrations easier, but overall, it’s a solid and effective security tool for us.
Usability is good since we already know how AWS works. For those that are new it might be a little bit confusing at the beginning but they are improving it at a fast pace. Even though AWS keeps changing the user interface constantly, it is still powerful, understandable and easy to use. For technical people, they still offer the CLI.
I believe is a solution that was designed from the start to be simple and easy to use. Coming from Imperva, it simply eased the burden and complexity of managing and securing our apps on different environments (cloud and on-prem). It easy to scale and very quick to deploy (as a cloud waf should be), provide us with DevOps integrations, visibility and automatic insights from multiple events that guarantee peace of mind for us analysts and opp managers.
The platform works as is. The help and tutorials on the help page can help you to setup the entire platform without problems, and also provides help on a huge variety of problems. Amazon also provides support plans. We have the basic support plan, but Amazon offers three support tiers, and we know that it works perfect.
The main reason is our total infra is created on AWS and we tend to use the natural service by AWS rather than third party tools, which has more advantages when the auto scaling interacts with other AWS services and its way easy to configure when we compare it with counter parts like Autoscale from Microsoft Azure.
It provides fewer false positives and a more granular approach to eliminating them, allowing us to focus on threats. Also, with the need to secure both on-premise and cloud-based web applications, we can only use Azure on the cloud part, but we still need to cover on-premise apps with WAF, so we would need to double the time to deploy and manage. Also, its flexibility of deployment scenarios offers us a faster time to deploy WAF without adjusting the app delivery process to WAF's existence.
We will devote more time to development than server administration, but we will require additional time if you migrate from another ecosystem.
Fault detection and reporting are automated in the old server, and bandwidth is fixed per month, but everything is manageable automatically. We only pay for the resources we use.
After some months, we met our return on investment (ROI).
The biggest gain for us was speed. Before F5 Distributed Cloud WAF, onboarding a new app to our WAF stack meant manual rule tuning, traffic sampling and regression testing. Right now, we spin up a service, tag it with the right policy and its ready (production ready) within hours
