Amazon Web Services offers AWS WAF (web application firewall) to protect web applications from malicious behavior that might impede the applications functioning and performance, with customizable rules to prevent known harmful behaviors and an API for creating and deploying web security rules.
$0.60
per 1 million requests
Azure Front Door
Score 8.2 out of 10
N/A
Azure Front Door is a cloud content delivery network (CDN) service that helps users deliver high performance, scalability, and a secure user experiences for content and applications. It includes a customizable rules engine for advanced routing capabilities. It boasts instant scalability with global HTTP load balancing and failover.
$35
per month
Pricing
AWS WAF
Azure Front Door
Editions & Modules
Resource Type - Request
$0.60
per 1 million requests
Resource Type - Rule
$1.00
per month (prorated hourly)
Resource Type - Web ACL
$5.00
per month (prorated hourly)
Standard
$35
per month
Premium
$330
per month
Offerings
Pricing Offerings
AWS WAF
Azure Front Door
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
Base fees (Billed hourly and only for number of hours used)
Well Suited: 1. To prevent DDOS attacks: AWS WAF has a lot of managed rules to prevent DDOS attacks based on traffic origination from a particular IP or IP reputation etc. 2. To rate-limit requests: Well it sounds familiar like preventing DDOS attacks, but it can also be used to rate-limit requests originating from the same IP address. We have used this feature so that we can test multiple failure scenarios for our application. 3. To prevent Data crawling: The BOT control feature allows us to prevent BOTs from crawling data on our websites. Not Suited: 1. To integrate applications outside of AWS Cloud: As I mentioned in my previous comments, this type of integration requires a custom implementation of another AWS resource.
Azure Front Door is very easy and fast to set up and implement, if you are looking for an easy solution that is secure and reliable, Front Door does all that and can be configured in a few hours. AFD is a CDN with WAF, accordingly, it is well suited for any CDN Scenario, other providers such as Akamai or Verizon have a more expensive base price and are harder to manage/configure, Front Door is simple, easy, and provides what's needed when it comes to Web App Security. If you have multiple data centers, have apps in different regions, or targeting a global audience, AFD is an excellent option to get up to speed quickly. If you are looking for more features and capabilities, or planning a very complex setup, Front Door might be sufficient, but other specialized provides such as Imperva, Cloudflare or Akamai are generally a bit more advanced (but harder to set up and maintain). It always depends on the scenario, but for us, Front Door was an excellent option and served us very well with no issues.
Protect any application against the most common attacks.
Provides better visibility of web traffic.
It allows us to control the traffic in different ways in which it is enabled or blocked through the implementation of security rules developed personally according to our needs.
It is able to block common attacks such as SQL code injection.
It allows defining specific rules for applications, thus increasing web security as they are developed.
AWS WAF is a bit costly if used for single applications.
they should provide attack-wise protection, like if my certain type of application is vulnerable to DDOS then I should be able to buy WAF, especially for that attack.
We have been using AWS WAF for the past 3 years in front of our websites. We find it useful in preventing data crawling, DDOS attacks, etc on our websites, and hence we are going to use it in the future as well. AWS WAF is one of the best Firewalls in business.
The product is highly scalable. It is easy to configure the rules and thereby helps us to mitigate many vulnerabilities. The interface and programming of the firewall provisions were easy to setup. Amazon clearly spent a lot of time figuring this out and perfecting it. It allows users to do customized configurations based on their needs. It provides protection against a number of security issues like XSS, SQL injection, etc. I would definitely recommend this for protecting your infra as you scale, since this basically protects and filters all requests hitting your application server.
If you're intending to use AWS WAF, I would say that you absolutely should sign up for support. AWS Support is excellent and they can help you in a really good way to solve your issues.
Easy of use. Setup and configuration is fairly quick. There are the usual advantages of it being a cloud solution where you can buy into the solution, configure it and set it up and get it up and running. If you are already a subscriber to AWS, having a native service has its advantages.
It's generally hard to compare CDNs, each has its features, POP locations, latency, and availability. We have used many other CDNs, including Akamai, Verizon, and Cloudflare. They are all great, but each has its own advantages/disadvantages. From our perspective, all other providers were much harder to configure and maintain and their overall cost was higher than AFD. For example, Verizon was great, performance was excellent, but reporting/logging was not up to our expectations, and we had many issues with its Rules Engine. AFD is great for delivering your web apps globally quickly and easily, the cost is reasonable and comes with very little operational overhead, the logging and reporting capabilities are very good, additionally, its integration with Azure Cloud Services gives it an advantage over other competitors.
Implementing this AWS service has been really favorable because when creating custom rules we give more specific protection to our applications against vulnerabilities that cause them to be consuming other resources or running with errors.
It allows us to control the traffic of our business applications, which is really favorable, given that in this way we can decide that you can access them and not.
It is extremely advantageous that we can establish rules in a centralized way since it saves time, as well as it allows us to protect several applications at the same time by reusing the rules established above.
It allows you to save time and money because we only pay for what is used.
AFD implementation was approx. 80% cheaper than other providers, from initiation to operation.
It allowed us to minimize backend resources size/processing power, taking all the load from client requests, cutting tens of thousands of dollars monthly on compute, memory, and network bandwidth.
Overall, the ROI of AFD is very quick, it is not an expensive solution, therefore, its ROI goals are easy to calculate and achieve, our overall ROI exceeded 300%.
