Amazon Web Services offers AWS WAF (web application firewall) to protect web applications from malicious behavior that might impede the applications functioning and performance, with customizable rules to prevent known harmful behaviors and an API for creating and deploying web security rules.
$0.60
per 1 million requests
NetScaler
Score 7.9 out of 10
N/A
NetScaler ADC is an application delivery controller.
Well Suited: 1. To prevent DDOS attacks: AWS WAF has a lot of managed rules to prevent DDOS attacks based on traffic origination from a particular IP or IP reputation etc. 2. To rate-limit requests: Well it sounds familiar like preventing DDOS attacks, but it can also be used to rate-limit requests originating from the same IP address. We have used this feature so that we can test multiple failure scenarios for our application. 3. To prevent Data crawling: The BOT control feature allows us to prevent BOTs from crawling data on our websites. Not Suited: 1. To integrate applications outside of AWS Cloud: As I mentioned in my previous comments, this type of integration requires a custom implementation of another AWS resource.
Citrix Netscaler can be a powerful network appliance for environments that are fully committed and open to utilizing a network appliance that isn't made by a traditional network vendor. Administrator user experience has improved over the years and will continue to improve with the flexibility of virtual and physical appliances available for medium and large enterprises.
Protect any application against the most common attacks.
Provides better visibility of web traffic.
It allows us to control the traffic in different ways in which it is enabled or blocked through the implementation of security rules developed personally according to our needs.
It is able to block common attacks such as SQL code injection.
It allows defining specific rules for applications, thus increasing web security as they are developed.
Flexibility. NetScaler assumes its admins know a bit about networking and in-depth details surrounding the applications they are configuring access for/to. This being so, the range of configuration options is very broad allowing various versions' combinations of protocol patterns, expressions, rules etc., all to the benefit of the admin.
Granularity. Having such a broad range of configuration options available, while still allowing simple options to be configured simply. The GUI is well-stylized and navigation has a good flow.
Ease of control. For load-balancing of simple services right out of the box, NetScaler makes it pretty easy, compared to the range of options available in the surrounding GUI and under the hood.
AWS WAF is a bit costly if used for single applications.
they should provide attack-wise protection, like if my certain type of application is vulnerable to DDOS then I should be able to buy WAF, especially for that attack.
The documentation could use an overhaul with specific examples related to the command line as well as GUI. Explanations in the documentation would also be helpful.
Being able to have more than just one routing table would allow the ability to leverage security.
We have been using AWS WAF for the past 3 years in front of our websites. We find it useful in preventing data crawling, DDOS attacks, etc on our websites, and hence we are going to use it in the future as well. AWS WAF is one of the best Firewalls in business.
The product is highly scalable. It is easy to configure the rules and thereby helps us to mitigate many vulnerabilities. The interface and programming of the firewall provisions were easy to setup. Amazon clearly spent a lot of time figuring this out and perfecting it. It allows users to do customized configurations based on their needs. It provides protection against a number of security issues like XSS, SQL injection, etc. I would definitely recommend this for protecting your infra as you scale, since this basically protects and filters all requests hitting your application server.
I gave the NetScaler a 7 here because the system once configured and deployed is very easy to use. However, if you did not deploy the system and do not have the fundamental background knowledge then you will have trouble using the product in general. Overall it is a great product and service but does typically require professional services to be deployed.
If you're intending to use AWS WAF, I would say that you absolutely should sign up for support. AWS Support is excellent and they can help you in a really good way to solve your issues.
Overall, our organization's experience with Citrix support is that support can be hit or miss. Oftentimes it takes multiple attempts and much longer than desirable to obtain a viable solution for issues experienced with their products. It would be great to see Citrix invest time, effort, and almighty dollars into improving their support and bug fix process across the board.
Easy of use. Setup and configuration is fairly quick. There are the usual advantages of it being a cloud solution where you can buy into the solution, configure it and set it up and get it up and running. If you are already a subscriber to AWS, having a native service has its advantages.
easy to use and setup and reliable. Once the configuration was setup and running this has been really useful and easy to maintain. The other solutions seemed overly complicated and difficult to configure and get up and running with the security that we required
Implementing this AWS service has been really favorable because when creating custom rules we give more specific protection to our applications against vulnerabilities that cause them to be consuming other resources or running with errors.
It allows us to control the traffic of our business applications, which is really favorable, given that in this way we can decide that you can access them and not.
It is extremely advantageous that we can establish rules in a centralized way since it saves time, as well as it allows us to protect several applications at the same time by reusing the rules established above.
It allows you to save time and money because we only pay for what is used.
We had this set up before COVID and it saved us. We just added user licenses and scaled out our citrix farm and IT sat back and just monitored users from home.
Scales up and out with ease
Challenging to find NetScaler experts for advanced features you want to enable and use
