What users are saying about
17 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.7 out of 100
8 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 9.1 out of 100

Likelihood to Recommend

AWS WAF

AWS WAF is highly appropriate to interrupt or prevent cyber attacks because when implementing rules, whether they are specific or centralized, so any application that has these vulnerabilities is protected.
Implementing managed rules creates greater security to protect both API and applications.If implemented along with other AWS tools, the security is much better, so if you want to protect applications against more specific attacks, it is ideal to integrate with Amazon CloudFront, which is a great benefit because it warns when thresholds are exceeded or specific attacks occur.AWS WAF is ideal to avoid common web attacks. For more specific attacks and scenarios, I don't recommend this.
Hanna Bedoya | TrustRadius Reviewer

Sophos Secure Web Gateway

Sophos Secure Web Gateway is great for almost any business that needs an easily-manageable proxy server. We're a medium-sized enterprise, but the product would work great for much larger companies as well. The only real limitations would be hardware resources, but it isn't that intensive. The administration of it is very intuitive, and it was quick to set up.Where it might not make sense is across multiple sites, unless all internet traffic is funneled through one place. It would be a bit complicated to maintain multiple setups.
Robert Paul | TrustRadius Reviewer

Pros

AWS WAF

  • AWS WAF has the most developer-friendly API to create firewall rules.
  • AWS WAF provides OWASP security controls, which reduces developers' burden (i.e., SQL injection and cross-site scripting).
  • AWS WAF has customizable web security rules. The user can even push the rules through the API available, which is the great feature and helped me a lot.
  • It protects applications at layer 7 (HTTP) of the OSI model and not just layer 4 (TCP).
Saim Jamali | TrustRadius Reviewer

Sophos Secure Web Gateway

  • When IT Admins need to deploy virtually.
  • When IT Admins want to have high availability without an extra cost (via the Virtual Appliance Deployment).
  • When IT Admins want to control and give the internet fair use within the organization.
Juan Carlos Sanchez Pignalosa | TrustRadius Reviewer

Cons

AWS WAF

  • The documentation offered is somewhat confusing, so it would be ideal if it were much more direct and precise.
  • Your initial configuration may be confusing, so the best option is to use the rule templates provided by AWS.
  • Its configuration is not unified with AWS, so it must be done separately and it takes some time.
  • The number of rules to be established is somewhat limited.
maría jose gonzalez ortiz | TrustRadius Reviewer

Sophos Secure Web Gateway

  • Administrator Permissions: There's not enough granularity on the administrative side. We ran into an issue where we wanted to restrict junior admins from being able to see traffic per user. But in doing so, it also prevented them from adusting some other settings they had to have access to, like setting exceptions for sites.
  • CA Database: I occasionally run into issues where the list of certificate authorities in the appliance is not up to date, and I have to manually add a CA. These aren't rare, never-heard-of authorities, either, but they are usually subsidiaries of one of the major ones.
  • Feedback: Sometimes it takes some good detective skills to track down why a legitimate site isn't working. It's often because of content hosted elsewhere (images, for example), but the reports aren't always clear as to what actually gets blocked. It takes some trial and error sometimes to unblock something that should be okay for our business.
Robert Paul | TrustRadius Reviewer

Likelihood to Renew

AWS WAF

AWS WAF 9.0
Based on 1 answer
Good value for money. Native AWS solution for services
Igor Zeiger | TrustRadius Reviewer

Sophos Secure Web Gateway

No score
No answers yet
No answers on this topic

Usability

AWS WAF

AWS WAF 9.0
Based on 1 answer
The product is highly scalable. It is easy to configure the rules and thereby helps us to mitigate many vulnerabilities.The interface and programming of the firewall provisions were easy to setup. Amazon clearly spent a lot of time figuring this out and perfecting it. It allows users to do customized configurations based on their needs. It provides protection against a number of security issues like XSS, SQL injection, etc. I would definitely recommend this for protecting your infra as you scale, since this basically protects and filters all requests hitting your application server.
Saim Jamali | TrustRadius Reviewer

Sophos Secure Web Gateway

No score
No answers yet
No answers on this topic

Support Rating

AWS WAF

AWS WAF 9.3
Based on 4 answers
If you're intending to use AWS WAF, I would say that you absolutely should sign up for support. AWS Support is excellent and they can help you in a really good way to solve your issues.
Oscar Martinez | TrustRadius Reviewer

Sophos Secure Web Gateway

No score
No answers yet
No answers on this topic

Alternatives Considered

AWS WAF

Amazon's support was better for us in the end. Implementation was also easier as we're using other Amazon services currently.
Tony Ortiz | TrustRadius Reviewer

Sophos Secure Web Gateway

Sophos Secure Web Gateway has flexible pricing and deployment options. It offers a huge range of categorization options and they also pull web categorization info from other services
Juan Carlos Sanchez Pignalosa | TrustRadius Reviewer

Return on Investment

AWS WAF

  • The overall security of the web application increased effectively after deploying AWS WAF
  • No negative impacts were seen in the business
  • The developers were more confident in the overall security model of the web application being developed and it was easy to integrate WAF into the existing system as the application was also using AWS platform
Anonymous | TrustRadius Reviewer

Sophos Secure Web Gateway

  • We have not had a single instance of malware since installing Web Gateway. We have other ways to prevent infections and attacks, of course, so this is just one tool in the box, but we had a handful before this from people visiting sites they should not have. Web Gateway has prevented those, at least.
  • There was some pushback initially as users had to deal with some business sites not working (usually due to CA problems). After the initial growing pains, however, we've seen very few other problems.
  • The appliance updates itself, in the middle of the night, so that reduces some overhead and planned downtime.
Robert Paul | TrustRadius Reviewer

Pricing Details

AWS WAF

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

AWS WAF Editions & Modules

Edition
Resource Type - Web ACL$5.001
Resource Type - Rule$1.001
Resource Type - Request$0.602
  1. per month (prorated hourly)
  2. per 1 million requests
Additional Pricing Details

Sophos Secure Web Gateway

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Sophos Secure Web Gateway Editions & Modules

Additional Pricing Details

Add comparison