Amazon Web Services offers AWS WAF (web application firewall) to protect web applications from malicious behavior that might impede the applications functioning and performance, with customizable rules to prevent known harmful behaviors and an API for creating and deploying web security rules.
$0.60
per 1 million requests
Sophos UTM
Score 8.9 out of 10
N/A
Sophos UTM provides core firewall features, plus sandboxing and AI threat detection for advanced network security. It has customizable deployment options.
N/A
Pricing
AWS WAF
Sophos UTM
Editions & Modules
Resource Type - Request
$0.60
per 1 million requests
Resource Type - Rule
$1.00
per month (prorated hourly)
Resource Type - Web ACL
$5.00
per month (prorated hourly)
No answers on this topic
Offerings
Pricing Offerings
AWS WAF
Sophos UTM
Free Trial
No
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
t2.small - $0.123 - Total / hr
m3.medium - $0.417 - Total / hr
m3.large - $0.883 - Total / hr
m3.xlarge - $1.366 - Total / hr
m3.2xlarge- $1.982 - Total / hr
c3.large - $0.555 - Total / hr
c3.xlarge - $1.11 - Total / hr
c3.2xlarge - $1.72 - Total / hr
c3.4xlarge - $2.59 - Total / hr
c3.8xlarge - $3.68 - Total / hr
c4.large - $0.55 - Total / hr
c4.xlarge - $1.099 - Total / hr
c4.2xlarge - $1.698 - Total / hr
c4.4xlarge - $2.546 - Total / hr
c4.8xlarge - $3.841 - Total / hr
m4.large - $0.868 - Total / hr
m4.xlarge - $1.365 - Total / hr
m4.2xlarge- $1.931 - Total / hr
Well Suited: 1. To prevent DDOS attacks: AWS WAF has a lot of managed rules to prevent DDOS attacks based on traffic origination from a particular IP or IP reputation etc. 2. To rate-limit requests: Well it sounds familiar like preventing DDOS attacks, but it can also be used to rate-limit requests originating from the same IP address. We have used this feature so that we can test multiple failure scenarios for our application. 3. To prevent Data crawling: The BOT control feature allows us to prevent BOTs from crawling data on our websites. Not Suited: 1. To integrate applications outside of AWS Cloud: As I mentioned in my previous comments, this type of integration requires a custom implementation of another AWS resource.
UTM works great if you want a solid, obvious firewall. There's not a lot of second-guessing as to what you are about to do with every change you make. If you incorporate their wireless access points and RED (remote ethernet device) for remote users or small offices, it's considerably much easier to set up than other comparable solutions. If you are looking to manage your firewalls via the cloud, you are out of luck.
Protect any application against the most common attacks.
Provides better visibility of web traffic.
It allows us to control the traffic in different ways in which it is enabled or blocked through the implementation of security rules developed personally according to our needs.
It is able to block common attacks such as SQL code injection.
It allows defining specific rules for applications, thus increasing web security as they are developed.
AWS WAF is a bit costly if used for single applications.
they should provide attack-wise protection, like if my certain type of application is vulnerable to DDOS then I should be able to buy WAF, especially for that attack.
We have been using AWS WAF for the past 3 years in front of our websites. We find it useful in preventing data crawling, DDOS attacks, etc on our websites, and hence we are going to use it in the future as well. AWS WAF is one of the best Firewalls in business.
The product is highly scalable. It is easy to configure the rules and thereby helps us to mitigate many vulnerabilities. The interface and programming of the firewall provisions were easy to setup. Amazon clearly spent a lot of time figuring this out and perfecting it. It allows users to do customized configurations based on their needs. It provides protection against a number of security issues like XSS, SQL injection, etc. I would definitely recommend this for protecting your infra as you scale, since this basically protects and filters all requests hitting your application server.
The interface is no non-sense and easy to understand. No need for any consultants to help implement this solution. The performance is consistent and solid. Paired with a good amount of firmware and definitions, it's hard to find any fault in this product. It's interoperability with other Sophos products make a compelling argument to invest in more Sophos products.
If you're intending to use AWS WAF, I would say that you absolutely should sign up for support. AWS Support is excellent and they can help you in a really good way to solve your issues.
I find the support fair. The wait can be frustrating when dealing with fire. The pandemic has not helped with this. Although the wait can be long, the support reps are knowledgeable and was able to resolve the issues I was facing.
Easy of use. Setup and configuration is fairly quick. There are the usual advantages of it being a cloud solution where you can buy into the solution, configure it and set it up and get it up and running. If you are already a subscriber to AWS, having a native service has its advantages.
I would rate Sophos second on this list right below Webroot. Webroot has an easier user interface and policy builder. However, Sophos would be on top of its UI would be improved. I would rank CrowStrike third and McAfee last. Sophos is great for complex environments that have multiple needs.
Implementing this AWS service has been really favorable because when creating custom rules we give more specific protection to our applications against vulnerabilities that cause them to be consuming other resources or running with errors.
It allows us to control the traffic of our business applications, which is really favorable, given that in this way we can decide that you can access them and not.
It is extremely advantageous that we can establish rules in a centralized way since it saves time, as well as it allows us to protect several applications at the same time by reusing the rules established above.
It allows you to save time and money because we only pay for what is used.
