Microsoft's Azure Application Gateway is a platform-managed, scalable, and highly available application delivery controller as a service with integrated web application firewall.
N/A
F5 Big-IP Advanced WAF
Score 9.4 out of 10
N/A
F5 Networks offers the Advanced Web Application Firewall (WAF) to provide bot defense, advanced application protection, anti-bot SDK, and other features.
For building scalable and highly available applications, Azure Application Gateway does most of the job on behalf of you; automatically load-balancing traffic from a number of users to a number of back-end servers. This ensure scalability and availability. The in-built security is great as can be expected from Microsoft, and user has a variety of tools for monitoring the health of the load-balancing function as well as the health of back end servers behind it.
I believe that in industrial environments like ours where we have to have bare metal devices near the production environment combined with hybrid cloud, that is a good platform. That's a good use case. It optimizes traffic. It helps us stay more secure in our data centers. Now with regards to that are fully operating in the cloud, I'm not really sure if we would make the same decision considering the option that I said to have something that is self-provision to avoid too much management of virtual machines on the cloud. So that's an area of improvement.
So the product definitely is helping us for sudden attacks through DDOS, some injection ingestion into UI URLs, and definitely it's capturing those and I definitely see that as an advantage for us. They can stop the hackers from using our endpoints.
The UI for events. E.g., clicking the "Accept" button does nothing.
Traffic learning suggestions are often very incorrect. We were originally suggested to use "Automatic" learning, and had to completely scrap the policy due to the suggestions.
"All in one" dashboard for viewing application URL/parameter overrides per policy.
Most of the Application Gateway's features and services can be managed and re-configured via either the Azure Portal GUI or via the Azure Cloud Shell, thus allowing both CLI modes, i.e. Azure CLI (Bash) and Azure Powershell. The v2 version of Application Gateway has significantly improved performance during initial configuration or during re-configuration changes, thus making it much more usable for IT admins, as compared to v1.
Most* of it is very intuitive and easy to use. The "Help" section is fairly fantastic. See some of my other comments about things like the "Traffic Learning" section being wildly wrong sometimes, and also the event logs with UI buttons that don't do anything. Overall though, it's an excellent product.
Other load balancing tools in Azure (Azure LB and Azure Traffic Manager) are limited in their functionality in comparison with the Azure Application Gateway, and also, they don't provide security features. Azure Firewall, although it has security features, is more expensive, and most importantly, it's not a load balancer at all.
-Stable data path equals to less crashes -Almost all the features working as expected -Provides more granular controls in allowing false positives -Request evaluation is accurate -Irules feature is a plus
In our case it has been great because the pricing is just right for all the features that we have on the platform and the flexibility. In fact, we acquired another license last year, so that's something that we're interested in. We are currently moving towards the cloud with our ERP systems and eliminating the IBM platform, so we would like to see that F5 virtual option available on Azure.
