Barracuda Application Protection is a cloud-delivered application security service that includes full-spectrum L3-L7 DDoS protection (volumetric and application) to protect applications from disruptions and ensure nonstop availability.
N/A
F5 Big-IP Advanced WAF
Score 9.4 out of 10
N/A
F5 Networks offers the Advanced Web Application Firewall (WAF) to provide bot defense, advanced application protection, anti-bot SDK, and other features.
N/A
Pricing
Barracuda Application Protection
F5 Big-IP Advanced WAF
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Barracuda Application Protection
F5 Big-IP Advanced WAF
Free Trial
Yes
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Barracuda Application Protection
F5 Big-IP Advanced WAF
Considered Both Products
Barracuda Application Protection
No answer on this topic
F5 Big-IP Advanced WAF
Verified User
Engineer
Chose F5 Big-IP Advanced WAF
-Stable data path equals to less crashes -Almost all the features working as expected -Provides more granular controls in allowing false positives
Simple Barracuda WAF-as-a-Service were out of the box standard policies can be applied. this Barracuda WAF-as-a-Service is perfect for a basic environment and protection in particular if you have already other barracuda Infrastruture elements in your network. Easy to deploy configure and get it running with in a few hours. Definitely not the type of WAF for a complex web application.
I believe that in industrial environments like ours where we have to have bare metal devices near the production environment combined with hybrid cloud, that is a good platform. That's a good use case. It optimizes traffic. It helps us stay more secure in our data centers. Now with regards to that are fully operating in the cloud, I'm not really sure if we would make the same decision considering the option that I said to have something that is self-provision to avoid too much management of virtual machines on the cloud. So that's an area of improvement.
So the product definitely is helping us for sudden attacks through DDOS, some injection ingestion into UI URLs, and definitely it's capturing those and I definitely see that as an advantage for us. They can stop the hackers from using our endpoints.
The UI for events. E.g., clicking the "Accept" button does nothing.
Traffic learning suggestions are often very incorrect. We were originally suggested to use "Automatic" learning, and had to completely scrap the policy due to the suggestions.
"All in one" dashboard for viewing application URL/parameter overrides per policy.
-Easy to deploy -Easy to manage application -Scalability is good -Security Features contains a lot of granularities especially URL profiles protection and Json security
Most* of it is very intuitive and easy to use. The "Help" section is fairly fantastic. See some of my other comments about things like the "Traffic Learning" section being wildly wrong sometimes, and also the event logs with UI buttons that don't do anything. Overall though, it's an excellent product.
Price for the over all functionalities offered. Simplicity to configure and deploy in our current environment. Automated standard policies. easy to maintain.
-Stable data path equals to less crashes -Almost all the features working as expected -Provides more granular controls in allowing false positives -Request evaluation is accurate -Irules feature is a plus
In our case it has been great because the pricing is just right for all the features that we have on the platform and the flexibility. In fact, we acquired another license last year, so that's something that we're interested in. We are currently moving towards the cloud with our ERP systems and eliminating the IBM platform, so we would like to see that F5 virtual option available on Azure.
