Barracuda Web Application Firewall vs. BlazeMeter

Easy to use and reliable, with very little maintenance required and zero downtime to date. For the education sector, ease of use is hugely important as IT Managers/Technicians are often "Jack of all trades" with a good, broad general knowledge but perhaps lacking specific expertise in certain aspects. Being provided with easy-to-follow tutorials and instructions has been very useful in setting up and configuring the firewall, especially as my background is more in desktop support.

Incentivized

It is well suited for applications that are mission-critical or applications that can receive high traffic/transactions at unscheduled time periods. Using the load testing feature of BlazeMeter, we can test and ascertain the capacity of the application without the drawbacks of the usual Apache JMeter load testing which depends heavily on the host system from where the load testing is performed.

Incentivized

• Attack patterns are regularly updates through contents via Barracuda Web Application Firewall update servers
• Bot Protection has a good line feature to verify between the genuine clients like browsers and bots
• Dos Protection also good level of protection to mitigate Layer 7 attacks
• Allow Deny Rules provides a lot of granular controls to allow and deny the traffic
• URL profiles has a very granular control to mitigate false positives
• Parameter profiles has a very granular control to mitigate false positives
• Risk score feature for the clients to mitigate attacks is also very good feature
• Client fingerprint module can be used against malicious user to enhance security
• Separate XML and JSOn profile for all the URL profiles of the application is plus
• API security is very much effective and shadow API can also be identified

• BlazeMeter takes the .jmx script that teams had written for JMeter. The transition from JMeter to BlazeMeter was seamless.
• BlazeMeter offers its own cloud and hence we did not have to set it up on-premise.
• BlazeMeter hits our application from various geographic locations that simulates real life users.

Incentivized

• STM crashes sometimes happen due to unusual traffic pattern
• Obfuscation on the client side user credentials which appears in the developer tools of browser
• URL Profiles redundancy during the learning of traffic needs to be fixed
• Dos Protection should be more granular like escalation period to throw JS challenge, Captcha and rate limit when escalation period hits until the WAF stops the attack
• Client Fingerprinting should work as expected when verifying the clients as in rare some scenarios, it creates issues

• Blazemeter reporting is very basic and shallow. There is no way to drill down or correlate. I can get better reports by using JMeter for free.
• Blazemeter is very costly. Testing with volumes of more than 1K cu is expensive, and can be done for much cheaper if a company/team is willing to invest a bit of time to figure out how to use cloud instances and jmeter slaves, and to write a basic script to collect resulting xml output.

Incentivized

-User friendly interface for quick learning -Quick deployment for deploying applications -Easy to manage for naive -System components and upgradation of the WAF is very easy go with -Back restoration is very to make it up and ready anytime -Seperate JSON and XmL profiles for each URLs of the application is plus -Amazing and world class support engineer in comparison other vendors and always available to support -Quick resolution on bugs with their patch applying process

Easy to setup to do API Performance Testing. Dashboard to showcase results Capability to showcase runtime results

Incentivized

The Barracuda Web Application Firewall is easy to use. Support from Barracuda is great also. Load Balancing of the Web Application Firewall is also nice. This allows you to do maintenance or have large loads for the end-user. Threat monitoring of our network and traffic coming into our services within our cloud solution.

Incentivized

We have been using their Backup products especially Backup Appliances and legacy products like Intronis. We are also using their Cloud Backup Solutions for O365. This is the reason we opted for this product.

In comparison with Blazemeter the closes competitor is JMeter but it has disadvantages like it is not a tool that can be use as a collaborative tool and works locally in a computer, Blazemeter is in the web so different people can access and run tests or collaborate do add, edit or delete the existent scripts.

Incentivized

• Much better response times for remote transactions
• 4 year refresh cycle included with active support contracts
• More expensive than traditional firewalls (however its superior to those, not apples to apples)

Incentivized

• It helped positively by helping to identify the maximum capacity needed for high traffic periods
• Saved revenue by eliminating unwanted duplication of systems

Incentivized