Barracuda Web Application Firewall vs. F5 Big-IP Advanced WAF

Easy to use and reliable, with very little maintenance required and zero downtime to date. For the education sector, ease of use is hugely important as IT Managers/Technicians are often "Jack of all trades" with a good, broad general knowledge but perhaps lacking specific expertise in certain aspects. Being provided with easy-to-follow tutorials and instructions has been very useful in setting up and configuring the firewall, especially as my background is more in desktop support.

Incentivized

I believe that in industrial environments like ours where we have to have bare metal devices near the production environment combined with hybrid cloud, that is a good platform. That's a good use case. It optimizes traffic. It helps us stay more secure in our data centers. Now with regards to that are fully operating in the cloud, I'm not really sure if we would make the same decision considering the option that I said to have something that is self-provision to avoid too much management of virtual machines on the cloud. So that's an area of improvement.

Incentivized

• Attack patterns are regularly updates through contents via Barracuda Web Application Firewall update servers
• Bot Protection has a good line feature to verify between the genuine clients like browsers and bots
• Dos Protection also good level of protection to mitigate Layer 7 attacks
• Allow Deny Rules provides a lot of granular controls to allow and deny the traffic
• URL profiles has a very granular control to mitigate false positives
• Parameter profiles has a very granular control to mitigate false positives
• Risk score feature for the clients to mitigate attacks is also very good feature
• Client fingerprint module can be used against malicious user to enhance security
• Separate XML and JSOn profile for all the URL profiles of the application is plus
• API security is very much effective and shadow API can also be identified

• So the product definitely is helping us for sudden attacks through DDOS, some injection ingestion into UI URLs, and definitely it's capturing those and I definitely see that as an advantage for us. They can stop the hackers from using our endpoints.

Incentivized

• STM crashes sometimes happen due to unusual traffic pattern
• Obfuscation on the client side user credentials which appears in the developer tools of browser
• URL Profiles redundancy during the learning of traffic needs to be fixed
• Dos Protection should be more granular like escalation period to throw JS challenge, Captcha and rate limit when escalation period hits until the WAF stops the attack
• Client Fingerprinting should work as expected when verifying the clients as in rare some scenarios, it creates issues

• The UI for events. E.g., clicking the "Accept" button does nothing.
• Traffic learning suggestions are often very incorrect. We were originally suggested to use "Automatic" learning, and had to completely scrap the policy due to the suggestions.
• "All in one" dashboard for viewing application URL/parameter overrides per policy.

Incentivized

We just love work with f5

Incentivized

-User friendly interface for quick learning -Quick deployment for deploying applications -Easy to manage for naive -System components and upgradation of the WAF is very easy go with -Back restoration is very to make it up and ready anytime -Seperate JSON and XmL profiles for each URLs of the application is plus -Amazing and world class support engineer in comparison other vendors and always available to support -Quick resolution on bugs with their patch applying process

Most* of it is very intuitive and easy to use. The "Help" section is fairly fantastic. See some of my other comments about things like the "Traffic Learning" section being wildly wrong sometimes, and also the event logs with UI buttons that don't do anything. Overall though, it's an excellent product.

Incentivized

The Barracuda Web Application Firewall is easy to use. Support from Barracuda is great also. Load Balancing of the Web Application Firewall is also nice. This allows you to do maintenance or have large loads for the end-user. Threat monitoring of our network and traffic coming into our services within our cloud solution.

Incentivized

Highly knowledgeable engineers who understand complex networking and application-delivery issues.


Strong escalation paths — once a case reaches senior engineers, resolutions are fast and accurate.


Comprehensive documentation and many self-service resources for troubleshooting.


Clear communication with well-structured updates throughout the ticket lifecycle.


Excellent for critical incidents, with reliable guidance during high-severity outages.


Deep product expertise across BIG-IP, ASM/Advanced WAF, GTM/DNS, and modern F5 services.

Incentivized

We have been using their Backup products especially Backup Appliances and legacy products like Intronis. We are also using their Cloud Backup Solutions for O365. This is the reason we opted for this product.

-Stable data path equals to less crashes -Almost all the features working as expected -Provides more granular controls in allowing false positives -Request evaluation is accurate -Irules feature is a plus

Incentivized

• Much better response times for remote transactions
• 4 year refresh cycle included with active support contracts
• More expensive than traditional firewalls (however its superior to those, not apples to apples)

Incentivized

• In our case it has been great because the pricing is just right for all the features that we have on the platform and the flexibility. In fact, we acquired another license last year, so that's something that we're interested in. We are currently moving towards the cloud with our ERP systems and eliminating the IBM platform, so we would like to see that F5 virtual option available on Azure.

Incentivized