Barracuda Web Application Firewall, from Barracuda Networks in Campbell, California, protects web applications from bots, DDoS attacks, and other advanced threats to enterprise apps.
F5 Distributed Cloud WAF leverages F5's Advanced WAF technology, delivering WAF-as-a-Service and combining signature- and behavior-based protection for web applications. It acts as an intermediate proxy to inspect application requests and responses to block and mitigate a broad spectrum of risks stemming from the OW ASP Top 10, persistent and coordinated threat campaigns, bots, and layer 7 DoS.
Easy to use and reliable, with very little maintenance required and zero downtime to date. For the education sector, ease of use is hugely important as IT Managers/Technicians are often "Jack of all trades" with a good, broad general knowledge but perhaps lacking specific expertise in certain aspects. Being provided with easy-to-follow tutorials and instructions has been very useful in setting up and configuring the firewall, especially as my background is more in desktop support.
It is doing its job effectively, and its scalability is superb. So, if you have a mixed environment with cloud and on-premise systems to protect this product, provide a solution to the challenge. However, its management is more suited to DevOps teams rather than to the ones responsible for on-premise systems, making the management a bit more complex.
Layer seven attacks are becoming far more common. Traditionally it was always layered three, layer four, where you get an additional firewall, but with the application layer attacks become more frequent, more popular, et cetera. So having the web application firewall protecting us, and then with the recent Log4j, that's the most recent use case when it gave us that instant level of protection whilst we remediated the Log4j that we had that and the F5 Distributed Cloud WAF was protecting us.
I have a great relationship with the account manager, my account manager, and I think he drives the best price possible, um, for me, and I'm happy with that price.
F5 Distributed Cloud WAF is always innovating and evolving.
We run a very competitive proof value where we run numerous competitors against each other, and then we evaluate from that and then make the selection, and F5 Distributed Cloud WAF was the winner.
STM crashes sometimes happen due to unusual traffic pattern
Obfuscation on the client side user credentials which appears in the developer tools of browser
URL Profiles redundancy during the learning of traffic needs to be fixed
Dos Protection should be more granular like escalation period to throw JS challenge, Captcha and rate limit when escalation period hits until the WAF stops the attack
Client Fingerprinting should work as expected when verifying the clients as in rare some scenarios, it creates issues
We gave it an 8 because it protects our web apps well and is reliable. The WAF is flexible and meets most of our needs. It could improve in user interface and make integrations easier, but overall, it’s a solid and effective security tool for us.
-User friendly interface for quick learning -Quick deployment for deploying applications -Easy to manage for naive -System components and upgradation of the WAF is very easy go with -Back restoration is very to make it up and ready anytime -Seperate JSON and XmL profiles for each URLs of the application is plus -Amazing and world class support engineer in comparison other vendors and always available to support -Quick resolution on bugs with their patch applying process
I believe is a solution that was designed from the start to be simple and easy to use. Coming from Imperva, it simply eased the burden and complexity of managing and securing our apps on different environments (cloud and on-prem). It easy to scale and very quick to deploy (as a cloud waf should be), provide us with DevOps integrations, visibility and automatic insights from multiple events that guarantee peace of mind for us analysts and opp managers.
The Barracuda Web Application Firewall is easy to use. Support from Barracuda is great also. Load Balancing of the Web Application Firewall is also nice. This allows you to do maintenance or have large loads for the end-user. Threat monitoring of our network and traffic coming into our services within our cloud solution.
We have been using their Backup products especially Backup Appliances and legacy products like Intronis. We are also using their Cloud Backup Solutions for O365. This is the reason we opted for this product.
The other one that I've used in the past, they're very similar and I haven't used it recently, so I can't do a side-by-side comparison today. But I can say that F5 does everything we want it to do consistent with what this other product did do and it's got enhanced features and of course we have a long history with F5 as a product set in general.
The biggest gain for us was speed. Before F5 Distributed Cloud WAF, onboarding a new app to our WAF stack meant manual rule tuning, traffic sampling and regression testing. Right now, we spin up a service, tag it with the right policy and its ready (production ready) within hours