Cloudflare’s connectivity cloud is a unified platform of cloud-native services designed to help enterprises regain control over their IT environments. Powered by an intelligent, programmable global cloud network, it is built to offer security, performance, visibility, and reliability.
$20
per month
F5 BIG-IP Local Traffic Manager (LTM)
Score 9.3 out of 10
N/A
F5 states that the "brain" of the BIG-IP platform, Local Traffic Manager (LTM) intelligently manages network traffic so applications are always fast, available, and secure.
Zero Trust Security: Cloudflare One, a SASE (Secure Access Service Edge) platform, helps organizations implement Zero Trust security models. This secures how users connect to applications and the internet, with identity-based security controls delivered close to the user. Protecting Internal Infrastructure: Cloudflare offers solutions like Cloudflare One to secure internal networks and devices, providing capabilities like secure web gateways, cloud access security brokers, and data loss prevention.
I mean the only reason we changed away from it was price and it just simply had to do with the licensing that Citrix was offering on the NetScalers. They had basically an all you can eat consumption license that we were easily inside of with all of our VDI usage, whereas with F5 we had to buy the hardware and we had to license the software. Any place you need to actually do traffic balancing at scale, it's a fantastic product. I couldn't recommend it highly enough. There's just some things that hardware SSL offload and hardware load balancing just simply can't be equal that I don't know if there's a better product on the market for that.
The best part is the content delivery network. Cloudflare has a large network of data centres around the world that helps cache and delivers content quickly to our customers.
Cloudflare offers us with a fast and reliable DNS service and with the world class features such as Cloudflare workers, SSL verification, certificate management and web application firewall. When all of these are combined together, it provides very strict security for our organization.
One of the most important feature that we use is the analytics and threat detection. It provides us with the real time insights of all the threats originating from multiple locations and landing on our websites.
Sure. It does load balancing fantastically. I mean, it's an industry standard product for that. We also use it for TLS offload for applications. Those are the two main use cases for that. We do also use some of the I rules for traffic filtering. We've used that in some of the external facing services. It does a really nice job with that. It's a little bit complicated sometimes and some of the Cipher Suite stuff is interesting.
In some cases, using Cloudflare can actually lead to slower website speeds if the network is congested or if the website's traffic is particularly heavy.
Some website owners may find that the level of customization offered by Cloudflare is limited, especially in comparison to other solutions.
While Cloudflare is easy to set up and manage, it may be too complex for users who are not familiar with web technologies.
Some of the stuff you have to dive into the CLI to really use, I'm going to reach back to the previous employer for this. So I had a much greater degree of involvement with it at that point in time for, I was the crypto guy at the company and I had to design all the cipher suites that we actually implemented on our front end banking products. So in order to do that, I had to dive into it, download all the Cipher suites, figure out the actual order of operation for them, how they were selected because I wanted to design the Cipher Suites to actually provide a specific customer experience for the types of connections that our customers were likely to initiate. Getting at that information was a giant PITA. It was poorly documented at the time. I'm not sure if it's documented any better now. Every time the software changed or got upgraded, made your version, I'd have to do it all over again because the upgrades to the stack, which looked like it was based on open SSL, but it was heavily modified with a different syntax. Oh yay. That's fun too. So I had to write giant documents describing all of the ciphers that I was designing for this because it just kept changing all the time. So I didn't care for that aspect of it. Traffic management does a great job for that.
F5 has always been one of the best products we have in the data center. We had few issues with the BUG and Code upgrades but the main use cases for F5 was always top notch. From High availability to Globally load balancing applications across multiple data centers and muti cloud environments.
Everything is extremely concise and all settings apply immediately and take effect globally. There is no reason to explicitly plan/think in terms of individual regions as one would have to traditional cloud offerings (AWS, OCI, Azure). All Cloudflare products integrate seamless as part of a single pipeline that executes from request to response.
F5 BIG-IP Local Traffic Manager is very easy to use. Building each application is straightforward forward and the help function and now with the new AI assistant soon to be available, it is going to be easier than ever to be able to understand and implement each application.
I have only used their support a few times, and most times, they are responsive and able to resolve my issue with a minimal amount of time and effort. However, there was one instance where I simply asked about how to purchase some more resources (redirect rules), and I received some type of automated/AI response that was very unhelpful and gave me no opportunity to escalate to a person.
F5 is doing its specialized function. There is no other product that can beat them. We are extremely happy with the product. Especially on load balancing, traffic redirecting TLS encryption, and SNI modification. We will continue to explore F5's product, especially on the public cloud side. e.g. NGINX.
Immediate ROI on Registrar and DNS hosting while giving a single plane of glass to managing both with domain registrations at cost, and no cost DNS hosting
WAF helped us move at risk servers/applications into a protected state allowing us to perform remediations at a measured pace and get them done right instead of band aide solutions.
CDN proxying increase the speed of our website while simultaneously reducing server load.
DMARC management and report interpretation allow use to identify weak points in our email systems, remediate and move to stricter policies without significantly increasing staff time spent managing it.
