F5 Big-IP Advanced WAF vs. F5 Distributed Cloud WAF (Web Application Firewall)

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
F5 Big-IP Advanced WAF
Score 9.4 out of 10
N/A
F5 Networks offers the Advanced Web Application Firewall (WAF) to provide bot defense, advanced application protection, anti-bot SDK, and other features.N/A
F5 Distributed Cloud WAF (Web Application Firewall)
Score 9.2 out of 10
N/A
F5 Distributed Cloud WAF leverages F5's Advanced WAF technology, delivering WAF-as-a-Service and combining signature- and behavior-based protection for web applications. It acts as an intermediate proxy to inspect application requests and responses to block and mitigate a broad spectrum of risks stemming from the OW ASP Top 10, persistent and coordinated threat campaigns, bots, and layer 7 DoS.N/A
Pricing
F5 Big-IP Advanced WAFF5 Distributed Cloud WAF (Web Application Firewall)
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
F5 Big-IP Advanced WAFF5 Distributed Cloud WAF (Web Application Firewall)
Free Trial
NoYes
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeOptional
Additional Details
More Pricing Information
Community Pulse
F5 Big-IP Advanced WAFF5 Distributed Cloud WAF (Web Application Firewall)
Considered Both Products
F5 Big-IP Advanced WAF
Chose F5 Big-IP Advanced WAF
-Stable data path equals to less crashes
-Almost all the features working as expected
-Provides more granular controls in allowing false positives
Chose F5 Big-IP Advanced WAF
I believe that in the case of Big-IP F5, it has a lot of power, a lot of features including the VPN features and also the evaluation of security posture of the devices that connect through VPN. That's very solid and that's something that is not found in all the WAF solutions …
Chose F5 Big-IP Advanced WAF
Sure! Here's a made-up but professional response you can use or adapt depending on the context (e.g., a report, RFP, internal justification, etc.): Describe how F5 BIG-IP Advanced WAF stacks up against them and why you selected F5 BIG-IP Advanced WAF.
Chose F5 Big-IP Advanced WAF
AWAF provides most complete web application and API protection; including L7 DoS; in custimer's multi cloud deployments whether on-premises, public cloud, private cloud, etc.
Chose F5 Big-IP Advanced WAF
F5 Big-IP advanced WAF will provide just enough flexibility to protect areas and services the way others just can't.
Chose F5 Big-IP Advanced WAF
Currently, we are using our IPS tools and IDS tools, but for the applications, we also use endpoint detection and those kinds of tools. But the firewall is actually a very important tool rather than those products. Because it exactly happens at the layer that we really want it …
Chose F5 Big-IP Advanced WAF
because its integration are very well, making a stronger solutions to cover many more attacks.
Chose F5 Big-IP Advanced WAF
F5 APM beats them all, hands down for internally hosted applications.
Chose F5 Big-IP Advanced WAF
F5 WAF provides much more control and has a lot of features that can be used to protect your applications. You can have granular configuration settings per application and disable attack signatures on very specific scenarios whenever is needed. Also, the logs are very detailed …
F5 Distributed Cloud WAF (Web Application Firewall)
Chose F5 Distributed Cloud WAF (Web Application Firewall)
We use bigIP primarily for on-premises infrastructure and protection against volumetric DDoS attacks, including F5 Distributed Cloud WAF (Web Application Firewall).

El bigIP lo utilizamos más para infra on premise, proteccion de ataques volumetricos de DDoS que inculye F5 …
Chose F5 Distributed Cloud WAF (Web Application Firewall)
I prefer F5 Distributed Cloud over BIG-IP is due to we have multiple BIG-IPs, and login in to each one and administer them individually is time consuming. Versus maintaining visibility globally on just one dashboard. In addition, the WAAP services in Distributed Cloud is …
Chose F5 Distributed Cloud WAF (Web Application Firewall)
DDOS protection and leadership in addressing advance threats
Chose F5 Distributed Cloud WAF (Web Application Firewall)
In our opinion, F5 Distributed Cloud WAF (Web Application Firewall) is just better
Chose F5 Distributed Cloud WAF (Web Application Firewall)
Avoid single point of failures avoided with F5 Distributed Cloud WAF (Web Application Firewall).
Chose F5 Distributed Cloud WAF (Web Application Firewall)
Easy to use, clean interface and Dashboard. SaaS offering, easy to onboard. Do not have to worry about upgrades and updates as this is taken care by F5. No worries about operating system bugs and fixes.
Chose F5 Distributed Cloud WAF (Web Application Firewall)
it is a market leader among the security products that we have evaluated.
Chose F5 Distributed Cloud WAF (Web Application Firewall)
existing footprint
Chose F5 Distributed Cloud WAF (Web Application Firewall)
F5 continues to be the leader in our mind, offering the most robust and powerful WAF on the market that meets our needs.
Chose F5 Distributed Cloud WAF (Web Application Firewall)
F5 Distributed Cloud API Security
Chose F5 Distributed Cloud WAF (Web Application Firewall)
F5 DC WAF fit into our ecosystem better as we were already an F5 shop
Chose F5 Distributed Cloud WAF (Web Application Firewall)
As we are already a Big-IP shop, this products fits well with the existing ecosystem. At the same time, this is cost effective and easy to deploy
Chose F5 Distributed Cloud WAF (Web Application Firewall)
Just as easy and flexible as Akamai products, but definitely needs time to build the overall coverage compared to Akamai CDN network
Chose F5 Distributed Cloud WAF (Web Application Firewall)
Akamai Prolexic, Akamai Ion, Akamai CDN, Akamai Bot Manager, FortiWeb, Palo Alto Networks Advanced Threat Prevention and NGINX
Chose F5 Distributed Cloud WAF (Web Application Firewall)
ModSecurity (open-source) and F5 (commercial, including NGINX App Protect) are Web Application Firewalls (WAFs) protecting against Layer 7 attacks. ModSecurity offers a free, flexible, OWASP-based solution, while F5 provides enterprise-grade performance, advanced automation, …
Chose F5 Distributed Cloud WAF (Web Application Firewall)
Imperva Application Firewall
Chose F5 Distributed Cloud WAF (Web Application Firewall)
we selected F5 Distributed Cloud WAF (Web Application Firewall) for its strong threat protection centralized management ,and effective support and for hybrid cloud enviroments
Chose F5 Distributed Cloud WAF (Web Application Firewall)
Cloudflare, Akamai App & API Protector and Imperva Application Firewall
Chose F5 Distributed Cloud WAF (Web Application Firewall)
Not bad, however there were services that were provided by DOS arrest that are automated through F5 cloud and would require attention and expertise to mimic. It does offer the same but must be configured not offered as a bundled configuration.
Chose F5 Distributed Cloud WAF (Web Application Firewall)
Zscaler Internet Access, Zscaler Private Access, Netskope CASB and Cisco Meraki Dashboard
Chose F5 Distributed Cloud WAF (Web Application Firewall)
We considered Cloudflare in the first place because it came with strong appeal upfront, it's easy to deploy especially for small web apps. We even ran a few pilot tests with it during client rollouts but settled on F5 Distributed Cloud WAF instead. Main reason being its …
Chose F5 Distributed Cloud WAF (Web Application Firewall)
Imperva Application Firewall
Chose F5 Distributed Cloud WAF (Web Application Firewall)
They are very similar and protect pretty much against the same attacks. F5 though is easier to manage.
Best Alternatives
F5 Big-IP Advanced WAFF5 Distributed Cloud WAF (Web Application Firewall)
Small Businesses
Cloudflare
Cloudflare
Score 8.9 out of 10
Cloudflare
Cloudflare
Score 8.9 out of 10
Medium-sized Companies
Cloudflare
Cloudflare
Score 8.9 out of 10
F5 Big-IP Advanced WAF
F5 Big-IP Advanced WAF
Score 9.4 out of 10
Enterprises
NGINX
NGINX
Score 9.1 out of 10
F5 Big-IP Advanced WAF
F5 Big-IP Advanced WAF
Score 9.4 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
F5 Big-IP Advanced WAFF5 Distributed Cloud WAF (Web Application Firewall)
Likelihood to Recommend
9.5
(0 ratings)
9.1
(0 ratings)
Likelihood to Renew
9.1
(0 ratings)
7.8
(0 ratings)
Usability
8.3
(0 ratings)
9.1
(0 ratings)
Availability
-
(0 ratings)
9.1
(0 ratings)
Performance
-
(0 ratings)
9.1
(0 ratings)
Support Rating
-
(0 ratings)
9.1
(0 ratings)
Online Training
-
(0 ratings)
9.1
(0 ratings)
Implementation Rating
-
(0 ratings)
8.6
(0 ratings)
Configurability
-
(0 ratings)
9.1
(0 ratings)
Product Scalability
-
(0 ratings)
9.1
(0 ratings)
Vendor post-sale
-
(0 ratings)
9.1
(0 ratings)
Vendor pre-sale
-
(0 ratings)
9.1
(0 ratings)
User Testimonials
F5 Big-IP Advanced WAFF5 Distributed Cloud WAF (Web Application Firewall)
Likelihood to Recommend
Advanced WAF is well suited for protection against account enumeration attacks, protection against known and new increasing attack vectors through out of the box attack signatures and threat campaigns. Also, up to date and accurate IP intelligence database to block based on known IP reputation.
Read full review
So a lot of companies that have a digital side and they have a lot of applications in the cloud, this is one of those areas that it can protect the net so it can lock 'em down, it'll build a baseline so you understand what that application's doing. So if it sees something not normal, it'll get protected against that.
Read full review
Pros
  • So the product definitely is helping us for sudden attacks through DDOS, some injection ingestion into UI URLs, and definitely it's capturing those and I definitely see that as an advantage for us. They can stop the hackers from using our endpoints.
Read full review
  • Layer seven attacks are becoming far more common. Traditionally it was always layered three, layer four, where you get an additional firewall, but with the application layer attacks become more frequent, more popular, et cetera. So having the web application firewall protecting us, and then with the recent Log4j, that's the most recent use case when it gave us that instant level of protection whilst we remediated the Log4j that we had that and the F5 Distributed Cloud WAF was protecting us.
  • I have a great relationship with the account manager, my account manager, and I think he drives the best price possible, um, for me, and I'm happy with that price.
  • F5 Distributed Cloud WAF is always innovating and evolving.
  • We run a very competitive proof value where we run numerous competitors against each other, and then we evaluate from that and then make the selection, and F5 Distributed Cloud WAF was the winner.
Read full review
Cons
  • The UI for events. E.g., clicking the "Accept" button does nothing.
  • Traffic learning suggestions are often very incorrect. We were originally suggested to use "Automatic" learning, and had to completely scrap the policy due to the suggestions.
  • "All in one" dashboard for viewing application URL/parameter overrides per policy.
Read full review
  • Lack of warnings, currently the console does not provide a warning when deleting key-value entry.
  • The web GUI could use some tweaking, currently no undo option when removing exclusion rules.
  • Configuration complexity, currently menus and options are hidden, making it hard to configure vs on prem.
Read full review
Likelihood to Renew
We just love work with f5
Read full review
I would continue using F5 Distributed Cloud WAF because I am highly satisfied with its robust and comprehensive features that effectively protect our applications from evolving cyber threats. The advanced AI capabilities enhance threat detection and response, providing proactive security. Additionally, the excellent customer support ensures quick resolution of any issues, making the overall experience reliable and efficient. Trust in the manufacturer’s innovation and continuous updates further motivates me to keep this solution as a core part of our security infrastructure.
Read full review
Usability
Most* of it is very intuitive and easy to use. The "Help" section is fairly fantastic. See some of my other comments about things like the "Traffic Learning" section being wildly wrong sometimes, and also the event logs with UI buttons that don't do anything. Overall though, it's an excellent product.
Read full review
I believe is a solution that was designed from the start to be simple and easy to use. Coming from Imperva, it simply eased the burden and complexity of managing and securing our apps on different environments (cloud and on-prem). It easy to scale and very quick to deploy (as a cloud waf should be), provide us with DevOps integrations, visibility and automatic insights from multiple events that guarantee peace of mind for us analysts and opp managers.
Read full review
Reliability and Availability
No answers on this topic
Seems no issue
Read full review
Performance
No answers on this topic
Unnoticed slowness
Read full review
Support Rating
Highly knowledgeable engineers who understand complex networking and application-delivery issues.


Strong escalation paths — once a case reaches senior engineers, resolutions are fast and accurate.


Comprehensive documentation and many self-service resources for troubleshooting.


Clear communication with well-structured updates throughout the ticket lifecycle.


Excellent for critical incidents, with reliable guidance during high-severity outages.


Deep product expertise across BIG-IP, ASM/Advanced WAF, GTM/DNS, and modern F5 services.
Read full review
I never contacted support for this product.
Read full review
Online Training
No answers on this topic
Online training saves me lots of time
Read full review
Implementation Rating
No answers on this topic
Just make sure you origin servers have F5 IPs allowed.
Read full review
Alternatives Considered
I believe that in the case of Big-IP F5, it has a lot of power, a lot of features including the VPN features and also the evaluation of security posture of the devices that connect through VPN. That's very solid and that's something that is not found in all the WAF solutions and so I haven't seen that in Azure.
Read full review
It provides fewer false positives and a more granular approach to eliminating them, allowing us to focus on threats. Also, with the need to secure both on-premise and cloud-based web applications, we can only use Azure on the cloud part, but we still need to cover on-premise apps with WAF, so we would need to double the time to deploy and manage. Also, its flexibility of deployment scenarios offers us a faster time to deploy WAF without adjusting the app delivery process to WAF's existence.
Read full review
Scalability
No answers on this topic
Dont see any issue so far
Read full review
Return on Investment
  • One impact F5 Big-IP Advanced WAF has on our organization's overall business objectives is that F5 Big-IP Advanced WAF is security sensitive
  • Another impact F5 Big-IP Advanced WAF has on our organization's overall business objectives is the F5 Big-IP Advanced WAF blocking feature
Read full review
  • It gives us peace of mind knowing that we have an easy way to mitigate any bad traffic coming to our websites and e-commerce. So it really gives us peace of mind. It doesn't affect the job projecting where the traffic is coming from. We actually have the bot functionality as well, so if there is any bot attacking our website, it automatically prevents it. So it's been pretty productive.
Read full review
ScreenShots

F5 Distributed Cloud WAF (Web Application Firewall) Screenshots

Screenshot of Screenshot of