F5 Distributed Cloud WAF leverages F5's Advanced WAF technology, delivering WAF-as-a-Service and combining signature- and behavior-based protection for web applications. It acts as an intermediate proxy to inspect application requests and responses to block and mitigate a broad spectrum of risks stemming from the OW ASP Top 10, persistent and coordinated threat campaigns, bots, and layer 7 DoS.
N/A
IBM WebSphere Hybrid Edition
Score 7.5 out of 10
N/A
WebSphere Hybrid Edition from IBM is a collection of WebSphere application runtimes and modernization tools that provides support for on-premise and major public cloud deployments, in virtual machines, containers and Kubernetes. The user can choose any WebSphere edition and deploy Liberty and application modernization tools to help move to a cloud-native architecture, modernize existing applications and support an existing WebSphere estate.
It helps our website to manage well during high traffic seasons and Holidays. This plaform manages the website overall performance and also protect it against DDoS attacks during these High demand period. It also protects transactions done on our website for the booking of services and products buying by our customers and keep their data safe.
IBM WebSphere Hybrid edition is well-suited for the development and deployment of large enterprise-level applications such as Electronic Health Records that are used in our organization. IBM WebSphere is appropriate for organizations that require strong security and compliance as it provides a high level of security and compliance features. This works well with organizations that are subject to strict regulatory requirements, such as hospitals.
Layer seven attacks are becoming far more common. Traditionally it was always layered three, layer four, where you get an additional firewall, but with the application layer attacks become more frequent, more popular, et cetera. So having the web application firewall protecting us, and then with the recent Log4j, that's the most recent use case when it gave us that instant level of protection whilst we remediated the Log4j that we had that and the F5 Distributed Cloud WAF was protecting us.
I have a great relationship with the account manager, my account manager, and I think he drives the best price possible, um, for me, and I'm happy with that price.
F5 Distributed Cloud WAF is always innovating and evolving.
We run a very competitive proof value where we run numerous competitors against each other, and then we evaluate from that and then make the selection, and F5 Distributed Cloud WAF was the winner.
Fail over between devices feels unstable if there are thousands of objects attached to the traffic-group. Needs to be more simpler.
We have seen issues with malicious user detection where we have used open protocols due to legacy applications, and have been caught with legitimate traffic being blocked.
Ease of use in terms of deployment, give simple interface to do simple stuff like Tomcat, JBoss or GlassFish.
Takes long time to start the server.
The Liferay wars need to be decorated and then deployed. Perhaps we could simplify that.
Some of the concepts are good for complexity that WAS can handle but could be simplified and better documented, like concepts of well and profile, context, etc.
A Liferay war file created using Liferay Developer studio runs fine in Tomcat, however that may not run in WAS 7.x because it needs to be decorated. I had one war for a Liferay portlet with a simple cron job, and had hard time running to WAS server. It was running on the latest free download done on my friends m/c. Other times I have seen that there are issues running a war file that runs on Tomcat but runs on WAS after lot of customization for WAS.
The corporations like this however, the product may need better vibrant community of users where issues can be discussed.
We gave it an 8 because it protects our web apps well and is reliable. The WAF is flexible and meets most of our needs. It could improve in user interface and make integrations easier, but overall, it’s a solid and effective security tool for us.
Mostly we will be renewing unless the strategic direction changes drastically or there are other complelling external circumstances. We've been on a multi year project to modernize our legacy applications and that effort will continue for the foreseeable future.
I believe is a solution that was designed from the start to be simple and easy to use. Coming from Imperva, it simply eased the burden and complexity of managing and securing our apps on different environments (cloud and on-prem). It easy to scale and very quick to deploy (as a cloud waf should be), provide us with DevOps integrations, visibility and automatic insights from multiple events that guarantee peace of mind for us analysts and opp managers.
WebSphere Application Server is used across our organization. Most projects use this for Java products and applications. Being robust and scalable makes it even more usable. We love using WebSphere Application Server due to its configuration management ability made simple and vast across all java related parameters. It is dependent on the features and upgrades and IBM releases some great upgrades to WebSphere Application Server.
IBM was quick to respond when we had an issue with our specific infrastructure. We raised a PMR, which they picked up quickly and updated us about every step of the way. We had an appropriate fix for quite a business critical issue within a fortnight, which was impressive!
It provides fewer false positives and a more granular approach to eliminating them, allowing us to focus on threats. Also, with the need to secure both on-premise and cloud-based web applications, we can only use Azure on the cloud part, but we still need to cover on-premise apps with WAF, so we would need to double the time to deploy and manage. Also, its flexibility of deployment scenarios offers us a faster time to deploy WAF without adjusting the app delivery process to WAF's existence.
Cleo Integration Clould has many bells and whistles; however, when we added more maps and trading partners, it really slowed down. We found that the Cleo support was very slow to respond and there was a language barrier. IBM Websphere had better customer support and its processing was much faster than Cleo Integration Cloud
The biggest gain for us was speed. Before F5 Distributed Cloud WAF, onboarding a new app to our WAF stack meant manual rule tuning, traffic sampling and regression testing. Right now, we spin up a service, tag it with the right policy and its ready (production ready) within hours
Continuous uptime of the business applications we manage
It's now much simpler for me to build and deploy cloud-native applications.
Because it can offload for me management and maintenance of the application server to IBM I can focus on the development, deployment and testing of the applications which is more important
