F5 Distributed Cloud WAF leverages F5's Advanced WAF technology, delivering WAF-as-a-Service and combining signature- and behavior-based protection for web applications. It acts as an intermediate proxy to inspect application requests and responses to block and mitigate a broad spectrum of risks stemming from the OW ASP Top 10, persistent and coordinated threat campaigns, bots, and layer 7 DoS.
N/A
TIBCO ActiveSpaces
Score 7.0 out of 10
N/A
ActiveSpaces from TIBCO supports an application infrastructure.
It helps our website to manage well during high traffic seasons and Holidays. This plaform manages the website overall performance and also protect it against DDoS attacks during these High demand period. It also protects transactions done on our website for the booking of services and products buying by our customers and keep their data safe.
TIBCO ActiveSpaces is useful for storing in memory data which enables fetching data quickly and efficiently. We can make use of TIBCO ActiveSpaces APIs for storing and retrieving data. In our organization, we store user session details in TIBCO ActiveSpaces and this session detail is used for authentication and authorizing user. We have integration TIBCO ActiveSpaces with React UI and TIBCO Business Works.
Layer seven attacks are becoming far more common. Traditionally it was always layered three, layer four, where you get an additional firewall, but with the application layer attacks become more frequent, more popular, et cetera. So having the web application firewall protecting us, and then with the recent Log4j, that's the most recent use case when it gave us that instant level of protection whilst we remediated the Log4j that we had that and the F5 Distributed Cloud WAF was protecting us.
I have a great relationship with the account manager, my account manager, and I think he drives the best price possible, um, for me, and I'm happy with that price.
F5 Distributed Cloud WAF is always innovating and evolving.
We run a very competitive proof value where we run numerous competitors against each other, and then we evaluate from that and then make the selection, and F5 Distributed Cloud WAF was the winner.
Like all other IMDG solutions, Tibco ActiveSpaces provides a scalable and distributed cache solution, which is supposed to have high throughput and high availability.
As it is under the Tibco umbrella, it is seamlessly integrated with other Tibco products.
It breaks the traditional "local cache" boundary and limitation, instead unifies many "local physical memory" to create one huge "In-Memory Data Grid", and serves the data provider/consumer application logically as one "Memory Cloud."
A lot of non-frequently updated data can be cached in this IMDG, to allow fast access, which saves the I/O latency caused by many traditional file system-backed storage solutions.
Fail over between devices feels unstable if there are thousands of objects attached to the traffic-group. Needs to be more simpler.
We have seen issues with malicious user detection where we have used open protocols due to legacy applications, and have been caught with legitimate traffic being blocked.
ActiveSpaces 3.2 is not compatible with the latest version of TIBCO Business Event 5.x. And ActiveSpaces 2.x is not compatible with ActiveSpaces 3.x hence there is a big difference in the BusinessEvents supported version of AS and the latest.
ActiveSpaces takes more disc space and TIBCO does not offer data compression logic out of the box. Developers need to do extra coding to use java snippets to compress and decompress the payload. Although the data compression gives must better performance and speed to the system.
The compression and decompression API are not offered by TIBCO out of the box, which is a shame. These are so easy and simple to implement, still TIBCOdoes not provide them as an option out of the box.
We gave it an 8 because it protects our web apps well and is reliable. The WAF is flexible and meets most of our needs. It could improve in user interface and make integrations easier, but overall, it’s a solid and effective security tool for us.
I believe is a solution that was designed from the start to be simple and easy to use. Coming from Imperva, it simply eased the burden and complexity of managing and securing our apps on different environments (cloud and on-prem). It easy to scale and very quick to deploy (as a cloud waf should be), provide us with DevOps integrations, visibility and automatic insights from multiple events that guarantee peace of mind for us analysts and opp managers.
TIBCO ActiveSpaces is easy to install and integrate with other product suites. It is easy to understand and implement as well. TIBCO ActiveSpaces supports multiple databases for storing the data(we are using Oracle Database). All the master data related to the users is being stored using TIBCO ActiveSpaces which keeps the data in memory and help to retrieve it quickly. It has helped to prevent concurrent login sessions by the same user as session details are stored in TIBCO ActiveSpaces and we override the existing user session with the new session details.
It provides fewer false positives and a more granular approach to eliminating them, allowing us to focus on threats. Also, with the need to secure both on-premise and cloud-based web applications, we can only use Azure on the cloud part, but we still need to cover on-premise apps with WAF, so we would need to double the time to deploy and manage. Also, its flexibility of deployment scenarios offers us a faster time to deploy WAF without adjusting the app delivery process to WAF's existence.
Actually, we are gradually replacing the Tibco ActiveSpaces with Redis (for caching purpose only) or Hazelcast (for embedded mode and also for in-memory distributed computation purpose + in-memory distributed IPC purpose).
The biggest gain for us was speed. Before F5 Distributed Cloud WAF, onboarding a new app to our WAF stack meant manual rule tuning, traffic sampling and regression testing. Right now, we spin up a service, tag it with the right policy and its ready (production ready) within hours
Developers with basic knowledge of TIBCO and general data knowledge can easily design and develop an ActiveSpaces based cached solution. As the ActiveSpaces concepts are very simple and easy to understand.
Some business areas can predict the high influx of a service usage during a certain period. Business will be highly rewarded if they can identify these business areas and provide a cached solution using TIBCO AS.
Again, this is not a TIBCO ActiveSpaces only advantage and this is true for any/all caching products.
Some examples for the previous points are
a. telecom company pre-loading (eager load) customer's usage for the last month, right before releasing/issuing the bills to the customers.
b. Airline industry loading the customer's itinerary a week before his travel start date. Hence the last minute scrambling to fetch the customer's itinerary travel plans can be avoided.
