Using AWS WAF -- a native solution
Edge Security Control from the outside. Used to allow legitimate secure connections to you web application servers. Encryption, Mutli …
Starting at $0.60 per 1 million requests
View PricingOverview
What is AWS WAF?
Amazon Web Services offers AWS WAF (web application firewall) to protect web applications from malicious behavior that might impede the applications functioning and performance, with customizable rules to prevent known harmful behaviors and an API for creating and deploying web…
Recent Reviews
Reviewer Pros & Cons
Pricing
Resource Type - Request
$0.60
Cloud
per 1 million requests
Resource Type - Rule
$1.00
Cloud
per month (prorated hourly)
Resource Type - Web ACL
$5.00
Cloud
per month (prorated hourly)
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Product Details
- About
- Tech Details
What is AWS WAF?
AWS WAF Technical Details
| Deployment Types | Software as a Service (SaaS), Cloud, or Web-Based |
|---|---|
| Operating Systems | Unspecified |
| Mobile Application | No |
Comparisons
Compare with
Reviews and Ratings
(28)Attribute Ratings
Reviews
(1-8 of 8)Companies can't remove reviews or game the system. Here's why
April 26, 2023
Using AWS WAF -- a native solution
- Perfomance
- Scalability
- Uptime
- Need to provide improved dashboard metrics
- Easy to navigate for troubleshooting purposes
- Consolidated Reporting
September 12, 2022
Easiest implantation of Firewall out there
- DDOs attack prevention
- Cost saving if you have multiple web applications.
- One stop solution so no further efforts needed. almost everything can be handle with AWS WAF.
- AWS WAF is a bit costly if used for single applications.
- they should provide attack-wise protection, like if my certain type of application is vulnerable to DDOS then I should be able to buy WAF, especially for that attack.
- CLI tool to test in offline mode if possible.
August 27, 2021
My review on AWS Web Application Firewall
Score 10 out of 10
Vetted Review
Verified User
- Web traffic filtering
- Bot Control
- Real-time visibility
- Easy to monitor web traffic
- Prevent against any type of attack, like SQL code injection
- Easy to create the rules
- Easy to filter the packet as per your requirement
- Less documentation available for help in configuration and maintenance
- AWS should work on their technical support
- High price
November 26, 2020
Best Security Tool for Your Web Applications
- AWS WAF has the most developer-friendly API to create firewall rules.
- AWS WAF provides OWASP security controls, which reduces developers' burden (i.e., SQL injection and cross-site scripting).
- AWS WAF has customizable web security rules. The user can even push the rules through the API available, which is the great feature and helped me a lot.
- It protects applications at layer 7 (HTTP) of the OSI model and not just layer 4 (TCP).
- Need to enhance OWASP standards.
- We are limited to five rate-based rules per AWS account.
February 10, 2020
AWS WAF, a really good alternative
- Great integration with AWS services.
- Easy configuration management via API.
- Reporting.
- Log visualization.
- It allows custom rules to be established to stop attacks that may harm business applications.
- Its cost is based only on what the user uses to establish rules that can protect applications from vulnerabilities.
- The rules can be established by the user or those that the system already brings with it being able to be centralized to reuse them for the rest of the applications, which saves time.
- The user can choose the traffic of their applications.
- The cost depends on the number of rules assigned.
- It deploys new rules fast and efficiently.
- The documentation offered is somewhat confusing, so it would be ideal if it were much more direct and precise.
- Your initial configuration may be confusing, so the best option is to use the rule templates provided by AWS.
- Its configuration is not unified with AWS, so it must be done separately and it takes some time.
- The number of rules to be established is somewhat limited.
February 13, 2019
A very efficient solution against web attacks
- Protect any application against the most common attacks.
- Provides better visibility of web traffic.
- It allows us to control the traffic in different ways in which it is enabled or blocked through the implementation of security rules developed personally according to our needs.
- It is able to block common attacks such as SQL code injection.
- It allows defining specific rules for applications, thus increasing web security as they are developed.
- It is necessary to have knowledge about the software because otherwise inappropriate rules will be created.
- Your configuration can be somewhat tedious.
- Your support team takes a long time to answer the user's questions.
- Its costs can be somewhat high, unlike other services since it is charged by the number of rules that are created.
September 27, 2018
Best solution to protect your Web App from Cyber Attacks
- The deployment was pretty easy on the AWS platform
- The cost of using AWF WAF is pretty low as you only have to pay for the rules that you are assigning and also, you can chose the traffic that you need for your application
- The technical support is great, they are very good in understanding your problem and really helpful in providing the best solution
- There is nothing much to dislike about this product