Skip to main content
TrustRadius
F5 Advanced WAF

F5 Advanced WAF

Overview

What is F5 Advanced WAF?

F5 Networks offers the Advanced Web Application Firewall (WAF) to provide bot defense, advanced application protection, anti-bot SDK, and other features.

Read more
Recent Reviews

F5 BIG-IP AWAF review

10 out of 10
March 22, 2024
Incentivized
F5 AWAF gives application layer security protection that covers OWASP Top 10 Web & API, bot protection, mobile sdk, L7 DoS, etc. in …
Continue reading

Great product at a great price

10 out of 10
August 27, 2021
We've been using F5's WAF for many years in our organization. We utilize it for all external facing applications, our ecommerce platform …
Continue reading
Read all reviews

Reviewer Pros & Cons

View all pros & cons
Verified User
Manager in Information Technology
Banking Company, 1001-5000 employees
Verified User
Professional in Information Technology
Telecommunications Company, 501-1000 employees

Video Reviews

1 video

View Playlist
Engineer for Cardinal Health Isn't Sugar Coating | F5 Advanced Web Application Firewall Review (WAF)
03:10
Return to navigation

Pricing

View all pricing
F5 Advanced WAF

F5 Advanced WAF

N/A
Unavailable

What is F5 Advanced WAF?

F5 Networks offers the Advanced Web Application Firewall (WAF) to provide bot defense, advanced application protection, anti-bot SDK, and other features.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

41 people also want pricing

Alternatives Pricing

Cloudflare

Cloudflare

$20
per month
What is Cloudflare?

Cloudflare, from the company of the same name in San Francisco, provides DDoS and bot mitigation security for business domains, as well as a content delivery network (CDN) and web application firewall (WAF).

Return to navigation

Product Details

What is F5 Advanced WAF?

F5's Advanced WAF is built on F5 technology and goes beyond reactive security such as static signatures and reputation to proactively detect and mitigate bots, secure credentials and sensitive data, and defend against application denial-of-service (DoS). Advanced WAF redefines application security to address the most prevalent threats organizations face.

F5 Advanced WAF Features

  • Supported: In-Browser Data Encryption - Encrypts data at the app layer to protect against data-extracting malware and man-in-the-middle (MITM) attacks.
  • Supported: Behavioral DoS - Behavioral analytics and machine learning provide L7 DoS detection and mitigation.
  • Supported: API Protocol Security - Deploys security tools to secure REST/JSON, XML, and GWT APIs. Ingest OpenAPI files to automate configuration of API security.
  • Supported: OWASP Top 10 Defense - Complies with OWASP top 10 vulnerability mitigations.
  • Supported: Stolen Credential Protection - Protects against brute-force attacks that use stolen credentials.
  • Supported: Declaritive API-based deployment and configuration integrates into DevOps CI/CD pipelines.

F5 Advanced WAF Video

F5 DevCentral's John Wagnon provides an overview of F5 Advanced Web Application Firewall (Advanced WAF) that extends security beyond the basic protections traditional WAF's offer.

F5 Advanced WAF Competitors

F5 Advanced WAF Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

F5 Networks offers the Advanced Web Application Firewall (WAF) to provide bot defense, advanced application protection, anti-bot SDK, and other features.

Imperva Web Application Firewall (WAF), Radware AppWall, and NetScaler ADC are common alternatives for F5 Advanced WAF.

The most common users of F5 Advanced WAF are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(27)

Reviews

(1-4 of 4)
Companies can't remove reviews or game the system. Here's why
September 15, 2023

F5 Big-IP Advanced Web Application Firewall Review

Verified User
Analyst in Information Technology
Financial Services Company, 1001-5000 employees
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use this primarily as a web application firewall for many of our applications which includes a lot of endpoints.
Pros and Cons
  • So the product definitely is helping us for sudden attacks through DDOS, some injection ingestion into UI URLs, and definitely it's capturing those and I definitely see that as an advantage for us. They can stop the hackers from using our endpoints.
  • We would like to see more use of this product in such a way that we can insert JavaScript so that we can understand the bot detection very well. I understand that it does bot detection, with some constraints, but we have to expand that bot detection very well to do fraud detection much better just like Google Recapture.
  • Second is the WAF product. Sometimes we are getting false positives just because in the scope of the applications we had to stop certain headers, HTP headers, and we would like to see if there is some kind of a way to enhance the product to use machine learning to do this automatically or suggest to do it automatically in the future.
Likelihood to Recommend
It's well-suited for UI-based applications. We found it less appropriate for APIs, not that good.
Most Important Features
  • N/A
Return on Investment
  • This has been good overall. It has a positive impact on the security of our applications. I don't have necessarily a measurement on ROI, but it definitely definitely added to the security of our products.
Alternatives Considered
Currently, we are using our IPS tools and IDS tools, but for the applications, we also use endpoint detection and those kinds of tools. But the firewall is actually a very important tool rather than those products. Because it exactly happens at the layer that we really want it to be and it's very important. So I would say for sponsored application security, it's top tier.
April 26, 2023

DDoS protection

Josué Ríos | TrustRadius Reviewer
Josué Ríos
Sales Engineer
Licencias OnLine (Information Technology & Services, 201-500 employees)
Score 9 out of 10
Vetted Review
ResellerIncentivized
Use Cases and Deployment Scope
I use to propose F5 WAF to protect applications and APIs, because nowadays there are many applications which have open source code or third code that make then more vulnerable and for the fact that there are many types of attacks like SQLi, XXS, DDoS, bad bots attacks, client side attack and many more.
Pros and Cons
  • prevent SQLi attacks
  • API Security
  • Bots attack protection
  • Client-side protection
  • DDoS Protection
  • RASP
Likelihood to Recommend
It could be very suitable for all of those applications which use many APIs or microservices. It could not be appropriate to all of those applications which are not expose to the internet.
Most Important Features
  • scalability
  • agnostic
  • stronger security
Return on Investment
  • the applications are always on
  • business continuity
Alternatives Considered
because its integration are very well, making a stronger solutions to cover many more attacks.
Other Software Used
August 27, 2021

Great product at a great price

Verified User
Employee in Information Technology
Retail Company, 10,001+ employees
Score 10 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
We've been using F5's WAF for many years in our organization. We utilize it for all external facing applications, our ecommerce platform as well as some internal applications. Through some fine tweaking we've made our environment highly scalable, resilient and secure. By far one of the best investments the enterprise has made and we plan on keeping these devices running for many years to come.
Pros and Cons
  • application filtering
  • application firewalling
  • Easier interface to configure rules and policies
Likelihood to Recommend
Ecommerce web facing applications where PCI data may be in use.
Most Important Features
  • all of them
Return on Investment
  • Detects and prevents breaches in our environment
Alternatives Considered
F5 APM beats them all, hands down for internally hosted applications.
August 26, 2021

Really Advanced WAF

Ilian Ivanov | TrustRadius Reviewer
Ilian Ivanov
Security Engineer, WAF
GTT (Telecommunications, 5001-10,000 employees)
Score 10 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
We are using F5 Advanced WAF to provide L7 protection for our premium clients.
Pros and Cons
  • OWASP Top 10 protection
  • Bot protection
  • Great Visibility
  • Detailed Control
  • DDoS L7
  • Integrated reporting
Likelihood to Recommend
F5 WAF is a great tool to protect your internet facing applications.
Most Important Features
  • Advanced application protection
  • Proactive bot defense
Return on Investment
  • Successfully stopped a lot of attacks
  • Low false positive rate
  • Require a lot of knowledge to be configured properly
Alternatives Considered
F5 WAF provides much more control and has a lot of features that can be used to protect your applications. You can have granular configuration settings per application and disable attack signatures on very specific scenarios whenever is needed. Also, the logs are very detailed and helpful to analyze the requests.
Return to navigation