F5 Distributed Cloud WAF (Web Application Firewall)

Score9 out of 10

285 Reviews and Ratings

Learn More

Learn More

What is F5 Distributed Cloud WAF (Web Application Firewall)?

F5 Distributed Cloud WAF leverages F5's Advanced WAF technology, delivering WAF-as-a-Service and combining signature- and behavior-based protection for web applications. It acts as an intermediate proxy to inspect application requests and responses to block and mitigate a broad spectrum of risks stemming from the OW ASP Top 10, persistent and coordinated threat campaigns, bots, and layer 7 DoS.

Categories & Use Cases

Media

F5 Distributed Cloud WAF (Web Application Firewall)

1 / 2

#1 most frequent

Finance and Insurance

60.0%

3 installations of 5

“F5 BIG-IP Local Traffic Manager (LTM)”
— Operation IT manager, LAFISE (1001-5000 employees)

#2 most frequent

Information

40.0%

2 installations of 5

“With F5 Distributed Cloud WAF (Web Application Firewall) we have benefitted with More accurate and agile deployment”
— Security services, Ikusi (201-500 employees)

Juan Carlos Cruz View profile

Cyber Security Specialist in Information Technology at Evertec (1001-5000 employees employees)

Use Cases and Deployment Scope

We use it to protect our & our clients web applications. The WAAP solution is one of the bests for its ability to be as simple to use or as granular as our needs require it.

What I personally love about it is the ease to create new infrastructure and configure domains, routes and rules to protect any web app or API. WAAP is a necessity on todays landscape and the ability to summon it on the cloud in an cloud agnostic solution is really a blessing.

Pros

Cloud agnostic. I like that no matter where the Web app lives, it can be protected with F5 WAAP.
Easy creation of F5 infrastructure and deployment.
Ability to give our clients or developers visibility on statistics about their web app performance and traffic events on f5.
Many services all can be used and seen on one central dashboard. Since is cloud. We dont need diferent tools or logon into many others dashboard to work. Like WAP, DNS, CDN, load balancing. All is intigrated into one dashboard.

Cons

User roles. Current API groups and Elements are not clear nor intuitive to use. Is very difficult to give granular level access to users on each service. For example. Access to import TLS certificates but not able to do or see anything else.
GUI overall is a bit clunky. Load Balancer configuration window could be better organized. Or streamline.
Lack of built in global dashboard and reports. Something useful would be a Global report listing the status of all TLS certificates imported and in use on the platform. Same with the status of WAF on Load Balancers.

Return on Investment

Accelerated time of deployment of protection
Lower total cost of ownership.
Streamline our work. Instead of many dashboard from many BigIps, we use only one dashboard. F5XC.
The WAAP solution is one of the best for is granular ability.

Alternatives Considered

F5 BIG-IP

Other Software Used

AWS CloudTrail, Azure Front Door, F5 BIG-IP

Adrian Lai

Snr Consultant in Information Technology at Tech Data Distribution (201-500 employees employees)

Use Cases and Deployment Scope

We have a market place for partners to order products. It is a public website, so it is exposed to the whole Internet, therefore it has to be secured.

Pros

Easy to setup
Easy to use
Fast
User friendlyu

Cons

Using AI for setup
Develop and APP for instant notification on any security event

Return on Investment

Lower TCO
Improved security posture

Alternatives Considered

Cisco Wide Area Application Services

Other Software Used

Fortinet FortiGate

Daren Han

senior software engineer in Information Technology at nec Asia Pacific pte ltd (501-1000 employees employees)

Use Cases and Deployment Scope

the F5 Distributed Cloud WAF (Web Application Firewall) product f5 provides gives our company an competitive edge in today's world of vulnerable security loopholes. the product is useful in our integration for the government projects we have and f5 gives us the necessary support we need to deliver our utmost capability.

Pros

security
great integration with our current applications
well known industry product

Cons

more easy to use setup guide

Return on Investment

accelerated time to deliver
improved security posture when we use f5 products
efficiency in detecting security issues.

Marcus Emmanus

Internet Engineer in Engineering at KeyBank (5001-10,000 employees employees)

Use Cases and Deployment Scope

We are currently in testing phase of our deployment, thus far everything is working as we want it, the one thing we wanted is to get the graphs to have by the minute vs by the 10 minute span in time -- when looking at he current screen it does not give precise info as it does averages over time. If my app went down for 50 seconds, I would like to have a clear way to explain it

Pros

It works like on-prem WAF
It gathers lots of statistics
It is easy to run through the GUI to build the config

Cons

When looking at graphs we need the time span to show by the minute, currently only shows in 10 minute slots

Return on Investment

TCO
Security simplicity ( I coined that )

Alternatives Considered

Akamai Prolexic, Akamai Edge DNS, Akamai CDN and Akamai Bot Manager

Raimundo Lima

Coordenador in Information Technology at Prefeitura de Fortaleza (10,001+ employees employees)

Use Cases and Deployment Scope

The main benefits observed were increased protection for digital services, a reduced attack surface, simplified security management, and improved availability of critical applications for end users.

Os principais beneficios observados foram o aumento da protecao does services digitalis, a reducao de superficie de ataque, a simplificacao da gestao de seguranca e a melhoria da disponibilidade das aplicacoes criticas para os usuarios finais.

Pros

Advanced protection against web threats
API Security and Bot Controls
Centralized management in hybrid and multi-cloud environments
Operational visibility and incident response
Protecao avancada contra amecas web
Seguranca de APIs e controls de bots
Gestao centralizada em ambient es hibridos e multinuvem
Visibilidade operational e resposta a incidentes

Cons

Learning curve and usability
Custom reports and dashboards
Simplification of event investigation
Curva de aprendizado e usabilidade
Relatorios e dashboards personalizados
Simplificacao da investigacao de eventos

Return on Investment

Strengthening the security posture.
Greater service availability and continuity
Operational efficiency and risk reduction
Best return on security investments
Fortalecimento da postural de seguridad.
Major disponibilidade e continuidade dos servicos
Eficiencia operacional e reducao de riscos
Melhor retorno sobre investimentos em segurança.

Cloudflare

Akamai App & API Protector

Imperva Application Firewall

Fastly Edge Cloud Platform

F5 Distributed Cloud WAF (Web Application Firewall)

Connect with F5

Connect with F5