TrustRadius: an HG Insights company

F5 Distributed Cloud WAF (Web Application Firewall) Reviews & Insights

Score9.2 out of 10

284 Reviews and Ratings

Learn More

Contact about F5 Distributed Cloud WAF (Web Application Firewall)

Please fill out the form below to get in touch.

F5

Connect with F5

What are you interested in?

Already have an account?

You hereby consent to have TrustRadius share the information supplied on this form with F5 so that F5 and TrustRadius may contact you in regard to the information requested.

Top industries

Based on 22 HG Insights installations.

Powered by

Community Insights for F5 Distributed Cloud WAF (Web Application Firewall)

Synthesised from 39 verified reviews.


Synthesised from 39 reviews | Last Published July 9, 2026


F5 Distributed Cloud WAF is primarily used by organizations to safeguard web applications and APIs, acting as a crucial first layer of defense against sophisticated threats like zero-day vulnerabilities and common attacks. In TrustRadius reviews, users widely deploy it to secure both public-facing and internal web applications, including critical infrastructure. Reviewers frequently praise its robust security capabilities, particularly its effectiveness in DDoS protection and real-time bot mitigation, which contribute to an improved security posture for 56% of users.

While the platform offers simplified app security and unified policy management, reviewers frequently noted areas for improvement. The user interface and dashboard navigation are often described as complex or outdated, and policy configuration, especially for reducing false positives, requires more finesse. Despite these challenges, the overall sentiment indicates F5 Distributed Cloud WAF is a robust solution for maintaining a strong security posture against evolving cyber threats, though some initial setup complexity is expected.


  • Robust DDoS protection and mitigation capabilities
  • Effective real-time detection and mitigation of malicious bots
  • Comprehensive defense against OWASP Top 10 attacks
  • Simplified application security and unified policy management across environments
  • Improved security posture and potential for reduced operational costs
  • User interface and dashboard navigation can be complex or outdated
  • Policy configuration and tuning, especially for false positives, requires refinement
  • Reporting and custom dashboard features are perceived as less robust
  • Initial setup and integration can present challenges for some users

From 39 reviews | Last Published July 9, 2026

Application Protection

27 mentions

Positive reviews by 100% of reviewers


Why it matters:

  • Reviewers extensively leverage F5 Distributed Cloud WAF for safeguarding both external and internal web applications, with 69% of reviewers highlighting its role in application protection. The product is frequently cited for its ability to defend against common web application threats such as OWASP Top 10 risks, DDoS, SQL injection, and cross-site scripting, ensuring the security of critical services.

We use F5 Distributed Cloud WAF as a critical layer of our security architecture to protect both public-facing and internal web applications.

Application Security

23 mentions

Positive reviews by 100% of reviewers


Why it matters:

  • F5 Distributed Cloud WAF is widely adopted for enhancing the security posture of online websites and APIs, with 59% of reviewers noting its contribution to application security. The solution is valued for its ability to address zero-day vulnerabilities and unknown attack vectors, serving as a crucial first layer of defense for internet-facing applications and sensitive data.

We believe the solution can address many of our application security needs.

Improved Security Posture

22 mentions

Positive reviews by 100% of reviewers


Why it matters:

  • Reviewers frequently highlighted F5 Distributed Cloud WAF's effectiveness in bolstering their security defenses, with 56% explicitly mentioning an improved security posture. This includes protecting sensitive customer data, mitigating risks from zero-day threats and OWASP bot attacks, and reducing the likelihood of data breaches. The solution is seen as providing comprehensive security for applications and internal resources against external traffic.

helped us in keeping our customers data safe

F5 Distributed Cloud WAF (Web Application Firewall) Reviews

182 Reviews

f5 revision [...]

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

Prevention of abuse of unauthorized methods or attacks on financial applications

Prevencion de abuso de metodos no permitidos o ataques a Las aplicaciones financieras

Pros

  • Blocking of unauthorized methods
  • Blocking a List of Non-Allowed Countries
  • blocking known attack signatures
  • Bloqueo de metodos no permitidos
  • Bloqueo de una LISTA de Paises no permitidos
  • bloqueo de firmas de ataques conocidas

Cons

  • To block IP reputation, add a whitelist.
  • para bloqueo por reputacion de IP, agregar una LISTA blanca

Likelihood to Recommend

Highly suitable for applications that are exposed to high-traffic internet, financial applications, applications that require authentication, that need to be secure, that must use data encryption, that must be protected from attacks; less suitable for internal applications.

Muy apropiado para aplicaciones que estan expuestas a Internet con mucho trafico, aplicaciones financieras, que requieren autenticarse, que requieren que sean seguras, que deben utilizar cifrado de datos, que se deben proteger de ataques, menos apropiado para aplicaciones internas.

This review was originally written in Spanish and has been translated into English using a third-party translation tool. While we strive for accuracy, some nuances or meanings may not be perfectly captured.
Vetted Review
F5 Distributed Cloud WAF (Web Application Firewall)
1 year of experience

Let be helped by the best.

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

In our organization, F5 Distributed Cloud WAF (Web Application Firewall) has been useful for detecting and preventing attacks on our services and for implementing our security policies.

Pros

  • Prevent attacks.
  • Filter content.

Cons

Likelihood to Recommend

If asked, I think I am likely to recommend F5 Distributed Cloud WAF (Web Application Firewall) to a colleague because, in my experience, F5 Distributed Cloud WAF (Web Application Firewall) is well-suited to analyze SQL Injection and XSS.
Vetted Review
F5 Distributed Cloud WAF (Web Application Firewall)
5 years of experience

F5 Distributed Cloud WAF (Web Application Firewall) Review

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

The main benefits observed were increased protection for digital services, a reduced attack surface, simplified security management, and improved availability of critical applications for end users.

Os principais beneficios observados foram o aumento da protecao does services digitalis, a reducao de superficie de ataque, a simplificacao da gestao de seguranca e a melhoria da disponibilidade das aplicacoes criticas para os usuarios finais.

Pros

  • Advanced protection against web threats
  • API Security and Bot Controls
  • Centralized management in hybrid and multi-cloud environments
  • Operational visibility and incident response
  • Protecao avancada contra amecas web
  • Seguranca de APIs e controls de bots
  • Gestao centralizada em ambient es hibridos e multinuvem
  • Visibilidade operational e resposta a incidentes

Cons

  • Learning curve and usability
  • Custom reports and dashboards
  • Simplification of event investigation
  • Curva de aprendizado e usabilidade
  • Relatorios e dashboards personalizados
  • Simplificacao da investigacao de eventos

Likelihood to Recommend

The F5 Distributed Cloud WAF is particularly suitable for organizations that deploy web applications and Internet-critical APIs, especially in hybrid and multi-cloud environments.

O F5 Distributed Cloud WAF e particularmente adequado para organizations que expoem aplicacoes web e APIs criticas a Internet, especialmente em ambientes hibridos e multinuvem.

This review was originally written in Portuguese and has been translated into English using a third-party translation tool. While we strive for accuracy, some nuances or meanings may not be perfectly captured.

F5 Distributed Cloud WAF (Web Application Firewall)

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

Primarily for the protection of our clients' web applications and portals, as they constantly seek the most comprehensive security for both new developments and existing public-facing portals which represent an attack surface and require robust security due to their corporate profiles.

Principalmente para la proteccion de aplicaciones y portales web de nuestros clients ya que Ellos siempre estan buscando la seguridad mas completa para sus nuevos desarrollos y actuales portales que son publicos y son un area de ataque y debido al perfil de sus empresas requieren una seguridad muy completa

Pros

  • Portal protection
  • Web applications
  • new app developments and releases
  • Proteccion de portales
  • Aplicaciones web
  • nuevos desarrollos y publicaciones de apps

Cons

  • Maintaining meticulous management of parameters
  • A more intuitive platform
  • El tener minuciosa administracion de parametros
  • Una plataforma mas intuitiva

Likelihood to Recommend

Web application protection

Protección de app webs

This review was originally written in Spanish and has been translated into English using a third-party translation tool. While we strive for accuracy, some nuances or meanings may not be perfectly captured.

F5 Distributed Cloud WAF (Web Application Firewall) Review

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

to protect web servers

para proteger servidores web

Pros

  • service protection
  • dos protection
  • bot protection
  • proteccion de servicios
  • proteccion dos
  • proteccion bot

Cons

  • better visibility
  • bot
  • mayor visibilidad

Likelihood to Recommend

for better application protection

para una mejor proteccion de aplicativos

This review was originally written in Spanish and has been translated into English using a third-party translation tool. While we strive for accuracy, some nuances or meanings may not be perfectly captured.
Vetted Review
F5 Distributed Cloud WAF (Web Application Firewall)
6 years of experience

F5 Distributed Cloud WAF (Web Application Firewall) Review

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

I use it to protect the company's dynamic website and other applications

lo utilizo para proteger la pagina web dinamica de la compania y otras aplicaciones

Pros

  • I like the DNS protection.
  • DDoS protection
  • Header protection
  • me gusta la proteccion de dns
  • la proteccion contra ddos
  • proteccion de los header

Cons

  • I like all the features and the ease of use and understanding.
  • Me gusta todos lo features y la facilidad de uso y comprension

Likelihood to Recommend

I like the diversity of protection features, the ease of use and how easy it is to understand.

Me gusta la diversidad de feature de proteccion la facilidad de uso y lo facil de comprender

This review was originally written in Spanish and has been translated into English using a third-party translation tool. While we strive for accuracy, some nuances or meanings may not be perfectly captured.

F5 Distributed Cloud - a view from an InfoSec standpoint

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

We use it to protect our & our clients web applications. The WAAP solution is one of the bests for its ability to be as simple to use or as granular as our needs require it.

What I personally love about it is the ease to create new infrastructure and configure domains, routes and rules to protect any web app or API. WAAP is a necessity on todays landscape and the ability to summon it on the cloud in an cloud agnostic solution is really a blessing.

Pros

  • Cloud agnostic. I like that no matter where the Web app lives, it can be protected with F5 WAAP.
  • Easy creation of F5 infrastructure and deployment.
  • Ability to give our clients or developers visibility on statistics about their web app performance and traffic events on f5.
  • Many services all can be used and seen on one central dashboard. Since is cloud. We dont need diferent tools or logon into many others dashboard to work. Like WAP, DNS, CDN, load balancing. All is intigrated into one dashboard.

Cons

  • User roles. Current API groups and Elements are not clear nor intuitive to use. Is very difficult to give granular level access to users on each service. For example. Access to import TLS certificates but not able to do or see anything else.
  • GUI overall is a bit clunky. Load Balancer configuration window could be better organized. Or streamline.
  • Lack of built in global dashboard and reports. Something useful would be a Global report listing the status of all TLS certificates imported and in use on the platform. Same with the status of WAF on Load Balancers.

Likelihood to Recommend

Best suited for web apps no matter where is built on. Cloud or on-premises. Being cloud agnostic is a huge advantage. Not so well suited is to protect web apps that are not public internet facing. Application we are inside VPNs exposed only to a handful of clients. Even though is not impossible, with the use of Customer edges we can provide the WAAP capabilities, is a bit of a pain to have to deal with that extra layer of setting up a customer edge.

F5 2026 Review - [...]

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

We used the F5 Distributed Cloud WAF (Web Application Firewall) to onboard and protect the application from DDOS and external attacks

Pros

  • DDOS Protection

Cons

  • Reporting and advisory

Likelihood to Recommend

If asked, I think I am likely to tell a colleague that Onboarding to the F5 Distributed Cloud WAF (Web Application Firewall) was accelerated to achieve 100% protection from the DDOS. SiImplified onboarding and comprehensive adoption of F5 Distributed Cloud WAF (Web Application Firewall) across the organisation were the key success factors.
Vetted Review
F5 Distributed Cloud WAF (Web Application Firewall)
5 years of experience

review

Rating: 8 out of 10
Incentivized

Use Cases and Deployment Scope

In our organization, we use F5 Distributed Cloud WAF (Web Application Firewall) to protect our internet-facing web applications and APIs (Application Programming Interface). the F5 Distributed Cloud WAF (Web Application Firewall) platform helps us strengthen application security posture.

Pros

  • helps maintain security posture

Likelihood to Recommend

If asked, I think I am likely to recommend F5 Distributed Cloud WAF (Web Application Firewall) to a colleague for, in my experience, centralized management
Vetted Review
F5 Distributed Cloud WAF (Web Application Firewall)
1 year of experience

F5 Masterclass

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

we are working on highly sir gapped environment where we control national payment system, F5 Distributed Cloud WAF (Web Application Firewall) helped us secure the app and highly sensitive data perfectly.

Pros

  • Encryption/decryption is lightening fast
  • Control over app visibility is amazing
  • Protection from OWASP top 10 is commendable
  • API security works perfectly.

Cons

  • Support for PQC and deployment procedures
  • Zero day, probably.
  • No compromise on Latency.

Likelihood to Recommend

In the multi cloud environments, Control over the traffic and visibility is desirable. As said, We cannot control security unless we know what is going on where F5 Distributed Cloud WAF (Web Application Firewall) perfectly fine.
Vetted Review
F5 Distributed Cloud WAF (Web Application Firewall)
2 years of experience

Video reviews