Skip to main content
TrustRadius
F5 Distributed Cloud WAF (Web Application Firewall)

F5 Distributed Cloud WAF (Web Application Firewall)

Overview

What is F5 Distributed Cloud WAF (Web Application Firewall)?

F5 Distributed Cloud WAF leverages F5's Advanced WAF technology, delivering WAF-as-a-Service and combining signature- and behavior-based protection for web applications. It acts as an intermediate proxy to inspect application requests and responses to block and mitigate a broad spectrum of…

Read more
Recent Reviews

Amazing F5

7 out of 10
April 29, 2024
Incentivized
We use F5 WAF to secure the services we host over the internet. Sometime we do have issues with SSL encryption.
Continue reading

F5 review

10 out of 10
April 29, 2024
Incentivized
we used WAF as a measure product to secure our web application inside our organisation.It is a very helpful product to isolate and secure …
Continue reading

F5 WAF

8 out of 10
April 06, 2024
Incentivized
Migrate web app attacks and vulnerabilities with comprehensive security controls and uniform policy and observability via SaaS delivered …
Continue reading

Review

8 out of 10
March 22, 2024
Incentivized
Deploying WAF instances in a distributed manner across multiple locations or cloud environments to protect web applications and APls.
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Reviewer Pros & Cons

View all pros & cons
Verified User
Consultant in Information Technology
Airlines/Aviation Company, 10,001+ employees
Verified User
Administrator in Information Technology
Banking Company, 501-1000 employees

Video Reviews

1 video

View Playlist
Director of Engineering Solutions with Nexum Securities Dishes Truth | F5 BIG-IP WAF
02:56
Return to navigation

Product Demos

Distributed Cloud Services Demo

www.f5.com
Return to navigation

Product Details

What is F5 Distributed Cloud WAF (Web Application Firewall)?

F5 Distributed Cloud WAF leverages F5's Advanced WAF technology, delivering WAF-as-a-Service and combining signature- and behavior-based protection for web applications. It acts as an intermediate proxy to inspect application requests and responses to block and mitigate a broad spectrum of risks stemming from the OW ASP Top 10, persistent and coordinated threat campaigns, bots, and layer 7 DoS.


F5 Distributed Cloud WAF requires no hardware or software to implement or maintain, set up, deploy, manage and scale. It provides hybrid deployment options to secure applications wherever they are deployed, including entirely as SaaS via F5's network points-of-presence (PoPs) or locally across public clouds, customer data centers and at the customer edge. This is accomplished leveraging F5's global network and centralized console for critical app security policy enforcement whenever it's required.

Benefits

F5 Distributed Cloud WAF is designed to ease the burden and complexity of consistently securing distributed web apps by delivering:

  • Simplified operations: SaaS-delivered WAF that’s set up, deployed, managed and scale across clouds, on-premises data centers, and edge sites.
  • DevOps agility + SecOps control: Delivers the programmability that DevOps needs combined with the efficacy and oversight that SecOps mandates, enabling faster application delivery and release cycles.
  • Reduced time to resolution: Improves visibility and insight across WAF and DDoS security events, and into app performance, including intuitive drill-down capabilities.
  • Comprehensive protection with fewer false positives: Utilizes both signature-based and AI/ML based detection techniques with automatic signature tuning to ensure maximum efficacy and reduced SecOps workloads.


F5 Distributed Cloud WAF (Web Application Firewall) Features

  • Supported: Attack signature engine: Captures Common Vulnerabilities and Exposures (CVEs) plus known vulnerabilities and techniques identified by F5 Labs, including Layer 7 DDoS, threat campaigns, bots, and automated threats.
  • Supported: Advanced behavior engine: Leverages AI/ML to monitor and score client interactions, deciphering intent based on the number of WAF rules hit, forbidden access attempts, login failures, and error rates, to help identify an app’s highest priority threats.
  • Supported: Service policy engine: Enables micro segmentation and advanced security at the application layer, utilizing IP reputation and allow/deny lists to block clients with known bad TLS fingerprints, ASNs from suspicious countries.
  • Supported: Automatic attack signature tuning: Determines if a signature-identified attack is really a threat, helping reduce the number of false positives.
  • Supported: Streamlined set-up and management: Deploy through a simple UI or automate via APIs including best- practice default protections and the flexibility to create custom rules.
  • Supported: Multi-app dashboards: Observability via a single dashboard with a 360-degree view of app performance and security events across distributed applications.

F5 Distributed Cloud WAF (Web Application Firewall) Videos

F5 Distributed Cloud WAF Demo
F5 Distributed Cloud API Security
F5 Distributed Cloud Bot Defense
F5 Distributed Cloud DDoS Mitigation

F5 Distributed Cloud WAF (Web Application Firewall) Integrations

F5 Distributed Cloud WAF (Web Application Firewall) Competitors

F5 Distributed Cloud WAF (Web Application Firewall) Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo

F5 Distributed Cloud WAF (Web Application Firewall) Downloadables

Frequently Asked Questions

F5 Distributed Cloud WAF leverages F5's Advanced WAF technology, delivering WAF-as-a-Service and combining signature- and behavior-based protection for web applications. It acts as an intermediate proxy to inspect application requests and responses to block and mitigate a broad spectrum of risks stemming from the OW ASP Top 10, persistent and coordinated threat campaigns, bots, and layer 7 DoS.

Cloudflare, Fastly Edge Cloud Platform, and Imperva Application Firewall are common alternatives for F5 Distributed Cloud WAF (Web Application Firewall).

The most common users of F5 Distributed Cloud WAF (Web Application Firewall) are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(103)

Reviews

(1-10 of 10)
Companies can't remove reviews or game the system. Here's why
February 13, 2024

F5 Distributed Cloud WAF reduced the complexity of securing our internal and cloud hosted applications

Verified User
Employee in Engineering
Government Administration Company, 10,001+ employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
F5 Distributed Cloud WAF helped us from managing a legacy web application firewall that was on premises. It greatly expediated our ability to manage and configure our firewalls. We have a small team and it has made us more efficient. The scope was protecting a website and securing it. The F5 purchase was a great decision.
Pros and Cons
  • Ease of Use
  • Security
  • Role Based Access
  • Scalability
  • Modernize GUI
  • Dark Mode
  • Permissions by User
Likelihood to Recommend
The F5 Distributed Cloud WAF is great for hybrid or cloud accounts but even does well on-premises. For organizations that want the latest and greatest security with an abundance of features that focus on protecting your apps, website and organization. It prevents all types of threats. This is a great product and I would recommend it.
February 13, 2024

F5 BEST WAF FOR COMMERCE!!

Verified User
Project Manager in Engineering
Security & Investigations Company, 51-200 employees
Score 9 out of 10
Vetted Review
ResellerIncentivized
Use Cases and Deployment Scope
I use to protect my web applications in the company where my users access daily where can you to receive attacks from hackers from any country.
A large number of attacks related to malicious code have been reviewed on the platform on a daily basis that the tool successfully blocked.
Pros and Cons
  • Protection against sql injection at level code
  • Protection against file inclusion al directory level
  • Protection against Cross Site Encryption
  • Protection against vulnerabilities
  • Allow custom Dashboard for diferent suser roles
  • Interface more intuitive for beginner users
  • Reports more details or granulars
Likelihood to Recommend
The platform is excelent in escenarios from there web applications that use personal information and thousands of transactions with account banks. This leads to maintaining the company's reputation in a reliable way for the users who use it This leads to maintaining the company's reputation in a reliable way for the users who use it.
February 13, 2024

Moving on-prem app to the cloud without losing security policy management and visibility

Verified User
Administrator in Information Technology
Government Administration Company, 1001-5000 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
I moved web apps to a cloud-based F5 Distributed Cloud WAF (Web Application Firewall) versus virtual appliances that were difficult to manage.
Pros
  • Centralized management
  • Cloud agnostic
Likelihood to Recommend
F5 Distributed Cloud WAF (Web Application Firewall) is a great service to take advantage of moving on-prem app to the cloud without losing security policy management and visibility.
February 13, 2024

F5 Distributed Cloud WAF (Web Application Firewall)'s customer service is excellent

Verified User
Team Lead in Information Technology
Information Technology & Services Company, 1001-5000 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
F5 Distributed Cloud WAF (Web Application Firewall) has enabled PKI authentication for public facing resources at my organization.
Pros
  • Monitor traffic
  • Load balance
Likelihood to Recommend
F5 Distributed Cloud WAF (Web Application Firewall)'s customer service is excellent
January 04, 2024

Cloud waap, api security, bot and ddos

Verified User
Manager in Information Technology
Information Technology & Services Company, 11-50 employees
Score 7 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
We use it as cloud waap, waf, api security and ddos. Protect our external application from any attack.
Pros and Cons
  • Waf
  • Api security
  • Bot
  • Lack of number of pop
  • Dasboard isn't real time
  • Lack of cdn and features
Likelihood to Recommend
Security has a high priority than performance. Lack of cdn, use for cloud waap only. Bot protection and api security are very good. Banking application that fully regulated may not be able to use because lack of pop in country.
January 04, 2024

Amazing Saas-based WAAP Solution!

AN
Anil Nair
Senior Manager
FWD (Financial Services, 501-1000 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use it for all our public-facing applications/assets hosted in our public cloud environment. The product help protect these assets from external risks and vulnerabilities through enablement of WAF and other security features. Our scope is mainly to protect our applications without jeopardizing business operations and value to customers.
Pros and Cons
  • WAF
  • DDOS
  • API PROTECTION
  • SERVICE POLICIES
  • AUTOMATION
  • DATA EXPORT
  • INTEGRATION
Likelihood to Recommend
This solution is appropriate for cloud-based hosting of external applications that requires minimal complexity of frontend and backend deployment. It is not very easy with applications using complex routing requirements hosted in multi-cloud environment especially with segregation on authentication requirements and type of content such as dynamic and static content.
November 23, 2022

A WAF is a WAF, unless you want one that fits into your existing f5 ecosystem.

Verified User
C-Level Executive in Corporate
Computer & Network Security Company, 1-10 employees
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Not within my organization but a previous one I was employed at and asked for some consulting help to protect some private cloud resources while also utilizing their existing I series and associated f5 ecosystem investment.
Pros and Cons
  • Familiar capabilities, terminology, and concepts to other hardware/appliance-based solutions
  • Detailed logging (or log shipping in this case) provided troubleshooting advice on passed traffic; this was not security related.
  • Easy to configure existing McAffee Nitro SIEM with existing templates for the product
  • All my concerns are probably part of Big-IQ, which the customer did not have (single pane of glass)
Likelihood to Recommend
I believe F5 Distributed Cloud WAF would be an ideal solution for companies that already have an F5 investment. It would entirely depend on their 'cloud,' what they can control, and their expertise. I have done a lot of work on Kubernetes clusters, and I find Traefik with plugins can perform most of what I need (adding letsencrypt with cert-manager provides all my certificate needs).
May 14, 2022

One of the best enterprise Web application firewall solution

NG
Nic Georgakopoulos
DevOps
Deloitte Digital (Internet, 1001-5000 employees)
Score 7 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
We use F5 Distributed Cloud WAF through our Active Directory single sign on as a Corporate VPN in order to access private endpoints in a secure way. The Deloitte F5 client can only be installed in our Deloitte hardware , we have whitlisted all the F5 ip address inour firewall so we can access custom resources in the cloud.
Pros and Cons
  • VPN access
  • remote work more secure
  • restrictions to unwanted endpoints
  • CLI client will be great
  • there are issues some times when connecting/disconnecting to F5 it can make you loose internet connectivity
Likelihood to Recommend
it is well suited for a corporate environmetn where you want to restrict installations access to only corporate hardward. Intergreation with MFA and single sign on does provide a higher level of security. However, it feels like the client memmory print usage could be lighter. It feels when connecting/disconnecting the DNS get's impacted causing network connectivity for a short time.
Return to navigation