Item: F5 Distributed Cloud API Security
Rating: 9
Author: Verified User

Overall Satisfaction with F5 Distributed Cloud API Security

Use Cases and Deployment Scope

Its features are used to secure our web-based application and API gateways. Business Problems: 1. Safely secure customer transactions via digital apps. 2. It prevents all cyber attacks and keeps applications available in alignment. Use Case: -It prevents data theft and keeps users' confidential data secured -It stops malicious intruders from launching Malicious content.

Pros and Cons

Pros

Protects from DDos attacks.
Protects from Bot attacks.
Inspects the user data before sending it to the application servers.
Monitors real time data.

Cons

Bot categories should be listed on console.
URL profiles should be created using learning.
Rate limiting should be available on URL basis.

Return on Investment

Easy to on-boards applications plus.
Granular controls almost to stop business loss.
Features called malicious user mitigation module provides very good protective layer.

Usability

Learning about API endpoints involves having reasonable control over protecting API endpoints. Perfect security with granular controls identifying shadow APIs adds a plus to this OEM.

Implementation Rating

I believe engineers should be more knowledgeable about the granularity of features in order to implement the correct features.

Alternatives Considered

Barracuda Web Application Firewall

I believe F5 requires much more time and features to level barracuda cloud waas, but I think F5 will surpass the way Big IP has done easily.

Key Insights

Do you think F5 Distributed Cloud API Security delivers good value for the price?

Yes

Are you happy with F5 Distributed Cloud API Security's feature set?

Yes

Did F5 Distributed Cloud API Security live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of F5 Distributed Cloud API Security go as expected?

I wasn't involved with the implementation phase

Would you buy F5 Distributed Cloud API Security again?

Yes

Other Software Used

Barracuda Application Protection, Forcepoint Data Loss Prevention, Forcepoint Secure Web Gateway

Likelihood to Recommend

I believe it covers everything related to the applications' security aspects, but there are a lot of improvements that need to be made. For example, better granular controls like bot categories listed on the distributed console and a granular URL-based control for the rate-limiting option are needed.

F5 Distributed Cloud API Security Feature Ratings

Using F5 Distributed Cloud API Security

Users and Roles

1 - Finance

Support Headcount Required

1 - -WAF in-depth knowledge
-Understanding of API, API-requests, API request flow, Methods used in APIs, API discovery concepts, Shadow APIs, etc
-Understanding of API data leaks
-How to mitigate API attacks and vulnerabilities

Business Processes Supported

Securing applications related to finance
Securing digital transactions
Securing user confidentiality
Securing against web attack

Innovative Uses

To discover shadow APIs
API gateway secured before requests reach there

Future Planned Uses

Can enforce API security controls before API gateway
Can discover API by using API discovery feature
Can use YAML file to feed API to secure them against attacks

Likelihood to Renew

-I believe the API security feature is quite stable
-There are a lot of in depth control to acheive API security in granularity

Evaluating F5 Distributed Cloud API Security and Competitors

Products Replaced

Key Differentiators

Cloud Solutions
Scalability
Ease of Use

-Cloud soution which is quite stable in terms of data path crashes and outages
-Moreover, a lot of security features are there and working is very good in comparison to Barracuda WAAS

Evaluation Lessons Learned

Nothing

F5 Distributed Cloud API Security Implementation

Implementation Details / Implementation Partner

Implemented in-house

Implementation Phases

Change Management Lessons

Change management was minimal - At this moment, I cant describe

Implementation Issues

Not much issues reported as it was easy to implement when you have knowledge related to cloud WAF

F5 Distributed Cloud API Security Training

Training Types Used

No Training

In-Person Training

Online Training

Ease of F5 Distributed Cloud API Security Training

No, you need have atleast basic understanding of WAF

Configuring F5 Distributed Cloud API Security

Product Configurability

I believe its perfect

Configuration Lessons

Yes

UI Customization

Yes - we have customized the interface extensively - It was so easy

Extensibility and Customization

Yes - we have added extensive custom code - I beleive we have added a YAML file

Additional Customization Considerations

nothing

F5 Distributed Cloud API Security Support

Support Rating

-I believe the support is fine as they take ownership quickly and come back with the resolution quickly

F5 Distributed Cloud API Security Customer Support Pros and Cons

Pros	Cons
Quick Resolution Knowledgeable team Kept well informed No escalation required Immediate help available Support understands my problem Support cares about my success	None

Premium Support

No, I believe that my knowledge doesn't require premium support

Bug Resolution

Yes - I dont remember right now

Exceptional Examples of F5 Distributed Cloud API Security Support

I remember when we were working on some issues with F5 TAC Nisbat Jehan and she delivered outstanding support throughout the resolution process and I believe an engineer like her is always an added advantage to the company's growth and support success.