F5 Distributed Cloud WAF (Web Application Firewall) is as good as other WAAP leaders
Updated August 01, 2025
F5 Distributed Cloud WAF (Web Application Firewall) is as good as other WAAP leaders
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with F5 Distributed Cloud WAF (Web Application Firewall)
We tested F5 Cloud WAF as an option to substitute Imperva Cloud WAF.
Pros
- Blocks SQLi
- Blocks XSS
- Blocks IRA
Cons
- More POPs around the world
- Good results in pentest scans.
- PCI compliance.
F5 Cloud WAF is easy to use, is very good as management web console, is simple and very straightforward.
- Imperva Web Application Firewall (WAF)
They are very similar and protect pretty much against the same attacks. F5 though is easier to manage.
Do you think F5 Distributed Cloud WAF (Web Application Firewall) delivers good value for the price?
Yes
Are you happy with F5 Distributed Cloud WAF (Web Application Firewall)'s feature set?
Yes
Did F5 Distributed Cloud WAF (Web Application Firewall) live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of F5 Distributed Cloud WAF (Web Application Firewall) go as expected?
I wasn't involved with the implementation phase
Would you buy F5 Distributed Cloud WAF (Web Application Firewall) again?
Yes
Using F5 Distributed Cloud WAF (Web Application Firewall)
3 - Currently only 3 people in our organization as we're on the proof of concept phase to test the web application firewall and API Security features. Currently we use the Imperva WAF and right now we're validating other options on the market. F5 was one of the options we choosed since we already use F5 Big IP on our on premises environment.
3 - Currently only 3 people in our organization as we're on the proof of concept phase to test the web application firewall and API Security features. If we get to deploy it then this number would increase as we'd involve the NOC team to also manage de F5 distributed cloud Web application Firewall.
- WAF
- API Security
- CDN Load Balancing
- Rewriting headers
- Discovering APIs behavior
- Other custom rules
- Maybe expand to thousands of websites if the POC is suceeded
Evaluating F5 Distributed Cloud WAF (Web Application Firewall) and Competitors
- Cloud Solutions
- Other
API Security
We're still on the evaluation and selection process.
F5 Distributed Cloud WAF (Web Application Firewall) Implementation
- Third-party professional services
3rd party PS is helping us with the proof of concept tests.
Yes - - Config UAT apps in alert mode - Monitor logs and mitigate false positives - Config UAT apps in block mode - Config Prod apps in alert mode - Monitor logs and mitigate false positives - Config prod apps in block mode
For API Security first we enable discover mode only.
For API Security first we enable discover mode only.
Change management was a big part of the implementation and was well-handled - Change management is a standard process is our company very mature so for all changes we do there's a change ticket describing everything that we'll do on the environment.
- ACL on the origin servers had to be changed
F5 Distributed Cloud WAF (Web Application Firewall) Support
Not yet, but that's an option we consider.
As we're on the POC phase, we have only used the 3rd party support which has been great by the way.
Using F5 Distributed Cloud WAF (Web Application Firewall)
| Pros | Cons |
|---|---|
Like to use Relatively simple Easy to use Technical support not required Well integrated Consistent Quick to learn Convenient Feel confident using Familiar | None |
- API Security
- Bot Defense
- L7 dos mitigation
- None
Comments
Please log in to join the conversation