We compared AWS WAF and Azure Web Application Firewall based on our user's reviews in several parameters.
Both AWS WAF and Azure Web Application Firewall offer effective protection against web application attacks, with AWS WAF praised for its customizable rule sets, while Azure Web Application Firewall is commended for its ease of integration with existing infrastructures. AWS WAF's reliable performance and comprehensive logging capabilities stand out, while Azure Web Application Firewall is valued for its competitive pricing and efficient management features. Users appreciate AWS WAF's customer service, while Azure Web Application Firewall users highlight the instant updates and seamless integration process. Areas for improvement include better documentation and enhanced customization options for AWS WAF, and improved performance and configuration process for Azure Web Application Firewall.
Features: The valuable features of AWS WAF include effective protection against web application attacks, easy setup and configuration, comprehensive logging and monitoring, integration with other AWS services, flexible rules and policies, and efficient multi-website management. On the other hand, Azure Web Application Firewall offers strong attack protection, seamless integration, efficient management and monitoring, customizable firewall rules, instant updates, and comprehensive reporting.
Pricing and ROI: The setup cost of AWS WAF is reported to be minimal, with a smooth and straightforward process. Users mention that the licensing is flexible and customizable. On the other hand, Azure Web Application Firewall also has a straightforward setup with a user-friendly integration process. The pricing is considered competitive and the licensing structure offers flexibility to cater to different business needs., The ROI from AWS WAF has led to increased security, reduced risks, cost savings, and improved efficiency in managing the web application firewall. In comparison, Azure Web Application Firewall offers significant improvements in website security, streamlined management, extensive features, and efficient web traffic monitoring and control. Users have reported substantial returns and reliability with Azure.
Room for Improvement: In terms of room for improvement, AWS WAF users have expressed the need for better documentation, more detailed instructions, a user-friendly interface for rule setup and management, and increased customization options. On the other hand, Azure Web Application Firewall could enhance its performance, improve the configuration process for easier setup and customization, and optimize integration with other Azure services for better overall performance and efficiency.
Deployment and customer support: Based on user reviews, the implementation of AWS WAF seems to have varying durations for deployment and setup phases, while Azure Web Application Firewall had a longer deployment phase of three months but had a shorter setup phase of one week., AWS WAF's customer service and support have consistently been praised for their excellent and highly responsive approach. Users appreciate the knowledgeable and helpful support team. Azure Web Application Firewall also offers prompt, effective, and reliable customer service.
The summary above is based on 33 interviews we conducted recently with AWS WAF and Azure Web Application Firewall users. To access the review's full transcripts, download our report.
"The product's initial setup phase was very simple."
"AWS WAF is a stable solution. The performance of the solution is very good."
"The tool’s stability is very good."
"This is not a product that you need to install. You just use it."
"If hackers try to insert bugs, the tool blocks it."
"The most valuable feature is the addition of managed tools that help us create customizable rules. In case we want to block a particular request, we can make use of those rules."
"I believe the most impressive features are integration and ease of use. The best part of AWS WAF is the cloud-native WAF integration. There aren't any hidden deployments or hidden infrastructure which we have to maintain to have AWS WAF. AWS maintains everything; all we have to do is click the button, and WAF will be activated. Any packet coming through the internet will be filtered through."
"Rule groups are valuable."
"The initial setup is easy and straightforward...Azure Web Application Firewall is a scalable product."
"Azure WAF is extremely stable."
"The most valuable feature is that it allows us to publish our applications behind the firewall."
"The integration it has with GitHub is great."
"It's a good option if you want a solution that's ready to go and easy for your team to learn. It's cloud-based, so you don't need to buy or maintain any hardware infrastructure."
"It has been a stable product in my experience."
"We have found the most valuable features to be the web application, minimal skills required for management, control through policies, and automation."
"It's quite a stable product and works well with Microsoft products."
"It would be better if AWS WAF were more flexible. For example, if you take a third-party WAF like Imperva, they maintain the rule set, and these rule sets are constantly updated. They push security insights or new rules into the firewall. However, when it comes to AWS, it has a standard set of rules, and only those sets of rules in the application firewalls trigger alerts, block, and manage traffic. Alternative WAFs have something like bot mitigation or bot control within the WAF, but you don't have such things in AWS WAF. I will say there could have been better bot mitigation plans, there could have been better dealer mitigation plans, and there could be better-updated rule sets for every security issue which arises in web applications. In the next release, I would like to see if AWS WAF could take on DDoS protection within itself rather than being in a stand-alone solution like AWS Shield. I would also like a solution like a bot mitigation."
"AWS WAF could improve by making the overall management easier. Many people that have started working with AWS WAF do not have an easy time. They should make it easy to use."
"They should work to define more threats, add more security, and make it more compliant with more security companies."
"The product should improve the DDoS-related features."
"It's a bit difficult to apply the right rules for the right security."
"One area that could be improved is the DDoS protection."
"Technical support for AWS WAF needs improvement."
"We don't have much control over blocking, because the WAF is managed by AWS."
"I would say that Azure's customer service is not that good...I am not very happy with the support offered."
"The support for proxy forwarding could improve."
"There is a need to be able to configure the solution more."
"From a reporting perspective, they could do more there."
"In Brazil, we have some problems with the phone service that affect our connection with the cloud. However, it isn't common."
"The management can be improved."
"Azure WAF should not be deployed in the middle of the traffic."
"Deployment should be simplified so that a non-techie can handle it."
More Azure Web Application Firewall Pricing and Cost Advice →
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Azure Web Application Firewall is ranked 12th in Web Application Firewall (WAF) with 9 reviews. AWS WAF is rated 8.0, while Azure Web Application Firewall is rated 8.4. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Azure Web Application Firewall writes "It's a good option if you want a solution that's ready to go and easy for your team to learn". AWS WAF is most compared with Microsoft Azure Application Gateway, F5 Advanced WAF, Imperva Web Application Firewall, Cloudflare Web Application Firewall and Fortinet FortiWeb, whereas Azure Web Application Firewall is most compared with Fortinet FortiWeb, Azure Firewall, Azure Front Door, F5 Advanced WAF and Microsoft Defender for Endpoint. See our AWS WAF vs. Azure Web Application Firewall report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.