We performed a comparison between F5 Advanced WAF and Imperva Web Application Firewall based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison of Results: Based on the parameters we compared, F5 Advanced WAF seems to be the marginally superior solution. Our reviewers find that Imperva Web Application Firewall‘s cost makes it prohibitive for some organizations to afford.
"F5's user-friendly interface and seamless integration stand out as the most valuable features for us."
"This solution is an enterprise-class firewall that provides both load-balancing and security."
"Good technology for mitigating different application attacks, e.g. DDoS, DNS, and layer seven attacks."
"This solution inspects your traffic and based on that, automatically create distinct qualities for you, so you can add this to the policy already created. That's what I like most."
"The product has valuable features for load balancing, monitoring tools, and HPXpress services."
"There are a lot of good features."
"It also has antivirus and DDoS mitigation capabilities. We have enabled these features."
"The most valuable features of the F5 Advanced WAF are the enhanced ASM and the performance. Additionally, the usability and effectiveness are very good."
"There is a quick switch between any of the the nodes if something goes wrong, where there's a there's an attack against a specific area. The security setup is reasonably easy. It's not a problem to do setups and rules and integrations. And, yeah, just the the back end team is also very willing to insist if there's questions that that we cannot answer or with these questions that we do have"
"Compared to other web application firewalls in the market, Imperva does things in the most accurate way."
"Imperva monitors all traffic, even customer access, to the web application. Then, Imperva uses features like signatures to identify attacks like cross-site scripting or SQL injection."
"Imperva WAF's strongest features are the detection of web application threats and vulnerabilities in the source code."
"Learning mode and custom policies are helpful features."
"The WAF itself has been very valuable to me because it has such a complete range of features. Another reason why I like it is because it also takes care of the total overview of the traffic over the network."
"The solution can scale."
"The tool's profiling feature maps all the web application directories and related components on the profile directory. It has improved the security of my client's website applications."
"One thing that can be improved, is to increase the quantity over predefine policy."
"F5 Advanced WAF could improve the precision of the scanning. There are many false positives. They should improve their threat database."
"There should be more ability to rate limit certain scenarios. The majority of the time, it is either on or off. For certain types of use cases, there should be the ability to rate limit, not just enable or disable."
"I would say their graphical interface, the GUI. I don't like the GUI as much as before."
"It should be a little bit easy to deploy in terms of the overall deployment session. One of our customers is a bit unhappy about the reporting options. Currently, it automatically deletes event logs after some limit if a customer doesn't have any external Syslog server. It is a problem for those customers who want to review event logs after a week or so because they won't get proper reports or event logs. They should increase the duration to at least a month or two for storing the data on the device. F5 is not a leader in Gartner Quadrant, which affects us when we go and pitch this solution. Customers normally go and take a look at such annual reports, and because F5 is currently not there as a leader, the customers ask about it even though we are saying it is good in all things. F5 is not known for something totally different or unique. They were a major player in ADP, and they are just rebranding themselves into security. They should improve or increase their marketing as a security company now. They have already started to do that, but they should do it more so that when it comes to security, customers can easily remember F5. At the moment, if we say F5, load balancing comes to mind. With rebranding and marketing, all customers should get the idea that F5 is now mainly focusing on the security part of it, and it is a security company instead of load balancing. This is the first solution that should come to a customer's mind for a web application firewall."
"We usually use a third-party tool for logging and reporting. It would be nice if we could do that right on this solution. They have one, but it's not very stable. Logging and reporting effectively would be a big enhancement."
"The reporting could be clearer and embedded to include our movement data."
"It's sometimes difficult to customize APIs with F5 Advanced WAF."
"There could be some limitations that from the converged infrastructure perspective: when you want to converge with everything and you want Imperva to get there easily because it's not a cloud component. For example, when you want to build servers and you're using OneView to manage your software-defined networks, implementing Imperva right away is not that simple. But if you're doing just a simple cloud infrastructure with servers in there, you're good to go. Also, we are not able, with Imperva, to block by signatures. Imperva by itself needs to be complemented with another service to do URL filtering."
"I think that better bot protection is needed in this solution."
"It's a complicated tool to keep."
"It is complicated to integrate the solution's on-cloud version with other platforms."
"The only disadvantage of Imperva is that it is a pretty costly solution."
"I'd like the option to pick your bot protection."
"Imperva Web Application Firewall can improve by adding more features to the dashboard. increasing the visibility of the real-time events, besides configuring the administration itself."
"It would be useful if the solution used more intelligence in attack protection. For example, firewalls are to be dependent on the configuration, but if they could have some data science around it the solution would be even better. The profiling of the traffic, and making decisions surrounding that should be intelligence-based, instead of being based on the configuration of the firewall itself."
More Imperva Web Application Firewall Pricing and Cost Advice →
F5 Advanced WAF is ranked 2nd in Web Application Firewall (WAF) with 55 reviews while Imperva Web Application Firewall is ranked 6th in Web Application Firewall (WAF) with 47 reviews. F5 Advanced WAF is rated 8.6, while Imperva Web Application Firewall is rated 8.6. The top reviewer of F5 Advanced WAF writes "Flexible configuration, reliable, and highly professional support". On the other hand, the top reviewer of Imperva Web Application Firewall writes "Offers simulation for studying infrastructure and hybrid infrastructure protection". F5 Advanced WAF is most compared with Fortinet FortiWeb, Microsoft Azure Application Gateway, AWS WAF, F5 BIG-IP Local Traffic Manager (LTM) and Prisma Cloud by Palo Alto Networks, whereas Imperva Web Application Firewall is most compared with AWS WAF, Microsoft Azure Application Gateway, Fortinet FortiWeb, Azure Front Door and Prisma Cloud by Palo Alto Networks. See our F5 Advanced WAF vs. Imperva Web Application Firewall report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
