Prisma Cloud is praised for its competitive pricing, ease of deployment, comprehensive security capabilities, and top-notch customer service. On the other hand, F5 Advanced WAF receives mixed opinions on pricing, setup cost, and licensing, but is valued for its robust security features, customizable policies, and responsive customer support.
The summary above is based on 138 interviews we conducted recently with Prisma Cloud by Palo Alto Networks and F5 Advanced WAF users. To access the review's full transcripts, download our report.
"It's scalable and very easy to manage."
"The most valuable features of this solution are the WAF protection, Data Safe, and the seven-layer DDoS."
"This solution inspects your traffic and based on that, automatically create distinct qualities for you, so you can add this to the policy already created. That's what I like most."
"The most valuable features of the F5 Advanced WAF are the enhanced ASM and the performance. Additionally, the usability and effectiveness are very good."
"The valuable features vary from customers to customers. Some customers are okay with the basic features of the WAF, and some customers use advanced WAF with a few other features."
"F5's user-friendly interface and seamless integration stand out as the most valuable features for us."
"Good dashboard and reporting."
"It is easy to obtain dashboard compliance because security policy views are included."
"The runtime mechanism on the solution is very useful. It's got very good network mapping between containers. If you have more than one container, you can create a content data link between them."
"The CVEs are valuable because we used to have a tool to scan CVEs, at the language level, for the dependencies that our developers had. What is good about Prisma Cloud is that the CVEs are not only from the software layer, but from all layers: the language, the base image, and you also have CVEs from the host. It covers the full base of security."
"The client wasn't using all of the features, but the one that stood out was infrastructure-as-code (IaC). I built IaC use cases and was trying to get them to use it. I also liked cloud workload protection. I worked with the vulnerability management team to develop a process. It's a manual process, so it can be challenging to remediate many image or container issues. It was nice that we could build out a reporting process and download the reports. The reports are solid."
"Technical support is quite helpful."
"Prisma Cloud also provides the visibility and control you need, regardless of how complex or distributed your cloud environments become. It helps to simplify that complexity. Now we know what the best practices are, and if something is missing we know."
"I found the network queue sets useful. I also liked the Workload Protection Module, the vulnerability findings, and how the rule sets handle the vulnerabilities based on severity."
"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."
"Prisma Cloud's most important feature is its auto-remediation."
"This solution can be made more user-friendly."
"While F5 Advanced WAF does limit the number of partners in certain regions to ensure successful business transactions, they could also benefit from expanding their partnerships and making it easier for more people to learn about and become experts in F5 Advanced WAF. By doing so, they could increase the reach and exposure of their solution, similar to how Cisco has become widely recognized in the security industry."
"They should work on the virtualization of NGINX."
"The solution should include protection against web page attacks like what is available in FortiWeb."
"F5 Advanced WAF could improve the precision of the scanning. There are many false positives. They should improve their threat database."
"The administrator's user interface and some of the settings can sometimes be very complicated to understand."
"The Sandbox integration feature could be improved."
"I would not expect traffic details to pass through the web application firewall across the length of the whole application. I think that there is a web application where it can let the application function without traffic going in into the WAF."
"Areas like the deployment of their defenders and their central control need manual intervention. They should focus more on automation. They have a very generic case for small companies. However, for bigger companies to work, we have to do a lot of changes to our system to accommodate it. Therefore, they should change their system or deployment models so it can be easy to integrate into existing architectures."
"Based on my experience, the customization—especially the interface and some of the product identification components—is not as customizable as it could be. But it makes up for that with the fact that we can access the API and then build our own systems to read the data and then process and parse it and hand it to our teams."
"The challenge that Palo Alto and Prisma have is that, at times, the instructions in an event are a little bit dated and they're not usable. That doesn't apply to all the instructions, but there are times where, for example, the Microsoft or the Amazon side has made some changes and Palo Alto or Prisma was not aware of them. So as we try to remediate an alert in such a case, the instructions absolutely do not work. Then we open up a ticket and they'll reply, "Oh yeah, the API for so-and-so vendor changed and we'll have to work with them on that." That area could be done a little better."
"There needs to be a mechanism that allows me to manually configure compliance more easily."
"The dashboard can be created at the user level instead of the cloud account level, which will help save time."
"The information presented in the UI sometimes doesn't look intuitive enough."
"The visibility on the SIEM needs to be streamlined so we can get the data without any issues."
"They need to improve the API gateway."
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
F5 Advanced WAF is ranked 2nd in Web Application Firewall (WAF) with 55 reviews while Prisma Cloud by Palo Alto Networks is ranked 5th in Web Application Firewall (WAF) with 82 reviews. F5 Advanced WAF is rated 8.6, while Prisma Cloud by Palo Alto Networks is rated 8.4. The top reviewer of F5 Advanced WAF writes "Flexible configuration, reliable, and highly professional support". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". F5 Advanced WAF is most compared with Fortinet FortiWeb, Microsoft Azure Application Gateway, AWS WAF, Imperva Web Application Firewall and Azure Front Door, whereas Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and Qualys VMDR. See our F5 Advanced WAF vs. Prisma Cloud by Palo Alto Networks report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.