Azure Web Application Firewall Reviews

Because we mostly operate in the cloud and because we're a Microsoft environment, it was the best option in the scenario. The options were limited in terms of wanting to be an only Microsoft environment, so we implemented mostly the Azure resources.

The Microsoft support and the analytics are what I appreciate about Azure Web Application Firewall. It integrates effectively with things such as Sentinel and Defender for Cloud, so mostly it's the analytics and now the AI capabilities that have been introduced with Co-pilot.

It helps when looking for threats.

It reduces issues significantly because the filtering capabilities are high. Given that it's a cloud solution, we have very minimal downtime, especially because we have Microsoft support. On a scale of one to 10, I would give it an eight.

The pricing needs improvement, and I think for beginners it will be a little bit complicated, so the ease of use could be enhanced. I've worked with Fortinet and Cisco, and I think the UI is a little bit easier than Fortinet, so they can improve on that.

I've been using Azure Web Application Firewall for the past six years.

It's partial integration with only our Azure resources. For the other items, we have implemented Meraki and Cisco on-premises, and we haven't integrated it fully into the whole environment.

For stability, I would give it an eight.

For our company, Azure Web Application Firewall works effectively for scalability, so I would rate it a seven.

I would rate the solution an eight overall.

I would rate the technical support that Azure provides from Microsoft a seven.

Positive

We don't work with Sophos or Fortinet; we work with Cisco and Microsoft.

It depends; if you've worked with Azure, then it will be easy, but if you're a beginner in cloud and Azure, then it will be hard, so it's a medium implementation.

Depending on your experience, you can deploy Azure Web Application Firewall in a day, but configuring the rules takes time. Some users may take longer to deploy it because they haven't worked with it before, so they'll have to do research on how to deploy it and optimize it apart from just deploying it.

We implemented the solution.

I would place Azure Web Application Firewall at an eight on a scale from one to 10, with one being cheap and 10 being expensive.

I would recommend Azure Web Application Firewall, but I think there are other firewalls that are much better. Check Point would be much better, but I would recommend it for certain scenarios.

Azure Web Application Firewall requires constant updates; you have to check for the updates. It's not similar to the on-premise solution where you may have to change the box after a couple of years, so that's also an advantage.

I would recommend Azure Web Application Firewall to other users, especially for cloud users.

About 60 to 70 users work with Azure Web Application Firewall.

On a scale of 1-10, I rate this solution an 8.

The main use case for Azure Web Application Firewall is to publish anonymous websites.

Two specific use cases come from a gas station company providing fuel and another from a cosmetics company. These are small to medium businesses.

The best features of Azure Web Application Firewall are that it provides security and protection from poorly designed web applications.

I assess the effectiveness of Azure Web Application Firewall in protecting against OWASP Top 10 threats as positive, because we have reports confirming its protection against these types of attacks. It was really effective.

It does not bring any operational impacts such as better efficiency or time-saving; it simply provides the certainty of enhanced protection without operational efficiency improvements.

I encountered difficulties with certificates for a Linux server when implementing protection. I had to create the entire chain, as I couldn't simply upload the certificate and the chain. Instead, I had to recreate the whole chain and install it on the server.

I have been utilizing Azure Web Application Firewall for almost two years.

I reached out to their support, and they helped me resolve the issue effectively.

I reached out to their support, and they helped me resolve the issue effectively. I would rate them a 10 as their service was very good.

We used Fortinet before. When online, we use the Azure feature, but for on-premises solutions, we use Fortinet FortiGate.

I do not use other solutions besides Azure Web Application Firewall. As a Microsoft partner, I provision these solutions for some of our clients.

I still utilize Azure products.

I use Network Watcher for troubleshooting purposes.

The Azure pricing is quite good as it's very dynamic. Despite some changes in pricing, with an online pricer, I manage effectively. However, it is somewhat more expensive than competitors.

The main differences between Fortinet and Azure are that FortiGate and the entire Fortinet suite are quite easy to manage. The GUI is very friendly and easier to use compared to the Azure GUI.

On a scale of 1-10, I rate Azure Web Application Firewall an 8.

I mainly use it for front-facing applications and maintenance work. These are the main applications that I use.

Mainly, it comes with the complete suite of Microsoft services. I can use it in conjunction with the best options and other features that come with it. Configuration is much easier than using different platforms. 

For example, if I have hosted the application in AWS and am using the Application Firewall from Azure, there are certain additional steps to follow when configuring them. With Microsoft, everything is within a single suite, making it easier to configure and plan. 

Azure continually upgrades platforms and sends us messages to upgrade to the next version, simplifying the process. Later, it's much easier if I want to upgrade the software platform, scale it, or move it to a different application host as the whole suite comes together. 

The return on investment is good. If I am doing applications for clients, I can invoice them for better costs. Most applications that I run and use have a better return on investment.

While using it, I identified certain areas where it would have been good to have additional features. Right now, I can't recall any specific instances. Seamless integration is good, yet having multiple upgrades within a short span of time can be a trade-off. 

Upgrading the platform regularly is necessary for security, however, frequent updates every six months or year from Azure can be a maintenance overhead. However, this is acceptable to keep up with the world's advancements.

I have used the solution for about one and a half years, maybe.

Very rarely do I see any latency issues. Maybe once in the past one and a half years, I've seen it not working. After restarting the whole system, it started working, so I don't think that's a big issue.

Some Azure applications, like the web application firewall, require a certain level of SKU for hosting setup. The basic setup does not allow me to use the web application firewall and other additional services. 

Beyond a certain SKU, I can install and use these services. If I don't need cutting-edge technologies, I can go with a basic SKU. For advanced SKUs, I can't remember the exact specs. Beyond that, these services can be utilized.

I have a team of developers here working with me. They are good at troubleshooting and configuring things. I hardly use Microsoft's paid subscription or maintenance services, however, whenever I send them a note, they have been responsive. I have nothing to complain about.

Positive

Most Azure platforms are much easier to install and configure, similar to Web and Application. There's plenty of help online with guides and documentation. One less documented area is using OpenAI, especially related to the Azure Search Service. 

Sometimes, when following these guides, results don't match the explanations. However, when it comes to WAF configuration and other applications, the guides are comprehensive and easy to follow.

AI-based recommendations save on time and money. The return on investment is good. When doing applications for clients, I invoice them better costs. Most applications I run and use have a better return on investment.

The pricing is okay at the moment. Sometimes, when opting for a higher SKU, it's not the WAF itself that's costly but the additional requirements. A higher SKU application hosting platform adds to the cost. However, this is reasonable given the use of other services within Azure.

I would rate the solution at a nine out of ten.

I work with pretty much all Azure resources, from Data Factory to OpenAI options and applications. I also use the web application firewall, Azure VPN services, and everything within Azure Suite. I haven't directly used the DDoS service, yet I use the VPN, which might include DDoS prevention. I have a team of developers who are good at troubleshooting and configuring things. I hardly use Microsoft's paid services. That said, they have been responsive. I have nothing to complain about.

When discussing protection for OWASP Top 10, Azure Web Application Firewall provides security against the most common attacks based on existing vulnerabilities, ensuring protection against external attacks.

Positive

Using pre-configured rules is helpful because with clear requirements on which application gateway needs protection, we can set up the rules within one day and protect that application.

Regarding real-time application traffic logs and detailed analytics and monitoring, if Azure Web Application Firewall is integrated with Sentinel, it is easy to handle the logging. Otherwise, it is more difficult, similar to AWS WAF where integration with CloudTrail for logging is necessary. It's not as straightforward as using Palo Alto, where we can use the Monitor tab to intercept the traffic.

Currently, clients are generally satisfied with the functionality and haven't indicated any need for additional functions. I have worked with both cloud environments, protecting web applications in Azure using Azure Web Application Firewall and utilizing AWS WAF for some clients.

I rate Azure Web Application Firewall a seven out of ten.

We primarily use the solution for cloud security.

The solution has been very good at helping us avoid DDoS attacks. 

The solution is very good. It has a lot of useful features. It's great for protecting against DDoS attacks. 

Its security control is very good. 

The knowledge base could be improved. They should make it so that, if anyone wants to jump into cloud security management on Axure, they can easily start. It's important that they make the technology easy to use, even for those just starting out. 

I've used the solution for two or three years. 

The stability has been good. 

We have around 2,000 to 3,000 end users. 

Technical support is good. 

Positive

We did not previously use anything similar. Previously, we had an on-premise Fortinet solution.

The initial setup is fairly easy. I'd rate it seven out of ten. We have two people deploying the product. They are engineers that handle Azure cloud security. 

We have around 11 people maintaining the solution. For example, if something changes in the network grid, or if there is a configuration change necessary, they would jump in to adjust. They also monitor all events to make sure nothing is wrong internally. Mostly, cybersecurity analysts manage it. 

We have witnessed cost savings since migrating to the cloud. Previously, we had more administration costs. 

I do not handle licensing. That is not part of my job.

We did not evaluate other options. We wanted to migrate to the cloud and so we chose Microsoft.

We're Microsoft customers. 

I'd rate the solution seven out of ten.

I would recommend the product to others. 

I use it in combination with other things like endpoint security and application security, along with RBAC.

AWS does not have the same level and options to protect secrets such as asset tokens and keys. In Azure, all of this resides within the platform, ensuring a very high level of security. It is almost impossible to access these assets from outside, requiring a very skilled attacker to obtain asset tokens of a customer using Azure.

I am a boring person here since I am very satisfied and a big fan. From my point of view, there is no need for improvement.

I was in the early bird program for Azure when I was at the University of Gothenburg, so that's why we got our hands on Azure in 2008, two years before it was officially launched. I have been permanently working in Azure for seven years.

The solution is a very stable service.

I am very satisfied with the response from Microsoft dedicated architects if it happens that I have to call for their support. I am a hired gun, so customers hire me to get my expertise. 

Often, these customers belong to the PNP package from Microsoft, so they receive an immediate response from Microsoft's own architects.

Neutral

It has been a couple of years since I was hands-on with AWS, and I know things have evolved on the AWS side. However, some issues still exist, which are the reasons why organizations like Pentagon and some large banks in the US have moved away from AWS. I cannot recommend any customer to go to AWS.

The initial setup is very easy.

I implement it for customers, setting up the entire infrastructure, including accessibility, storage, and network security. That is what I do.

There are cost savings since equivalent solutions from third-party vendors like Fortinet, Check Point, or Palo Alto are much more expensive. 

Recently, they have been under serious attack with major exploits, such as Log4j, affecting Fortinet and Palo Alto, and even Cisco and VMware. This poses a huge danger when considering implementing these solutions.

You get what you pay for, and it is very much worth the price. It is even a lower cost compared to AWS and GCP.

I can only strongly recommend using the Azure Web Application Firewall. It is really easy. 

My rating for the product is ten out of ten.

We are using Azure Web Application Firewall to filter and analyze requests from the end-user part of our application. It also processes requests from browsers to the backend of our application, ensuring that suspicious requests are blocked.

Having the Azure Web Application Firewall installed has made our platform more attractive to customers, as it meets their security requirements. It has increased our platform's security and credibility.

The most valuable feature of Azure Web Application Firewall is its ability to filter requests and block false positives by using custom rules and the OWASP rule set. This helps ensure only legitimate requests reach our backend.

Microsoft is constantly working on improvements. We would like to see additional site services using AI to provide information about blocking requests and offer analytics on the origin of calls. This would enhance the current functionality.

We have been working closely with this solution for about one year.

A few years ago, stability issues caused delays in applying changes. However, these issues have now been fixed. The solution is currently stable and works quickly.

Azure Web Application Firewall is scalable. We rate its scalability a nine out of ten.

We have not yet contacted Microsoft support regarding any issues.

Positive

We considered other solutions like Cloudflare but chose Azure Web Application Firewall because it is cost-effective and gives us more control.

The initial setup took about thirty to fifty minutes from scratch. Currently, applying changes takes only a few minutes.

I am not able to provide specific details on ROI. However, having the web application firewall helps us meet customer security requirements, making our platform preferable.

The price is reasonable. It is approximately $2,000 US per month. This cost is one of the main reasons why we selected Azure Web Application Firewall. It provides enough functionality for our needs.

We evaluated other solutions like Cloudflare but chose Azure Web Application Firewall due to its cost-effectiveness and better control.

I recommend developing your application to be ready for use with any web application firewall. Before full implementation, perform extensive testing to anticipate and resolve issues like false positives.

I'd rate the solution nine out of ten.

We use the solution to protect our web applications. It is important to protect web applications from the core, such as SQL injection. We can leverage the built-in Microsoft application, such as Defender, to do this. Application firewalls offer many benefits.

The WAF protection is the most valuable feature.

I previously used Barracuda Web Application Firewall. I hope that Azure Web Application Firewall will look at other products and replicate some of their functionality. Azure WAF is doing great because it is designed to host web applications in Azure. However, it can be improved with other services. Barracuda is the most advanced firewall in the industry, so Azure WAF could pick some of its features and replicate them into its own application firewall. Barracuda WAF was deployed in parallel to the traffic. Azure WAF should not be deployed in the middle of the traffic. It should support both public and private points of presence. Additionally, like Barracuda, Azure WAF should have an inspection engine that covers not just Microsoft products, but also products from other manufacturers. This would be a great addition to the product and would increase its security functionality.

I am currently using Azure Web Application Firewall. 

Azure WAF is extremely stable.

Azure WAF's scalability is really good.

The quality of support depends on the level we pay for. The higher the level the better the support.

Neutral

I previously used Barracuda Web Application Firewall. 

Azure WAF's initial setup is straightforward. To deploy it, we need to know the rules, the DNS, the traffic factors, and other such information. We also need to know how to model the threats. This is a straightforward process.

The implementation was completed in-house.

Azure WAF's pricing is what differentiates the solution from the others. I give the pricing a nine out of ten.

I give Azure WAF a nine out of ten.

I'm doing a demo of Azure Web Application Firewall for layer 7 protection of the tools I offer to my e-commerce customers. 

Azure WAF has price advantages over other WAF solutions. The pricing model is flexible because you pay on a scale based on the level of protection you need.  

In Brazil, we have some problems with the phone service that affect our connection with the cloud.  However, it isn't common.

Azure WAF is scalable. I have some customers that deploy applications in the cloud with challenging workloads.

Support varies depending on your level. Some of our customers have the highest level of support while others have only standard support. We haven't had a problem getting support when needed. If a customer wants a new SLA, we can talk about it, but I think the basic support is fine. Microsoft response times are decent. 

I also use Palo Alto and SonicWall.

Setting up Azure WAF isn't difficult. It took about one or two hours. The interface is intuitive. 

In Brazil, they offer decent terms for contracts with large enterprises, so I think the price is reasonable. 

I rate Azure Web Application Firewall eight out of 10. It's a good option if you want a solution that's ready to go and easy for your team to learn. It's cloud-based, so you don't need to buy or maintain any hardware infrastructure. 

I can set up a defense in the cloud that supplements my on-premise infrastructure from Palo Alto, Fortinet, etc. You already have a platform as a service or services you can add on and configure. 

We are using the solution for filtering the web application traffic.

It's based on the matrix configured by the application server. That traffic will be filtered based on incoming traffic. It'll transfer the outgoing traffic to the endpoint.

We're just monitoring post-configuration. The monitoring is good. It was pretty much issue-free.

It's quite a stable product and works well with Microsoft products. 

The initial setup is very easy.

It's scalable.

Technical support is helpful.

This is a trustworthy product. Microsoft is well-known and respected around the world.

There are a lot of features, including features for standard and premium deployments. Small businesses can use the product and easily move up as they grow.

I haven't had any issues and can't speak to any areas needed for improvement. 

From a reporting perspective, they could do more there. They could make the reporting features more robust. 

I've used the solution for just over four and a half years. 

The solution has been very stable. There are no bugs or glitches, and it doesn't crash or freeze. It's reliable. We've never had any type of technical challenge. 

We currently have a 15-memebr team using the solution and handling the monitoring. That's for a specific project. We use it every day.

We can scale the solution up and down according to our needs. It's an easy license for scaling. 

The technical support is knowledgeable. They are professional and personal as well. They check in and call and give us good support. We're in India, and sometimes we get another Indian tech and we can speak in our native language as well, which is helpful. It helps to discuss things in our own language as it helps us understand the challenges we are facing better. 

Positive

I've never used a different WAF solution. I've only really used Microsoft products over the course of my career. 

The solution is very straightforward and simple. It's not overly complex. I'd rate the ease of setup a five out of five.

I don't deal with the pricing of the cost of the solution. I'm not sure how the licensing works. 

We're Microsoft partners. 

I'd recommend the solution as it is easy to understand and easy to integrate. It's very stable and we trust it as a recognized Microsoft product.

I'd rate the solution ten out of ten.