Share your experience using The Fastly Next-Gen WAF (powered by Signal Sciences)

The product's most valuable feature is its ability to set up the rules easily. The agent-based approach allows for efficient policy control per agent, simplifying managing rules for various websites or apps hosted on platforms like AWS or Azure.

The areas that could be improved in Signal Sciences include the effectiveness of rules, as many didn't function optimally and required custom rule-writing to address bypasses for WAF. Additionally, the agent-based approach presents challenges with managing agents across versions and dependencies on specific application platforms like Apache or NGINX, leading to compatibility issues and complexity in integration. This agent-based system proved particularly difficult to manage.

We have been using Signal Sciences for two years.

The product has high stability.

We have around 500 to 600 systems running on Signal Sciences.

We contacted the technical support team during migration from one of the agent approaches to the reverse proxy method. We had to call them multiple times. The services could be better. However, we received assistance from an executive who knew how to set it up.

The initial setup for Signal Sciences is challenging. It requires technical expertise. Various factors, such as the operating system, web server, and their respective versions, need meticulous consideration. It leads to multiple potential points of failure, resulting in numerous errors during setup. It is not easy, similar to solutions like Amazon WAF, which offer a streamlined deployment process with just a few clicks.

The product has an affordable cost.

We did evaluate Cloudflare and Barracuda. We went with Signal Sciences as it is most cost-optimal. This led to the decision to proceed with the product particularly due to its compatibility with Kubernetes and the utilization of a reverse proxy agent in deployment. Its cost-effectiveness at that time, especially considering Fastly acquired it, made it a relatively more affordable option than others.

I advise others to make a purchase decision depending on the budget. If they have a budget, they should go with Cloudflare. I have used Signal Sciences, Azure, and AWS. They need to work more efficiently to protect web applications.

I rate Signal Sciences a six out of ten. It has good granularity features, but maintenance and agent approaches could be more convenient.

We used Signal Sciences to implement a web application firewall for some of our applications.

When configuring a web application firewall using Signal Sciences, we configure a rule whereby no one except a few people can access the application. We can create a corporation rule and a site rule separately. We can have a global rule which can be used for all other applications, as opposed to a site rule, which will be specific to a specific website. With Signal Sciences, we can define a rule based on our application requirements.

There are some lags in Signal Sciences for the web application firewalls. Even if we create some custom rules, Signal Sciences cannot capture some of the malicious traffic. There is a little bit of complexity with custom rules that should be removed.

Signal Sciences should add a feature called rate limiting with multiple options, wherein I can create a rate limiting based on the cookie request or the IP.

I used Signal Sciences for almost two years.

Signal Sciences is a stable product, but it takes longer for new custom rules, implementations, or a new feature request.

Signal Sciences is a scalable product because it fulfills most of the major requirements.

More than 100 people used Signal Sciences in my company because multiple teams and application owners needed access to the solution.

The Fastly team is handling Signal Sciences' support team. Sometimes they do not understand the issue and go with their own understanding. I faced this issue, because of which, sometimes our website went down. However, the solution's customer support is pretty good.

Neutral

Signal Sciences' initial setup is quite straightforward if you are familiar with the UI. However, it will be a little bit tricky for new users to understand. The solution's navigation is also good.

It takes at least one month to complete the solution's configuration and monitoring. However, if you remove the monitoring part, it will hardly take one week. There are some lags in creating the custom rules, and sometimes it is not able to fulfill the requirement. We struggled almost for more than a month to fix that issue.

Signal Sciences is pretty cheap compared to other solutions. We could handle the cost because the solution was on-premises and installed on our server.

My organization used Signal Sciences for the internal application or in case any customer tried to integrate their application with our application. We found that the solution was secure for such applications.

I advise users to choose Signal Sciences. However, they should evaluate the solution based on their requirement and ask for the feature request if something is missing.

Overall, I rate Signal Sciences an eight out of ten.