• Home
  • AWS WAF vs. F5 Advanced WAF

AWS WAF vs F5 Advanced WAF comparison

Cancel
You must select at least 2 products to compare!
Amazon Web Services (AWS) Logo

AWS WAF

Read 52 AWS WAF reviews
17,782 views|13,844 comparisons
82% willing to recommend
F5 Logo

F5 Advanced WAF

Read 54 F5 Advanced WAF reviews
12,226 views|9,741 comparisons
97% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
AWS WAF vs. F5 Advanced WAF
March 2024
Executive Summary
Updated on Mar 6, 2024

We compared AWS WAF and F5 Advanced WAF based on our user's reviews in several parameters.

Users have praised AWS WAF for its effective protection against web application attacks, customizable rule sets, and affordable pricing. On the other hand, F5 Advanced WAF stands out for its robust security measures, advanced threat intelligence, and user-friendly interface. However, AWS WAF users appreciate the responsive customer support, while F5 Advanced WAF users value its seamless integration with existing systems. Both products have areas that need improvement, with AWS WAF users looking for better documentation and customization options, and F5 Advanced WAF users desiring a more intuitive interface and comprehensive support for troubleshooting.

Features: AWS WAF offers effective protection against web application attacks, easy setup and configuration, flexibility in setting rules, and integration with other AWS services. F5 Advanced WAF provides robust security measures, advanced threat intelligence, efficient traffic management, and customizable policies.

Pricing and ROI: The setup cost for AWS WAF is minimal, with a smooth and straightforward process. Users find the licensing flexible and customizable. On the other hand, F5 Advanced WAF also has a minimal setup cost, making installation hassle-free. Users appreciate the straightforward and easy-to-manage licensing., AWS WAF's ROI is reflected in increased security, reduced risks, and improved web threat protection. It also offers cost savings and efficient management. On the other hand, F5 Advanced WAF's ROI is seen in improved security, enhanced visibility, and reduced cyber threats. It effectively protects web applications for a safe user experience. Overall, both products deliver valuable and beneficial ROI.

Room for Improvement: AWS WAF users have requested better documentation and detailed instructions for users with limited technical expertise. They also want a more user-friendly interface, enhanced customization options, and greater flexibility in configuring rule sets. F5 Advanced WAF users have expressed concerns about a lack of user-friendly interface, complexity in configuration, and a need for improved documentation and better support for troubleshooting and resolving issues. Overall, they desire a more streamlined and intuitive experience.

Deployment and customer support: Based on user feedback, it is necessary to consider the duration required for different phases of implementing a new tech solution. For AWS WAF, users mentioned distinct timeframes for deployment and setup, while for F5 Advanced WAF, users mentioned similar timeframes for deployment and setup., AWS WAF's customer service is consistently praised for being excellent and highly responsive. Users appreciate the knowledgeable support team who go above and beyond. On the other hand, F5 Advanced WAF's support has received positive feedback for their prompt and helpful assistance.

The summary above is based on 56 interviews we conducted recently with AWS WAF and F5 Advanced WAF users. To access the review's full transcripts, download our report.

To learn more, read our detailed AWS WAF vs. F5 Advanced WAF Report (Updated: March 2024).
Download the complete report
768,740 professionals have used our research since 2012.
Featured Review
Prasanth MG
Allows us to set up security rules and has a good scalability
The solution helps our organization to comply with our security standards.
Phani Sundar Mandarapu
Efficiently protect web servers exposed to the external network and robust stability
It helps us detect threats or malicious requests coming into the network, protecting it from being hacked. It helps guard against issues like... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature of the solution is the ability to integrate central sets. It protects from intrusion attacks such as scripting and SQL injections.""AWS WAF helps mitigate different kinds of bot attacks and SQL injection that happen within the retail industry.""Rule groups are valuable.""The solution is stable.""We do not have to maintain the solution.""The stability of AWS WAF is valuable.""The most valuable features of AWS WAF are its cloud-native and on-demand.""This product supplies options for web security for applications accessing sensitive information."

More AWS WAF Pros →

"The most valuable features of F5 Advanced WAF are the easy identification of events and customization. We can pinpoint our settings.""This solution inspects your traffic and based on that, automatically create distinct qualities for you, so you can add this to the policy already created. That's what I like most.""Good dashboard and reporting.""With F5 Advanced WAF, it was protection for online publications and for our customers that caused us to choose the platform.""I like them because I like the security solution. They get extra marks compared to other solutions or competitors. There are more features than any other product I can think of. They're always monitoring, and the security features offer more than other, lesser products.""Very easy to implement and works well.""F5 Advanced WAF secures our connectivity and combines both the main functions of WAF (balancing and web application security).""It is easy to obtain dashboard compliance because security policy views are included."

More F5 Advanced WAF Pros →

Cons
"The solution could improve by having better rules, they are very basic at the moment. There are more attacks coming and we have to use third-party solutions, such as FIA. The features are not sufficient to prevent all the attacks, such as DDoS. Overall the solution should be more secure.""The solution is cloud-based, and therefore the billing model that comes with it could be more intuitive, in my opinion. It's very easy to not fully understand how you tag things for billing and then you can quite easily run up a high bill without realizing it. The solution needs to be more intuitive around the tagging system, which enables the billing. Right now, I have a cloud architect that does that on our behalf and it isn't something that a business user could use because it still requires quite a lot of technical knowledge to do effectively.""On the UI side, I would like it if they could bring back the geolocation view on the corner.""We must monitor and clean up the WAF manually.""AWS WAF could improve by making the overall management easier. Many people that have started working with AWS WAF do not have an easy time. They should make it easy to use.""The product could be improved by expanding the weightage units of rules.""It will be helpful if the product recommends rules that we can implement.""Technical support for AWS WAF needs improvement."

More AWS WAF Cons →

"The solution should include RASP for another level of protection at the code itself.""The user interface (UI) seems a bit outdated. Making it more user-friendly would be beneficial.""There should be more ability to rate limit certain scenarios. The majority of the time, it is either on or off. For certain types of use cases, there should be the ability to rate limit, not just enable or disable.""I think the deployment templates can be better.""The solution is tedious. It takes a lot of discrete settings so one needs to get detailed and granular when they use the solution. It takes you a whole lot of energy and concentration to configure. It needs to be much more straight-forward, like other web solutions.""The delay times on firmware patches and software updates could be better and improved.""F5 Advanced needs to improve its bot protection. The solution needs to have machine learning to learn the behavior of the customer to recognize the human versus the bot. This is a difficult feature to explain to our customers. I would like documentation about the bot feature to make it easier for the customer to understand.""I would not expect traffic details to pass through the web application firewall across the length of the whole application. I think that there is a web application where it can let the application function without traffic going in into the WAF."

More F5 Advanced WAF Cons →

Pricing and Cost Advice
  • "It's an annual subscription."
  • "There are no costs in addition to the standard licensing fees."
  • "There are different scale options available for WAF."
  • "AWS is not that costly by comparison. They are maybe close to $40 per month. I think it was between $29 or $39."
  • "It has a variable pricing scheme."
  • "We are kind of doing a POC comparison to see what works best. Pricing-wise, AWS is one of the most attractive ones. It is fairly cheap, and we like the pricing part. We're trying to see what makes more sense operation-wise, license-wise, and pricing-wise."
  • "It's quite affordable. It's in the middle."
  • "The pricing should be more affordable, especially as it pertains to small clients."

    • More AWS WAF Pricing and Cost Advice →

  • "The pricing is too high."
  • "I think the price is very high."
  • "After buying the program, you just pay for the support every year."
  • "Licensing fees for this solution are paid on a yearly basis."
  • "It's more expensive than other solutions and depending on the modules, there can be additional fees."
  • "F5 bundles up services and the bundle is what you pay for rather than individual components."
  • "Its price is fair. We have done a couple of deals where they were able to give some kind of discount to the customers. The price was initially high for the customers, but after a couple of negotiations, it came within their budget. They were happy with that."
  • "There are various plans available for Fortinet FortiWeb Cloud WAF as a Service, including a trial version."

    • More F5 Advanced WAF Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    See Recommendations
    768,740 professionals have used our research since 2012.
    Questions from the Community
    What are the limitations of AWS WAF vs alternative WAFs?
    Top Answer:Hi Varun I have had experienced with several WAF deployments and deep technical assessments of the following: 1. Imperva WAF 2. F5 WAF 3. Polarisec Cloud WAF Typical limitations on cloud WAF… more »
    Read all 2 answers   →
    How does AWS WAF compare to Microsoft Azure Application Gateway?
    Top Answer:Our organization ran comparison tests to determine whether Amazon’s Web Service Web Application Firewall or Microsoft Azure Application Gateway web application firewall software was the better fit for… more »
    What do you like most about AWS WAF?
    Top Answer:Rule groups are valuable.
    Read all 39 answers   →
    What do you like most about F5 Advanced WAF?
    Top Answer:F5's user-friendly interface and seamless integration stand out as the most valuable features for us.
    Read all 39 answers   →
    What is your experience regarding pricing and costs for F5 Advanced WAF?
    Top Answer:The solution is expensive.
    Read all 27 answers   →
    What needs improvement with F5 Advanced WAF?
    Top Answer:The customer service could be improved.
    Read all 39 answers   →
    Ranking
    1st
    out of 79 in Web Application Firewall (WAF)
    Views
    17,782
    Comparisons
    13,844
    Reviews
    30
    Average Words per Review
    407
    Rating
    8.5
    3rd
    out of 79 in Web Application Firewall (WAF)
    Views
    12,226
    Comparisons
    9,741
    Reviews
    21
    Average Words per Review
    413
    Rating
    8.7
    Comparisons
    Also Known As
    AWS Web Application Firewall
    Learn More
    Amazon Web Services (AWS)
    F5
    Overview

    AWS Web Application Firewall (WAF) is a firewall security system that monitors incoming and outgoing traffic for applications and websites based on your pre-defined web security rules. AWS WAF defends applications and websites from common Web attacks that could otherwise damage application performance and availability and compromise security.

    You can create rules in AWS WAF that can include blocking specific HTTP headers, IP addresses, and URI strings. These rules prevent common web exploits, such as SQL injection or cross-site scripting. Once defined, new rules are deployed within seconds, and can easily be tracked so you can monitor their effectiveness via real-time insights. These saved metrics include URIs, IP addresses, and geo locations for each request.

    AWS WAF Features

    Some of the solution's top features include:

    • Web traffic filtering: Get an extra layer of security by creating a centralized set of rules, easily deployable across multiple websites. These rules filter out web traffic based on conditions like HTTP headers, URIs, and IP addresses. This is very helpful for protection against exploits such as SQL injection and cross-site scripting as well as attacks from third-party applications.
    • Bot control: Malicious bot traffic can consume excessive resources and cause downtime. Gain visibility and control over bot traffic with a managed rule group. You can easily block harmful bots, such as scrapers and crawlers, and you can allow common bots, like search engines and status monitors.
    • Fraud prevention: Effectively defend your application against bot attacks by monitoring your application’s login page with a managed rule group that prevents hackers from accessing user accounts using compromised credentials. The managed rule group helps protect against credential stuffing attacks, brute-force login attempts, and other harmful login activities.
    • API for AWS WAF Management: Automatically create and maintain rules and integrate them into your development process.
    • Metrics for real-time visibility: Receive real-time metrics and captures of raw requests with details about geo-locations, IP addresses, URIs, user agents, and referrers. Integrate seamlessly with Amazon CloudWatch to set up custom alarms when events or attacks occur. These metrics provide valuable data intelligence that can be used to create new rules that significantly improve your application protections.
    • Firewall management: AWS Firewall Manager automatically scans and notifies the security team when there is a policy violation, so they can swiftly take action. When new resources are created, your security team can guarantee that they comply with your organization’s security rules.

    Reviews from Real Users

    AWS WAF stands out among its competitors for a number of reasons. Two major ones are its user-friendly interface and its integration capabilities.

    Kavin K., a security analyst at M2P Fintech, writes, “I believe the most impressive features are integration and ease of use. The best part of AWS WAF is the cloud-native WAF integration. There aren't any hidden deployments or hidden infrastructure which we have to maintain to have AWS WAF. AWS maintains everything; all we have to do is click the button, and WAF will be activated. Any packet coming through the internet will be filtered through.”

    F5 Advanced WAF is a web application security solution for financial and government sectors, e-commerce, and public-facing websites. It offers protection against various attacks, including botnets, web scraping, and foreign entities. The solution can be deployed on-premises or in the cloud and is often used with other security tools. Its most valuable features include DDoS and DNS attack protection, SSL uploading, anomaly detection, and the ability to input custom rules. 

    F5 Advanced WAF has helped organizations to expose more services to the public while providing an extra layer of protection, preventing revenue loss, and securing connectivity.

    Sample Customers
    eVitamins, 9Splay, Senao International
    MAXIMUS, Vivo, American Systems, Bangladesh Post Office, City Bank
    Top Industries
    REVIEWERS
    Computer Software Company25%
    Manufacturing Company13%
    Energy/Utilities Company8%
    Media Company8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm13%
    Manufacturing Company7%
    Comms Service Provider6%
    REVIEWERS
    Financial Services Firm34%
    Computer Software Company25%
    Non Tech Company6%
    Media Company6%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm15%
    Government7%
    Comms Service Provider7%
    Company Size
    REVIEWERS
    Small Business37%
    Midsize Enterprise20%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise14%
    Large Enterprise64%
    REVIEWERS
    Small Business31%
    Midsize Enterprise24%
    Large Enterprise45%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise16%
    Large Enterprise65%
    Buyer's Guide
    AWS WAF vs. F5 Advanced WAF
    March 2024
    Free Report: AWS WAF vs. F5 Advanced WAF
    Find out what your peers are saying about AWS WAF vs. F5 Advanced WAF and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    768,740 professionals have used our research since 2012.

    AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while F5 Advanced WAF is ranked 3rd in Web Application Firewall (WAF) with 54 reviews. AWS WAF is rated 8.0, while F5 Advanced WAF is rated 8.6. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of F5 Advanced WAF writes "Flexible configuration, reliable, and highly professional support". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, Imperva Web Application Firewall, Cloudflare Web Application Firewall and Fortinet FortiWeb, whereas F5 Advanced WAF is most compared with Fortinet FortiWeb, Microsoft Azure Application Gateway, Imperva Web Application Firewall, F5 BIG-IP Local Traffic Manager (LTM) and Prisma Cloud by Palo Alto Networks. See our AWS WAF vs. F5 Advanced WAF report.

    See our list of best Web Application Firewall (WAF) vendors.

    We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.