We performed a comparison between Barracuda Web Application Firewall, Checkmarx One, and F5 BIG-IP Local Traffic Manager (LTM) based on real PeerSpot user reviews.
Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF)."The solution offers multiple security features. There are machine learning features and great URL encryption. It also offers multi-protocol support against DDoS attacks."
"Has a good dashboard."
"The product has fantastic support services."
"If an attack is coming continuously, you can ask the device to block it temporarily for two to three minutes. F5 has not provided us with an option to block certain IPs for some time. Barracuda can help you block someone if the source is from a different IP. You can apply the rule to the device and block it for whatsoever time you want. The solution will unblock the IP after the prescribed time as well."
"The volumetric DDoS defense is very good because I had a problem with a lot of volumetric DDoS attacks on my servers. After using Barracuda, those attacks have stopped and all the traffic is going smoothly to my servers and the system is working really well."
"The most valuable features are the client VPN and content filtering."
"Setup of this solution is straightforward. It's a stable and scalable solution, with good performance and fast technical support."
"The solution is user-friendly and easy to set up."
"Helps us check vulnerabilities in our SAP Fiori application."
"The product's most valuable feature is static code and supply chain effect analysis. It provides a lot of visibility."
"It can integrate very well with DAST solutions. So both of them are combined into an integrated solution for customers running application security."
"The most valuable feature is the application tracking reporting."
"Both automatic and manual code review (CxQL) are valuable."
"We use the solution for dynamic application testing."
"It shows in-depth code of where actual vulnerabilities are."
"The main thing we find valuable about Checkmarx is the ease of use. It's easy to initiate scans and triage defects."
"The detail that you have available when setting up iRules."
"It helps us recognize sessions from certain IPs that are authorized to manage the application. This is a function we haven't found anywhere else."
"Initial setup was straightforward. We were up and running in three hours."
"The solution is very easy to use and easy to understand. It's quite an intuitive system."
"Traffic Learning is the most valuable feature."
"I think F5's tech support may be better than Citrix's because they mainly focus on the ADC product, but Citrix support covers Hypervisor, XenMobile, FAS, and ADC. And from my experience, sometimes, we face some issues that Citrix cannot handle."
"It integrates with AWS WAF, which makes it easy to deploy without changes to your infrastructure."
"The value and impact of using F5 BIG-IP LTM for application delivery control in our organization are significant."
"The policy updates could be improved."
"Sometimes when we put it in action, we have some blogs that appear as false positives. I think that it's improving. Barracuda should minimize false positives."
"One of Barracuda's limitations is its user interface. The GUI for configuration is not intuitive and has remained largely unchanged for the past 10 to 12 years."
"While the UI is good, it can get a little bit complicated."
"The solution needs to leverage some additional features to a broader scale of software-defined networks."
"They could improve their performance, support, and their upgrades. Their updates used to be good. Their improvements were right on the money but nowadays, the updates are minor."
"I have issues with the load balancing of the solution which is slow. The connection pooling in Barracuda also doesn't work. There is an issue when someone needs access to a site quickly. The issue is with HTTPS services. I am not sure if they have changed all these in the solution’s latest version."
"We've had some blocks of the application and some false positives."
"I think the CxAudit tool has room for improvement. At the beginning you can choose a scan of a project, but in any event the project must be scanned again (wasting time)."
"The resolutions should also be provided. For example, if the user faces any problem regarding an installation due to the internal security policies of their company, there should be a resolution offered."
"They should make it more container-friendly and optimized for the CI pipeline. They should make it a little less heavy. Right now, it requires a SQL database, and the way the tool works is that it has an engine and then it has an analysis database in which it stores the information. So, it is pretty heavy from that perspective because you have to have a full SQL Server. They're working on something called Checkmarx Light, which is a slim-down version. They haven't released it yet, but that's what we need. There should be something a little more slimmed down that can just run the analysis and output the results in a format that's readable as opposed to having a full, really big, and thick deployment with a full database server."
"Checkmarx could improve by reducing the price."
"They could work to improve the user interface. Right now, it really is lacking."
"When we first ran it on a big project, there wasn't enough memory on the computer. It originally ran with eight gigabytes, and now it runs with 32. The software stopped at some point, and while I don't think it said it ran out of memory, it just said "stopped" and something else. We had to go to the logs and send them to the integrator, and eventually, they found a memory issue in the logs and recommended increasing the memory. We doubled it once, and it didn't seem enough. We doubled it again, and it helped."
"If it is a very large code base then we have a problem where we cannot scan it."
"We want to have a holistic view of the portfolio-level dashboard and not just an individual technical project level."
"The user experience for dashboards and reports can be improved. They should make dashboards and the reporting system easier for users. They need to add more reports to the dashboard. Currently, for complicated reports, I have to do the customization. It should have more integration with network firewalls to be able to gather all the information required for traffic management."
"Not everything is intuitive."
"In terms of what could be improved, I would expect more integration with different platforms and more integration with the backend systems. Additionally, in the next release, I would like a more secure version."
"Technical support is somewhat slow and could be improved."
"There is a challenge in Pakistan. This is when there is a hardware failure. Sometimes, it takes more time to get a replacement because it is sent out from the U.S. or some other regional outpost. Thus, it takes two to three days to receive a replacement."
"There are not very many areas for improvement, but the price is high."
"If we decide to migrate to the cloud, I don't think that BIG-IP is a good solution and we probably won't use it."
"The solution's initial setup process was quite complex. I"
More Barracuda Web Application Firewall Pricing and Cost Advice →
More F5 BIG-IP Local Traffic Manager (LTM) Pricing and Cost Advice →