Find out in this report how the two Distributed Denial-of-Service (DDoS) Protection solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
Operational efficiency has improved; we no longer have staff consistently monitoring backend servers during deployment or scaling events, as HAProxy's health checks and hitless reloads allow us to push changes with minimal manual intervention.
This resulted in a drastic decrease in costs and, at the same time, the accuracy of the hits coming on HAProxy was almost around 100% or 99.99%.
I estimate seeing a return on investment with HAProxy, as it significantly reduced staff requirements and enhanced scaling capabilities, particularly when transitioning from NGINX, which faced issues.
The responses are generally fast and effective.
The customer service is excellent, and I rate it ten out of ten.
Since we are utilizing the open-source edition, community forums, mailing lists, and GitHub have been invaluable, with typically someone having encountered the same problems we faced.
My interactions with HAProxy's customer support were limited, but the feedback from my team indicated satisfactory service.
The solution is highly scalable, allowing me to add or remove nodes and manage traffic without interruption, which is essential for meeting application demands.
We manage an automatic load balancing feature where we add HAProxy servers dynamically behind the application load balancer to handle more traffic.
HAProxy's scalability is excellent; as our traffic expands, it handles load increases effortlessly.
For scalability, HAProxy meets my needs, supporting our initial horizontal scaling and then adapting to vertical scaling in a VMware environment.
This reliability serves as a key reason for our choice, providing us with confidence even when faced with heavy traffic.
The hot reload feature of HAProxy also really helped us so that we never had to shut it down to reload it.
We have reduced a lot of servers, replacing them with one or two HAProxy servers which deliver better performance, accuracy, and an almost 100% success rate with requests.
Having advanced technology similar to other vendors like Palo Alto for zero-day attack prevention would be valuable.
The appliance and features could be enhanced further, especially in terms of security.
The configuration syntax is powerful yet can become overwhelming for newcomers; a more beginner-friendly interface or a native GUI without relying on third-party tools would ease the onboarding process.
An easier desktop interface to connect to a remote server and make changes on my PC would be beneficial.
The reloading functionality is effective as it allows soft reloads without interrupting traffic patterns.
The standard license is reasonably priced, but additional features like the WAF can be more expensive.
If considering a one-stop solution that provides load balancing, DNS security, AAA authentication, and firewalling on the same hardware, the cost is reasonable.
Since we use the open-source edition, there are no licensing fees, with the main cost being the infrastructure running on EC2 instances in AWS, which helps maintain low expenses.
Setting up HAProxy didn't cost anything for me.
The pricing remains competitive compared to other vendors.
The solution provides behavioral analysis via AI to detect malicious traffic.
The most valuable features for me are stability, availability, and security, along with the ability to manage multiple features to secure my applications.
By moving all SSL termination to the load balancer, I now manage certificates in a single place, and I can also utilize Let's Encrypt with HAProxy's built-in ACME support, making renewal automatic.
HAProxy positively impacted our organization by exceeding scalability expectations, initially projected at 200k requests but ultimately handling over 15 million transactions per second without any issues.
As a production engineer at that time, I definitely wanted to ensure that the system could handle massive connections, especially since we operated an e-commerce platform where we could not lose any customer calls.
| Product | Market Share (%) |
|---|---|
| HAProxy | 1.5% |
| F5 BIG-IP Advanced Firewall Manager (AFM) | 1.2% |
| Other | 97.3% |
| Company Size | Count |
|---|---|
| Small Business | 8 |
| Midsize Enterprise | 5 |
| Large Enterprise | 14 |
| Company Size | Count |
|---|---|
| Small Business | 17 |
| Midsize Enterprise | 15 |
| Large Enterprise | 16 |
F5 BIG-IP Advanced Firewall Manager (AFM) is a high-performance, full-proxy network security solution designed to protect networks and data centers against incoming threats that enter the network. Built on F5’s industry-leading BIG-IP hardware and software platforms, BIG-IP AFM provides a scalable platform that delivers the flexible performance and control needed to mitigate aggressive distributed denial-of-service (DDoS) and protocol attacks before they overwhelm and degrade applications and infrastructure availability.
For service providers, BIG-IP AFM IPS does even more, protecting the network edge and performing traffic inspection and protocol adherence for prevalent service provider protocols such as SS7, Diameter, HTTP/2, GTP, SCTP and SIP traffic coming into the network over UDP, TCP, and SCTP.
HAProxy is considered by many in the industry to be one of the fastest and most popular and trusted software load balancer products in the marketplace today. Organizations are able to immediately deploy HAProxy solutions to enable websites and applications to optimize performance, security, and observability. HAProxy solutions are available to scale to any environment.
HAProxy is an open-source product and has a robust, active, reliable community. The solutions are continually tested and improved on by the community. HAProxy offers a dynamic design to support the most modern architectures, microservices, and deployment environments (appliances, containers, virtual, and cloud).
HAProxy utilizes a cloud-native protocol, which makes it a complete solution for cloud services such as Red Hat OpenShift, OVH, Rackspace, Digital Ocean, Amazon Web Services (AWS), and more. It also can be used as the reference load balancer in OpenStack.
HAProxy Products
Reviews from Real Users
“Having the right load balancing solution – which is what HAProxy is – and protection in place gives organizations peace of mind.” - Nathanel S., Platform Architect at SES
“I use HAProxy for individuals who can not buy low balancers. I built NFV in a box and send individuals a pathway into an HAProxy VM. The setup was not difficult; it usually takes a day to complete for a VPC. When it comes to pricing, HAProxy is free.” - Nasir O., Network & Cloud Architect at Koala Compute Inc.
We monitor all Distributed Denial-of-Service (DDoS) Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
