


Prisma Cloud by Palo Alto Networks and F5 Rules for AWS WAF compete in cloud security. Prisma Cloud appears to have the advantage in features, while F5 Rules offer better pricing flexibility.
Features: Prisma Cloud offers comprehensive cloud workload protection, advanced AI-driven threat detection, and extensive integration capabilities. F5 Rules provide customizable security rules tailored for AWS environments, excellent precision in AWS deployments, and enhanced control over specific security parameters.
Ease of Deployment and Customer Service: Prisma Cloud allows seamless deployment across multi-cloud environments with robust customer support. F5 Rules feature straightforward AWS integration but experience varying support responsiveness. Deployment with Prisma Cloud is flexible across different clouds compared to F5 Rules' AWS-centric ease.
Pricing and ROI: Prisma Cloud's higher upfront costs promise strong ROI through its extensive features. F5 Rules offer a cost-effective model with flexible pricing, ideal for tight budgets. Although F5 Rules present a lower entry cost, Prisma Cloud's protection mechanisms justify its price for those prioritizing comprehensive security.
My experience with the pricing or licensing of Cloudflare Web Application Firewall is that many features can be accessed for free, so the pricing is definitely reasonable.
I observed around 35 to 45% reduction in malicious application layer traffic reaching the origin, which helped protect the backend systems and reduce risk exposure.
One measurable benefit was a reduction in manual effort required for managing and tuning web application protection policies because the managed rule capabilities and centralized visibility simplified the day-to-day operations.
I did see a return on my investment with F5 Rules for AWS WAF because I was able to detect attacks earlier, and because of this, my resources were not scaling continuously, thus saving costs on resources.
It eliminates the need for additional hardware, making it a financially and technically sound investment.
Reputation and data security are the two most important things to a financial institution.
We may have prevented a security breach with remediation of the findings.
I would rate the technical support with Cloudflare as excellent every time I've had to contact them.
The technical support of Cloudflare Web Application Firewall rates between five and seven at maximum.
They clearly explained what the best options are based on my use case, which helped us shortlist what is required.
The support team generally demonstrates strong technical knowledge around application security and traffic management, along with the AWS integrations.
For critical issues, the response time is quite good, and the support teams are knowledgeable in handling rule tuning, false positives, and other security-related incidents.
They can respond with technical documentation or pass on the case to the next level because it requires the development of a new feature or changing a feature due to a bug.
Anywhere we raise a tech case, they revert back within an hour.
I would give them 10 out of 10.
The scalability of Cloudflare Web Application Firewall rates between 8 to 9, as it depends upon the use cases and what exactly the client needs.
In my experience, F5 Rules for AWS WAF handles traffic spikes and high request volumes efficiently, including during attack scenarios such as bot surges or application layer attacks.
Easily handling traffic spikes and high-volume attacks without any manual intervention.
It supports scaling without significantly affecting application performance even during high traffic periods or sudden spikes in requests.
Scalability-wise, I rate the solution a nine out of ten.
We haven't had any issues scaling the solution.
There aren't any limits to Prisma Cloud's scalability.
The stability of Cloudflare Web Application Firewall deserves a perfect 10 out of 10.
F5 Rules for AWS WAF is consistently updated and applied without impacting application availability, and it handles high traffic volumes effectively, even during attack scenarios.
Especially in terms of policy enforcement, traffic inspection, and integration with AWS environments.
Providing comprehensive managed rules coverage and reducing operational overhead compared to the AWS native managed rules.
I would rate it a ten out of ten for stability.
Most of the time, when the client requires data, it is not available.
The cloud environment is dynamic, so the tool must be dynamic.
The product can improve by having more multitenancy capability, which is currently not available.
I think they're doing a good job with DNS and as support for any domains that I create or that my clients create, it's mandatory for me to ensure they have Cloudflare as their DNS provider.
And maybe something similar to Pushpin that Fastly has, which is an option where you can push messages that then can be scaled globally over the network.
To stay safer from a security perspective, continuous improvisation in these security rules is required to ensure we are always up to date with new attacks.
The most useful change for F5 Rules for AWS WAF would be rule-level allow listing and exception management.
Fine-tuning it to match specific application behavior can sometimes be complex and time-consuming, especially for teams without deep WAF expertise.
Prisma Cloud is an excellent tool.
We could have deployed the runtime monitoring with Prisma Cloud by Palo Alto Networks, but within our organization at our company, it was very difficult to find who would be the owner for the alerts.
Even though documentation was available, it took a while for a new person to understand what integration meant, what will be achieved after the integration, or how the integration needed to be done on the Azure or AWS side.
It has competitive pricing.
There is no significant setup cost involved, as it is a managed service that can be quickly integrated into the existing AWS WAF configuration without additional infrastructure.
F5 Rules for AWS WAF is not very costly and is reasonable, with enterprises being able to afford the cost.
The cost was not on the higher side.
If you are using a single tool like Prisma Cloud, with a single license, you can monitor all environments, such as Google Cloud, Azure, AWS, and Oracle Cloud.
The pricing for what we are using is pretty good.
The custom rules and the geo-redundant geographical rule feature, which allows me to implement geographical rules for customers, add significant value.
The best features of Cloudflare Web Application Firewall are multiple, including the WAF, rate limiter, and bot attack protection.
Cloudflare Web Application Firewall's advanced reporting and analytics tools add a layer that we're able to visualize and see before it actually hits the local firewall.
Now, looking at these rule sets, they ensure that our origin or our application content and code, as well as the application itself or its API, are secure enough, always.
F5 Rules for AWS WAF rule sets are highly effective in detecting and mitigating OWASP Top 10 attacks such as SQL injection, XSS, and command injection, which significantly strengthens application security.
Using F5 Rules for AWS WAF has positively impacted my organization by making our AI-integrated application more secure from bot attacks, restricted size bodies, automated rate blocking for DDoS, and managed rules, especially as security has become a common concern across the industry.
The solution offers very good configuration capabilities. It can show you how to resolve and remediate issues, and you can pull reports that will show you everything you need to know.
Prisma Cloud provides us with a single tool to protect all of our cloud resources and applications without having to manage or reconcile disparate security and compliance reports.
Prisma Cloud's real-time detection and monitoring of our entire system is the most useful.
| Product | Mindshare (%) |
|---|---|
| Cloudflare Web Application Firewall | 4.0% |
| Prisma Cloud by Palo Alto Networks | 1.9% |
| F5 Rules for AWS WAF | 0.4% |
| Other | 93.7% |

| Company Size | Count |
|---|---|
| Small Business | 16 |
| Midsize Enterprise | 6 |
| Large Enterprise | 6 |
| Company Size | Count |
|---|---|
| Small Business | 4 |
| Midsize Enterprise | 1 |
| Large Enterprise | 6 |
| Company Size | Count |
|---|---|
| Small Business | 37 |
| Midsize Enterprise | 21 |
| Large Enterprise | 58 |
Cloudflare Web Application Firewall integrates DDoS protection, load balancing, and firewall capabilities. Its ease of use, configurability, and robust security measures make it a versatile choice for protecting web applications.
Cloudflare Web Application Firewall provides a comprehensive defense against threats with advanced reporting and robust security measures. It includes DNS integration, rate limiting, and extensive rule sets, all within a SaaS model that allows API configurability. Users value its caching, scalability, and pricing, although enhancements are needed in rate-limiting and third-party integration. Improvements in customer support, especially in India, real-time controls, and user documentation are also desired. Users seek a more intuitive dashboard, better log management, and improved alert systems, along with multitenancy capabilities and enhanced reporting.
What are the key features of Cloudflare Web Application Firewall?Cloudflare Web Application Firewall finds application in industries like banking and retail by acting as a comprehensive security gateway, managing authentication and authorization while protecting web applications from malicious Layer 7 traffic. It also implements load balancing, CDN, and zero-trust policies, supported by advanced reporting, analytics tools, and threat scoring to meet specific industry needs.
F5 Rules for AWS WAF provides advanced web application protection tailored to secure applications hosted on AWS, offering dynamic defenses against evolving threats.
This solution offers a robust set of rules designed to enhance AWS WAF capabilities, delivering specialized protections against complex web threats. F5 Rules dynamically guard against emerging vulnerabilities, ensuring comprehensive threat mitigation. It's crafted to integrate seamlessly with AWS environments, making it fast and easy to deploy, manage, and scale as compared with legacy alternatives, providing users a manageable and comprehensive security layer for their applications.
What are the key features of F5 Rules for AWS WAF?In industries such as finance, healthcare, and retail, F5 Rules have been implemented to protect sensitive data and online transactions. This helps ensure compliance with industry regulations while maintaining performance and uptime for web applications.
Prisma Cloud by Palo Alto Networks provides comprehensive cloud-native security solutions. It covers dynamic workload identity, automated forensics, and multi-cloud protection, ensuring robust security across diverse cloud platforms.
Prisma Cloud delivers advanced capabilities for managing cloud security across AWS, Azure, and GCP platforms. It offers dynamic workload identity creation, real-time monitoring, and seamless integration into CI/CD pipelines. With automation, centralized dashboards, and enhanced visibility, users effectively manage security misconfigurations and vulnerabilities. While optimizing cloud environments through runtime protection and compliance, Prisma Cloud faces challenges with its navigation, pricing, and limited automation capabilities. Users seek improvements in API security, role-based access controls, and documentation quality, emphasizing the need for enhanced customization and reporting features.
What are the important features of Prisma Cloud?
What benefits or ROI should users consider in reviews?
Industries like finance and telecom rely on Prisma Cloud for managing cloud security posture and container security. Teams utilize its capabilities across hybrid and multi-cloud settings to ensure compliance and robust threat protection. Features like misconfiguration detection and runtime monitoring are critical in promoting security objectives in these sectors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.