No more typing reviews! Try our Samantha, our new voice AI agent.

HAProxy vs Symantec Web Application Firewall comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cloudflare Web Application ...
Sponsored
Ranking in Web Application Firewall (WAF)
7th
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
26
Ranking in other categories
No ranking in other categories
HAProxy
Ranking in Web Application Firewall (WAF)
14th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
48
Ranking in other categories
Application Delivery Controllers (ADC) (2nd), Distributed Denial-of-Service (DDoS) Protection (7th), Bot Management (6th), Service Mesh (3rd)
Symantec Web Application Fi...
Ranking in Web Application Firewall (WAF)
31st
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
4
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Web Application Firewall (WAF) category, the mindshare of Cloudflare Web Application Firewall is 4.0%, down from 5.8% compared to the previous year. The mindshare of HAProxy is 2.0%, down from 2.5% compared to the previous year. The mindshare of Symantec Web Application Firewall is 0.8%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Web Application Firewall (WAF) Mindshare Distribution
ProductMindshare (%)
Cloudflare Web Application Firewall4.0%
HAProxy2.0%
Symantec Web Application Firewall0.8%
Other93.2%
Web Application Firewall (WAF)
 

Featured Reviews

DB
CTO at PlayNirvana
Advanced security reporting has protected high-traffic betting platforms from constant attacks
I don't see room for improvement to Cloudflare Web Application Firewall. One thing I don't know much about because we have a dedicated IT team for that, and I'm not involved with Cloudflare much anymore. But if I were to compare them to F5, I would like to see more features that F5 offers. F5 has an option to bring the whole infrastructure, the whole WAF and all their packages, Bot Management, and everything else on your infrastructure. You need to install certain services from their side, and then you can choose if you would like requests to hit your servers immediately or if requests need to be proxied through F5 backbone. That would be a nice addition because we have 90% of the traffic as legit traffic coming from whitelisted servers. If it comes from whitelisted servers, I don't need to go every request through the backbone; I could easily just IP whitelist everything. Then I could maybe have Bot Management on my infrastructure that drastically reduces the price of Cloudflare. I would like to see Push CDN more improved in the next release of Cloudflare Web Application Firewall. And maybe something similar to Pushpin that Fastly has, which is an option where you can push messages that then can be scaled globally over the network. From our perspective, if we have a listener that listens for stock updates, I would just need to have one processor that pushes those updates to the Cloudflare API, and then Cloudflare would broadcast that message to all listeners. Cloudflare will check the order of the message, and if you, as a customer, are not connected or have some kind of network issue, when you reconnect, you will receive the latest state and missing updates.
Shrinivas Devarkonda - PeerSpot reviewer
Head of DevOps at TripFactory
Handles high traffic efficiently and simplifies complex routing with rule-based logic
I think HAProxy is good as it stands now, but I believe there could be improvements. gRPC has recently been implemented, which is great, along with TLS 1.2 and 1.3 support, and HTTP 2.0 is also available. However, I'm unsure about the benchmark of those HTTP 2.0 requests on HAProxy. If there were any other protocol with better performance than HTTP 2.0, or perhaps mTLS and other similar features, including that in HAProxy would be really great. For improvements, I think that during setup and configuration, the steps provided are neat and clear. Anyone can easily install and configure it. There are many kernel tuning parameters also available, which is great. For specific improvement, in terms of logging, I think printing the full object of the request may help, or if there's a way to reference two requests, it would be beneficial to find a complete session history from a logged-in customer, as it would help analyze customer and user analytics.
Vatsal Mehta - PeerSpot reviewer
Director, Co-Founder & CEO at HEDEHI Solutions Pvt. Ltd.
Boosts Security Measures with Easy Deployment and Implementation
Regarding areas for improvement in Symantec Web Application Firewall, I think they can enhance the features they currently focus on, as there are various types of web applications, and it would be great if they could develop features to cater to all these types. For example, a feature to scan for unauthorized plugins or extensions could let us know if those extensions are authorized, unauthorized, or malicious. There's room for improvement in Symantec Web Application Firewall by introducing AI into their dashboard so that we can query the dashboard and fetch data insights, similar to querying ChatGPT for answers. They currently have this feature but can make improvements for better querying to get insights.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Technical support has a very fast response time and they are helpful."
"The initial setup process is simple."
"Someone with a basic understanding of networking and security will be able to implement the firewall's basic features within 15 minutes."
"I'm highly satisfied. It's remarkably user-friendly, enabling me to quickly identify issues, and deploy solutions, and it offers the necessary features."
"The security features are valuable. The particular feature we use is called OWASP."
"The impact of Cloudflare Web Application Firewall's integration with existing web technologies on our site's performance and security measures is quite great, actually."
"We like that there's load balancing, firewall capabilities, DDoS protection, et cetera, all covered by Cloudflare."
"Cloudflare is cheaper compared to Azure WAF, which I have considered before."
"I can simplify configurations of many internal services (e.g. Web server configs) by moving some elements (like SSL) to HAProxy. I can also disable additional applications, like Varnish, by moving traffic shaping configurations to HAProxy."
"HAProxy enabled better performance at lower costs, which allowed us to provide more stability to our clients."
"Very good value for the money. One of the simplest licensing schemes in this category of products."
"Since the deployment is very easy and the open-source functionality saves a huge amount of cost in terms of project deployment."
"Others should try it out for sure. It’s a great solution backed by a very smart set of technical folks."
"It is stable. Period. Will not fail unless you do something wrong."
"HAProxy positively impacted our organization by exceeding scalability expectations, initially projected at 200k requests but ultimately handling over 15 million transactions per second without any issues."
"The main difference between HAProxy and other solutions on the market is that it is open source."
"The solution has an up-to-date data repository to deal with external threats."
"The setup was straightforward."
"The interface is user-friendly."
"It provides us with a sense of security."
"This product is doing what it should and what we are expecting from it."
"The best feature of Symantec Web Application Firewall is that it is very easy to use, and the deployment and implementation processes are really easy."
 

Cons

"The user interface is very simple and straightforward, but users need knowledge about DNS to accomplish tasks."
"They have some limitations with third-party integrations."
"Their documentation could be better. They don't have documentation that explains everything well. They have documentation for everything you're looking for, but they lack a single piece of documentation to tie everything together. As a new user or beginner, it took us a little bit of time to figure out how to put all these things in place."
"Cloudflare Web Application Firewall should improve visibility for a customer."
"The rate limiting functionality could be enhanced, as we find it somewhat limited."
"We have noticed some latency when the call goes through the firewall. That could be improved."
"If they add logs history within the Cloudflare offering, that would be a great benefit."
"Cloudflare Web Application Firewall should include port forwarding features."
"I'm unsure about the benchmark of those HTTP 2.0 requests on HAProxy."
"I would like to evaluate load-balancing algorithms other than round robin and SSL offloading. Also, it would be helpful if I could logically divide the HAProxy load-balancing into multiple entities so that I would install one HA Proxy LB application which could be used for different Web servers for different applications. I am not sure if these features are available."
"The product should have more security and dashboard functionality for monitoring so that any administrator can see the usability and track all the incoming and outgoing requests."
"The solution has bad performance issues."
"The tech support is good however, there are sometimes delays in resolving issues because when there is a shift change there doesn't seem to be any communication between the support staff and we are constantly having to repeat our issues to the next person."
"The configuration syntax is powerful yet can become overwhelming for newcomers; a more beginner-friendly interface or a native GUI without relying on third-party tools would ease the onboarding process."
"There are three main areas to improve: 1) Make remote management more modern by adding API. 2) Propose a general HA ​solution for HAProxy (no I'm using keepalived for this). 3) Thread option should be a bit more stable."
"The only area that I can see needing improvement is the management interface, since it is pretty much all through the CLI or configuration."
"There's room for improvement in Symantec Web Application Firewall by introducing AI into their dashboard so that we can query the dashboard and fetch data insights, similar to querying ChatGPT for answers."
"On a scale from one to 10, I would give it a five. I'm not convinced that it's necessarily the best solution going forward in the future."
"One of our issues is that sometimes scanning slows down the endpoints."
"It would be an improvement if the management dashboards were not reliant upon Java."
 

Pricing and Cost Advice

"The pricing model is very straightforward compared to the competition. You just pay per month for the product and usage."
"We pay $210 per month for CloudFlare WAF."
"The annual licensing fee is $10,000 USD."
"The solution's pricing option needs to be more transparent for enterprise clients."
"It is not too pricey."
"The solution is expensive."
"Cloudflare Web Application Firewall is more affordable than other solutions."
"Cloudflare offers different types of subscriptions for businesses, enterprises, and personal users, and the pricing is negotiable."
"HAProxy is free in the initial offer. However, pricing can be improved."
"The licensing fee for the solution is $690 per unit annually."
"The tool is open-source."
"I use the open-source version of the product. I don't have experience with the licensed version of the solution."
"HAProxy is an open-source solution."
"The product is open source."
"HAProxy is a free open-source solution."
"I think that the pricing is very fair, I would definitely recommend buying the Enterprise license."
Information not available
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
17%
Financial Services Firm
9%
Comms Service Provider
9%
Manufacturing Company
7%
Computer Software Company
11%
Financial Services Firm
10%
Comms Service Provider
10%
Manufacturing Company
10%
No data available
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business16
Midsize Enterprise6
Large Enterprise6
By reviewers
Company SizeCount
Small Business18
Midsize Enterprise15
Large Enterprise16
No data available
 

Questions from the Community

What needs improvement with Cloudflare Web Application Firewall?
I don't see room for improvement to Cloudflare Web Application Firewall. One thing I don't know much about because we...
What is your primary use case for Cloudflare Web Application Firewall?
We are using Cloudflare Web Application Firewall's advanced reporting and analytics tools with their Zero Trust, so e...
Do you recommend HAProxy?
I do recommend HAProxy for more simple applications or for companies with a low budget, since HAProxy is a free, open...
What is your experience regarding pricing and costs for HAProxy?
Since we used the open-source version, we were not concerned about pricing, setup cost, or licensing.
What needs improvement with HAProxy?
HAProxy already provides many of the features that other solutions in the market are providing, such as Nginx, so I d...
What needs improvement with Symantec Web Application Firewall?
Regarding areas for improvement in Symantec Web Application Firewall, I think they can enhance the features they curr...
What is your primary use case for Symantec Web Application Firewall?
Our use case for Symantec Web Application Firewall is primarily for security purposes as we develop web application s...
What advice do you have for others considering Symantec Web Application Firewall?
I would recommend Symantec Web Application Firewall to other users due to all the benefits I mentioned earlier, such ...
 

Also Known As

Cloudflare WAF
HAProxy Community Edition, HAProxy Enterprise Edition, HAPEE
Symantec WAF, Blue Coat Protecting Web Applications
 

Overview

 

Sample Customers

crunchbase, udacity, marketo, okcupid, zendesk
Booking.com, GitHub, Reddit, StackOverflow, Tumblr, Vimeo, Yelp
Information Not Available
Find out what your peers are saying about HAProxy vs. Symantec Web Application Firewall and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.