F5 Advanced WAF Reviews

In Pakistan, the banking and financial sector requires F5 WAF solutions. I worked with other companies that had more clients, but my current company is a start-up. We have Palo Alto business, but we're trying to get F5 business.

F5 products are highly stable, top-notch solutions, and we have also the expertise to deploy and design the F5 and Palo Alto product lines. I have more than 10 years of experience with F5 and Palo Alto. I have deployed around F5 products for around seven or eight customers of F5.

F5 should consider adding network detection and response.

We have been using F5 solutions for two years, including load balancers and Advanced WAF.

Advanced WAF is highly stable.

F5 products are scalable, and they have an excellent R&D department. Their product is constantly maturing.

F5 technical support is excellent. They are experts who always provide the right solution, and they understand the problem. Their response and resolution times are good.

Advanced WAF is a difficult product for new users, but it's not too challenging if you have experience. Nevertheless, F5 products are generally considered to be hard to deploy. 

F5's hardware product line is called BIG-IP, and they have many software licenses for IP DNS, Advanced WAF, APM, anti-spam, etc. We have around 10 licenses.

I rate F5 Advanced WAF 10 out of 10. I would highly recommend the entire F5 product line.

Our company installs the solution for customers who require more features than are available with FortiADC. 

One of our customers is a bank that has API for both web and mobile applications. We use the solution to load balance and provide protection for the API requests that come from customers to the application server. With more than 200,000 DNS requests per second, the solution's advanced features are the best fit to the customer's needs. 

The solution uses AI to protect against botnet attacks. 

The solution has a vCMP-like feature that allows you to visualize more than two  TMOS at the same time on your hardware. This feature is not available with other solutions. 

The solution should include protection against web page attacks like what is available in FortiWeb. 

The solution should integrate with Kubernetes. I believe there is a new ADC planned for the end of 2022 that will accomplish this goal. 

I have been using the solution for six years. 

The solution is super stable with extra chassis space. 

We sometimes use solution to its maximum capacity and it is still stable with no crashes. 

The solution is super scalable. 

FortiADC is a good solution for small or mid-sized companies but F5 can handle the largest companies. 

Across all of our customers, we have more than a million users at the same time with no issues.

I have not needed technical support. 

The initial setup is more complex than FortiADC and takes about twice the amount of time. 

Our company provides setup and deployment for our customers. 

The solution is very expensive so should only be used in the right environment. I believe each device costs around $20,000 and includes a three-year license. 

I rate the cost a ten out of ten. 

We do not consider other options for large companies but do install FortiADC for small to mid-sized companies. 

It is important to know your network and assess your needs such as dust protection, VAT, and load balancing before deciding if FortiADC or F5 are the best solution.  

F5 is expensive so is only appropriate for large companies with high-level use. 

I rate the solution a nine out of ten. 

It protects our public entities. Its use case is very directed at a resolution of security.

It protects our environment. It protects our entities.

Identification, ease of use, and ease of modifying it to most of our needs are valuable.

There should be more ability to rate limit certain scenarios. The majority of the time, it is either on or off. For certain types of use cases, there should be the ability to rate limit, not just enable or disable.

It is a very CPU-intensive application. I understand why, but I'm hoping that they could optimize the CPU utilization a little bit better.

I have been using this solution for eight years.

It is stable.

It is very scalable for what we need. It is a public-facing service. So, everybody on the internet would be able to utilize this type of service.

We are exploring areas to increase its usage.

I would rate them an eight out of ten.

Positive

We used other public entities for similar use cases.

It is pretty straightforward. A typical setup for these types of projects takes three months.

It is all done in-house. We do everything in-house. 

In its maintenance, I and other people are involved. The daily operations, which include modifying policies, are up to the individual application owners because they understand their applications a lot better than I or our standard operating team would. So, their usage might go higher than mine.

We have very much seen an ROI. It protects our revenue stream.

The way we deployed it, I would rate it a four out of five in terms of pricing.

I would advise doing your homework. It could be very simplified, or it could be very complex, but definitely, do your homework with the owners of the application because they understand the application more than certain people.

I would rate this solution an eight out of ten.

The most valuable features of F5 Advanced WAF are SSL uploading, signature, and anomaly detection. It is overall a high-quality solution.

The solution could improve by having an independent capture module. It has a built feature that you can deploy the capture on your published website. However, it's not very user-friendly. When you compare this feature to Google Capture or other enterprise captures, they are very simple. It needs a good connection to the F5 Advanced WAF sandbox. When you implement this feature in the data center, you may suffer some complications with connecting to the F5 Advanced WAF sandbox. This should be improved in the future.

I have been using F5 Advanced WAF for approximately 10 years. This includes my experience when the solution was  formerly named Advanced Security Module(ASM).

F5 Advanced WAF is an extremely stable solution.

I have found F5 Advanced WAF scalable.

Technical support is handy and useful when you have your contract available. Once you lose it, you are all alone and there is a penalty to extend your subscription.

I have used FortiWeb previously.

These products are not meant to be compared, because they are serving in different areas of expertise. When you are low on budget, it's better to use the FortiWeb. When you have a budget and want quality, it's most recommended to use the F5 Advanced WAF. We are talking about different classes of quality.

When you are using the F5 Advanced WAF for any reason, you have to employ an expert. It's not the same as other solutions, such as FortiWeb, it is not easy to use. It's an advanced device, and you have to have an advanced person to operate it. This is the biggest problem that F5 Advanced WAF.

The price of the solution is reasonable when compared with other products, such as FortiWeb. I am very satisfied with the price.

My advice to those wanting to implement F5 Advanced WAF is they will need to have an expert on any stage of operation. Then once they decide to use the F5 Advanced WAF they have to have very good expert advisors for choosing the product because there are a variety of license options, and you may spend more than what you need. 

In the implementation stage, you have to have experts. At least three experts for the implementation phase. When it comes to the operation, you can't have a temporary expert that comes and goes, you have to have the F5 Advanced WAF expert in your company. It's an advanced device. It's completely different from the FortiWeb and the other devices. It gives you lots of options but it's complicated to implement. You have to have an expert to support you.

I rate F5 Advanced WAF an eight out of ten.

We use it for ASM and ATF. I am working at the PCI company, and I am a manager of F5. I work with F5 WAF and ASF.

Currently, I use version 50.1.4, and I'm going to update to the new version, 50.144.1.

I like the solution for ASM. There is an online update certification, but access is locked so we couldn't use it.

I would like to see a better interface and better documentation compatibility with other products. It's more complicated with OWASP.

F5 has a learning university, but it's very complex. I teach other people, and it can be confusing with the different versions of software. It's very hard to support that.

I've been working with this solution for four years.

The product is very stable. It is a PCI company, so there are 10,000-12,000 people using the solution. 

My TLS connection is unlimited, so I have a lot of clients because of internet payments. All of the internet payments are behind the ASM for the F5.

It's scalable and very easy to manage.

I worked with FortiWeb for a few years. It's a good product, but it's not very good for a big company. So we decided to migrate to F5.

The initial setup is from a configuration utility.

I would rate this solution 9 out of 10.

In APM or IT intelligence, it's the best. But in the ASM model, it's not as good as a 40G for Palo Alto.

For me, the primary use case is to secure web applications from external threats, including cross-site scripting, SQL injection attacks, file inclusion vulnerabilities, and many more. The tool has simplified protection against web applications and recent threats that might be visible. If your applications are vulnerable, it gets protected by F5.

It is a very flexible solution. iRules is quite appealing when it comes to F5, and they apply it throughout their solution. BIG-IP is a known platform, and it is a part of F5 now. Application delivery or web application firewalls, F5 understands these terms and then suggests better data policies. But you have to do the work on your application's performance first. You have to look in the logs and understand the total attack you should prevent when we put it in the circuit protection mode, which works perfectly well.

iRules truly excites me because it has the ability to prevent the end-user and infrastructure from external threats.

Even if the F5’s default signatures and the default behavior are unable to help you, you can customize iRules to reach the objectives.

I don't like the management control of F5.

Moreover, if you are not an expert, it would be really difficult to set it up.

I have been using the product for fifteen years or more.

It is a stable solution.

It is definitely a scalable solution.

The initial setup is quite straightforward. I didn't experience any complexity. It could be difficult for somebody who is not familiar with application load balancers or web applications. It takes a month to understand the entire architecture. It primarily depends upon how great deployment could be.

It usually takes about five to seven days to configure and deploy the F5 Advanced WAF in production mode. It is essential to ensure that your configuration works properly before putting it into production mode.

When you have already designed it, it takes around five to seven days to set up. But it takes more than a month to understand the entire architecture of the F5.

I would rate it an eight out of ten.

F5 Advanced WAF can be deployed on-premise or in the cloud. When it comes to local governmental organizations, it's mostly on-premises solutions they use. However, we recommend using virtual ones.

F5 Advanced WAF is used for protecting applications.

The most valuable features of F5 Advanced WAF are the balancer and you can change policies very easily.

The overall price of F5 Advanced WAF could improve.

I have been familiar with F5 Advanced WAF for approximately one year.

I have not had any customers complaining about the stability.

F5 Advanced WAF is scalable.

The initial setup of F5 Advanced WAF is easy.

I rate the setup of F5 Advanced WAF a four out of five.

The ease of maintenance of F5 Advanced WAF depends from customer to customer. If the company had someone trained or they have an inside person who is reliable for this maintenance, they typically do not have any problems.

The price of F5 Advanced WAF could improve it is expensive.

There can be extra features added at an additional cost.

I rate the price of F5 Advanced WAF a three out of five.

Our clients pick this solution over others because it is one of the leading companies in the category.

I can recommend F5 Advanced WAF to any customer because we have experience, and referrals from customers using it within different models. If it comes to WAF, LTM, or whatever. I'm very happy to sell it because it is one of the leading vendors within its line. Our customers within the financial market, such as banking organizations, are very happy with it.

I rate F5 Advanced WAF a nine out of ten.

We are distributors in Vietnam. We consult for our customers and I am a Product Manager. We use F5 Advanced WAF as a firewall for our website applications and the websites of our customers.

The most valuable features of F5 Advanced WAF are the security features and the protection.

In the future, I would like to see F5 include AI in the hardware of F5 Advanced WAF.

F5 Advanced needs to improve its bot protection. The solution needs to have machine learning to learn the behavior of the customer to recognize the human versus the bot. This is a difficult feature to explain to our customers. I would like documentation about the bot feature to make it easier for the customer to understand.

I have been using F5 Advanced WAF for two years.

The solution is stable.

F5 Advanced WAF is scalable.

We tend to handle our own technical support for our customers. My experience with F5 support is a three out of five overall. They need to improve the information and training of the receiver.

Positive

The initial setup was neither easy nor difficult. I would rate setup as a four out of five.

The pricing of F5 Advanced WAF is more expensive than other solutions like Radware and CD18, it is quite high. I rate the product a one out of five for price, with one being expensive.

Overall, I would rate F5 Advanced WAF an eight out of ten overall.