F5 Advanced WAF Reviews

I was working in sales. We would provide more corporate products. I am not implementing or deploying this solution. I would sell it for projects in the enterprise direction, but it was mostly for financial institutions and some government companies.

It usually used for e-commerce and financial services. Products that banks provide to their customers. It also offers protection of the services.

It is easy to use, and it's also easy to configure. 

The most valuable feature is that it is secure.

The interface is old-looking, it's not modern, which is why it's not always comfortable to use.

I would hope that they provide some updates sooner rather than later.

I have used F5 Advanced WAF for three months in the last year.

We were using the latest version and we update on a regular basis.

It's a very stable solution.

This is a scalable product.

Our customers are in the banking system and we have approximately 200 to a few thousand customers.

We have official support from the distribution channel. One of our distributors is in Ukraine.

They have their own support definition provided with some certifications who are responsible for providing support at the vendor level.

We usually ask for their support and they provide it to us.

Previously, we used BIG-IP and we used Web Application Firewall.

I was not involved in the installation.

I am currently working on a B2C channel, which is more for retail companies.

I have also been working with Apple company for a little bit more than a month.

I am working with all-in-one products with all services included.

I would recommend this solution to others who are interested in using it. It's not popular in our country but it's unique in itself. There are some segments that became more important on a regular basis, especially for large companies and enterprise segments.

It's a secure product. I would rate F5 Advanced WAF an eight out of ten.

I worked with the solution before starting at this new company and I'm now implementing it in my new job. I'm head of security at our company and we are a customer of NGINX Web Application Firewall. 

The product is very easy to use and they provide great support. I like the dashboard and reporting. 

The scalability could be improved. There is a version with 25 and 200 Mbps, no options in between

I've been using this solution for one year.

It's a stable solution. I haven't had any problems with it. 

The technical support is good, I'm happy with it.  

The initial setup is straightforward. 

I would rate this product an eight out of 10. 

We are a system integrator and we design solutions for our customers. We provide all kinds of networking solutions, as well as security, and we are sometimes responsible for the integration as well.

We are partners with F5 and this is one of the solutions that we provide to our clients.

Our customers are organizations, including government departments, who use their firewall for load-balancing purposes. However, for some time now, they have wanted to add an additional layer of security, which is why they implement this solution.

We normally propose the on-premises deployment model to our customers.

This solution is an enterprise-class firewall that provides both load-balancing and security.  Once it's deployed, it works smoothly and without issue.

I would like to see the pricing of this solution improved. There are a lot of other products that are trying to compete with this solution, and there are a few now that are very good. I know that F5 doesn't always worry about the pricing because of the branding, but if they want to capture more of the market then they need to consider that not everybody thinks about the brand. Some are concerned with the price, and some of the competitors offer solutions at a lower cost. While it is true that price is only one of the things that people consider, it is one of the major factors that can cause them to lose the battle to a competitor.

This solution can be made more user-friendly.

This is an enterprise-class product, and as long it is deployed properly it is quite stable. We have not had any issues post-deployment. This is one of the reasons that customers are paying for F5.

This is a very scalable solution.

Technical support for this solution is good. We have had a couple of tickets, and it was pretty good.

The complexity of the initial setup is on a case-by-case basis.

If the customer is primarily interested in load-balancing then it is straightforward and it takes a few days. Once the customer is ready with all of their information, it doesn't take much time. In more advanced scenarios, it can take months to fully set up and configure.

Keep in mind that this is an enterprise-level product, so many of the competitors will take less time in setup. Not every engineer can configure F5 WAF.

We perform the integration for our clients. We have our own deployment team that keeps up to date with the latest features in the market. They have the latest training materials and are aware of technical changes that are happening when it comes to these solutions.

When we have this kind of project, one person will be dedicated to the deployment and they will ensure that the solution has been deployed properly. After this, things will be taken care of by the general engineering team. We have a pool of resources who can handle maintenance such as upgrades.

Licensing fees for this solution are paid on a yearly basis.

My advice to anybody who is considering this solution is to have clarity with respect to their own scenario, or application. They have to know what they are expecting out of this deployment. As the system integrator, I may not be sure about the client's applications or how they work internally, so I have to rely on them.

I would rate this solution a nine out of ten.

The anti-bot protection is the solution's most valuable feature. Safe-guard or credential staffing are also useful features.

The templates of the iApps could be better.

The solution's dashboard could be improved. When you're moving from policy to policy, the logs and the integration of the logs in other systems aren't straightforward.

The solution has a lot of training material, but not about integration in a virtual improvement. They should create more documentation around this for users. 

The solution is stable.

Technical support is very good. I only use it four ot five times a year. If I find any bugs I post it to their file. It's very good support. They offer excellent service.

The initial setup was very simple. It was just for the machine: the ASM port and the WAF itself, not the deployment of the appliance, which is why it was easy.

I'm an integrator, so I help implement the solution for clients.

The pricing of the solution is very high.

Before selecting this solution, we looked at Kemp. We were concerned with the WAF, which is why we decided not to go with Kemp.

We're using several versions of the solution; anything between versions 12 to 14.

I would recommend the solution. It's the best option for WAF, at least in the last year or so.

I would rate the solution ten out of ten.

This solution inspects your traffic and based on that, automatically create distinct qualities for you, so you can add this to the policy already created. That's what I like most.

I would not expect traffic details to pass through the web application firewall across the length of the whole application. I think that there is a web application where it can let the application function without traffic going in into the WAF.

I think the solution is already being phased out. They are now going for a more advanced option but I'm referring to the web crawler. The web crawler should be able to allow a web application on its own to create policies, rather than wait for traffic to go to the WAF.

There are templates for creating policies, so the initial setup is very straightforward.

I would want to use ASM, or Area Security Manager, which I would rate as seven of ten. That offers lending passability, where the device should be able to lend or call the application and know the component of an application.

The DCI feature is very valuable. The solution is very robust, and I like the setup.

With this solution, you can set distinct perimeters that you can monitor. You can go very granular, which makes it possible to set up very specific perimeters that you are then able to secure.

The solution is tedious. It takes a lot of discrete settings so one needs to get detailed and granular when they use the solution. It takes you a whole lot of energy and concentration to configure. It needs to be much more straightforward, like other web solutions.

They need to have a way to define attack signatures. It might help improve the user experience.

The solution is quite stable. Since 2016, there hasn't been any concern in regards to security.

The solution is highly scalable.

Technical support is excellent. It's top-notch.

The initial setup was very straightforward. The solution is very compact. It takes more than one month for effective deployment.

The solution isn't too expensive. The license allows you to license what you need and leave out what you don't need.

We currently deal with the on-premises deployment model.

I would recommend the solution for use as an efficient firewall. Security is a complex thing, however, and I would advise others to use multiple vendors for different layers.

I would rate the solution ten out of ten.

We use this program 24/7 as a firewall to block malicious requests. We update regularly.

The solution speeds up our web application speed. This increases the availability of our services, because of the web base load balancer. It also improves our application security because of the additional features of the web application firewall. So our website works faster and better and it has a lower impact on our servers.

The features I find most valuable is the behavior analysis and the additional subscription for global threats. It's an additional feature, which I haven't seen in another solution. I also like the DDos protection behavior too, because some DDos are quite a problem and we have problems with it.

I am very happy with the interface, the dashboard, and the reports. Whenever I see a malicious request, I can see if I blocked it and then I can decide if I want to accept or decline. I am therefore completely happy with the ability to report and so on. 

This solution is the best out there on the market. One thing that can be improved, is to increase the quantity over predefine policy. I know it's impossible to do it all, but what I would have liked to increase the ready-to-deploy templates with only a few clicks.

I have had no issues with the stability. Even my friends with bigger installation systems are satisfied with the stability. I believe it depends on how many features you use. I have also had no issues with clusters or software update signature updates. I believe this program is even more stable than the Windows server.

Whenever I need more performance, I just buy upgrade licenses and additional license keys. So scalability is a question of paying more. It is simple. Everybody who uses the site employs external clients. 

When I asked support for help they answered the same day with the answer. But it was small issues. I haven't had any serious bugs or any troubleshooting.

I have used different products with lower segments in other solutions. Some were magic when it comes to security and availability but they don't provide visibility on how it works, how it secures and so on. And there is no additional protection from both ends to have a behavior analysis. That is why we chose Advanced WAF. We chose it because of its additional features. We need a solution that is stable and that can offer deep analysis.  

The installment was straightforward and it took us about two hours. Deployment took a week or maybe two to complete. Complete installation for such a complex system is quite fast. 

After buying the program, you just pay for the support every year.

I definitely recommend this solution because of the time you save on analysis. It is a stable program and you get additional features. The more you work on it, the more features you discover. I rate this solution ten out of ten.

The anti-bot protection has been the most valuable.

I think the deployment template can be better, like the iApps they have in the F5 MPM. I think the deployment templates can be better.

The solution is pretty stable.

The technical support is very good. I'm using the F5 technical support, maybe once a quarter. Something like three to five times a year. When I find a bug then I post them to their forum because I'm using it a lot. I can find the bugs. But its very good support.

The initial setup was very simple. The initial setup is done by the machine. The ASM HS, the WAF itself, not the deployment of the application. So it was very simple, I am working with VIP for almost a full year. Something like ninety percent of my activities are F5 related. I specialize in F5 now and everything in F5 is very, very simple.

I'm an integrator.

I think the price is very high. This is what I hear from the customers. Sometimes we cannot sell the product because it is a higher price.

I evaluated a few other options. Kemp, for example, but Kemp is not a WAF it's a load balancer, it's for another model of the F5 so its not related to do WAF. And we're speaking about the WAF. 

I would recommend this solution. It would be the best solution for WAF.

I think the dashboard can be improved. When you move from the policy to policy, the logs and the integration of the logs are without a system. Maybe make it like other SIEM systems and system servers like Splunk. They do have a lot of training videos and manuals. This helps. But not really about integration or feature improvement.

I would rate this solution a ten out of ten.