F5 Advanced WAF Room for Improvement
RS
Rahool Sharma
Senior Network Consultant at Visionet Systems Inc.
Support is a little slow, but the solution itself is great. If I compare F5 and Fortinet, the main issue is the support. With Fortinet, it takes less time to engage a support engineer and get things sorted compared to F5.
View full review »F5 Advanced WAF sells perpetual licenses as perpetual assets during sales without informing me that support ends after a few years. I find out later and am required to pay for support without receiving updated versions. Deployment training for F5 Advanced WAF is lacking and restricts growth by being inaccessible and costly for partners.
View full review »More legacy protocols should be added to the solution. The aforementioned protocols are generally less used and might have been phased out from multiple solutions. But some of the large corporations that are clients of our company are unwilling to let go of applications that have been developed.
The aforementioned clients believe that as some of the new websites do not use these technologies, it wouldn't be ideal to replace the existing applications; for example, a bank with millions of dollars connected to a software wouldn't be willing to replace it instantly.
It often takes years for enterprise-level businesses to replace applications. The vendor of F5 Advanced WAF needs to consider that even if legacy protocols are not necessarily used for new projects, existing or prior applications projects rely heavily on them, and such protocols need to be protected until they are completely phased out of the market.
The vendor needs to provide complete support for the legacy protocols, just like the latest protocols in the market, until they are assured that none of the customers are using them.
I would like to witness the expansion of the supported protocols set by the solution. The tool should be promoted as an advanced protection solution that supports all types of protocols. In future versions, some protocols offered by the solution need to be more specialized. All public-facing protocols should be added to F5 Advanced WAF.
Buyer's Guide
F5 Advanced WAF
July 2025

Learn what your peers think about F5 Advanced WAF. Get advice and tips from experienced pros sharing their opinions. Updated: July 2025.
861,390 professionals have used our research since 2012.
The DDoS capabilities should be enhanced. More advanced features related to DDoS would be beneficial.
View full review »One improvement for AOF could be focusing on enhancing its AI engine to make it more mature.
View full review »- Ease of Deployment: Simplify initial setup and policy configuration.
- UI Enhancements: Improve user interface for better navigation and usability.
- Integration: Enhance compatibility with third-party tools like SIEMs and DevOps pipelines.
- Performance Optimization: Reduce latency during high traffic volumes.
Suggested Features for Next Release:
- AI-Driven Threat Detection: Advanced machine learning for proactive defense.
- Comprehensive API Protection: Extended support for GraphQL and WebSocket APIs.
- Cloud-Native Integration: Better functionality in hybrid and multi-cloud environments.
- Automated Policy Suggestions: AI-based recommendations for policy tuning.
There are opportunities for improvement in updating the user interface to a more modern look. Additionally, the speed of technical support and community responses could be enhanced.
View full review »I do not have anything in mind right now that needs improvement. Generally, it works well. If we need any specific feature, we approach F5 directly.
View full review »EK
Ehab Kamal
Import Comliance Specialist at Silicon21
I would like to see improved features in the F5 Advanced WAF solution, especially with a focus on enabling Kubernetes fully. The database needs better service discussions and updates on communication. Additional improvements could also be made in asset management for the data.
View full review »The GUI interface can be confusing due to similar-looking tabs for policy building, traffic learning, and event logs. A more explanatory GUI would be beneficial. However, F5 solutions are a bit expensive compared to others, although they provide the best service and options.
View full review »HR
Habib A
Systems Engineer at Sify Technologies
The main improvement needed is related to IP intelligence. Once we start receiving traffic from repetitive IP addresses, we have to report it to the SOC team to block it at the layer four level. Users would like to have an additional IP intelligence license to handle this within WAF itself without needing to engage with the SOC team.
View full review »One area for improvement in the product is its SSO integration, which posed challenges and required significant effort to resolve. The complexity of SSO deployment, coupled with high associated costs, could be addressed to enhance usability. Streamlining the SSO process and revisiting cost considerations would contribute to an improved user experience.
HU
Hillary-Ugwuanyi
Freelancer at Freelance
While F5 Advanced WAF does limit the number of partners in certain regions to ensure successful business transactions, they could also benefit from expanding their partnerships and making it easier for more people to learn about and become experts in F5 Advanced WAF. By doing so, they could increase the reach and exposure of their solution, similar to how Cisco has become widely recognized in the security industry.
View full review »All features of Advanced WAF offer numerous functions, which means tuning configuration is not simple. It's a powerful tool yet can be complex for new users. Future updates should ensure not to break the current state, as users are concerned the new version may not meet current standards.
View full review »The product could be more user-friendly for administrators. The user interface could be easier.
View full review »The self-service aspect could be improved.
The user interface (UI) also seems a bit outdated. Making it more user-friendly would be beneficial.
View full review »GM
Geofrey Mwaseba
SOC Analyst at a financial services firm with 1,001-5,000 employees
For me, an area for improvement in F5 Advanced WAF is the reporting as it isn't so clear. The vendor needs to work on the reporting capability of the solution.
What I'd like to see in the next release of F5 Advanced WAF is threat intelligence to protect your web application, particularly having that capability out-of-the-box, and not needing to pay extra for it, similar to what's offered in FortiWeb, for example, any request that originates from a malicious IP will be blocked automatically by FortiWeb. F5 Advanced WAF should have the intelligence for blocking malicious IPs, or automatically blocking threats included in the license, instead of making it an add-on feature that users have to pay for apart from the standard licensing fees.
View full review »F5 Advanced WAF could improve resource usage, it is CPU intensive. Additionally, adding automated remediation would be a benefit. For example, an easy button alerts us of the events that are occurring, and what we want to do at the time. An automated approach where somebody could be alerted very quickly. Instead of going and reconfiguring everything, an automated approach is what I'm looking at.
View full review »ME
Mohamed Eltabakh
Network Security Consultant at GBM
The solution requires a bit of advanced knowledge. They are trying to make configurations less complicated by including guides, particularly for application protection in the cloud. Nothing is complicated but it takes a hands-on approach and a few hours to a few months to become familiar with how the solution works.
The solution should include RASP which is runtime application security protection. Imperva includes RASP but the solution does not at this point. RASP would provide another level of application protection at the code itself.
View full review »There should be more ability to rate limit certain scenarios. The majority of the time, it is either on or off. For certain types of use cases, there should be the ability to rate limit, not just enable or disable.
It is a very CPU-intensive application. I understand why, but I'm hoping that they could optimize the CPU utilization a little bit better.
View full review »Most customers encounter stability issues with the product's Big-IP logs. It works slowly while retrieving logs.
View full review »F5 should consider adding network detection and response.
View full review »The solution should include protection against web page attacks like what is available in FortiWeb.
The solution should integrate with Kubernetes. I believe there is a new ADC planned for the end of 2022 that will accomplish this goal.
View full review »F5 Advanced needs to improve its bot protection. The solution needs to have machine learning to learn the behavior of the customer to recognize the human versus the bot. This is a difficult feature to explain to our customers. I would like documentation about the bot feature to make it easier for the customer to understand.
View full review »KL
Kok KeongLow
Head of Presales at a tech vendor with 10,001+ employees
The deployment side is quite complex. We'd like them to simplify the implementation process. I'm not sure whether they can do that, however, they have to be very detailed on configurations, and sharing of the policy. Anybody that configures this box, the WAF, they have to have knowledge of the application and some of the security portions there as well.
View full review »The pricing could be more flexible.
View full review »F5 Advanced WAF could improve the reporting. It's a bit difficult to populate, them. If you're not so familiar with the functions, such as where to find the logs and other settings.
In a future release, it would be beneficial to have a DNS boost feature.
View full review »The overall price of F5 Advanced WAF could improve.
View full review »F5 Advanced WAF could improve on its funding for WAF features. There is a need to be more advanced WAF features.
View full review »The product could be more user-friendly, particularly the user interface for administrators. Additionally, configuration can be quite complex and needs improvement to be less complex.
View full review »They should improve the capability, and then they should work on the virtualization of NGINX. Currently, most environments are virtualized. F5 Advanced WAF will not be able to protect it.
The tool needs to improve its pricing.
View full review »SH
Hoodad Hashemi
Information Security Manager at a financial services firm with 1,001-5,000 employees
The solution could improve by having an independent capture module. It has a built feature that you can deploy the capture on your published website. However, it's not very user-friendly. When you compare this feature to Google Capture or other enterprise captures, they are very simple. It needs a good connection to the F5 Advanced WAF sandbox. When you implement this feature in the data center, you may suffer some complications with connecting to the F5 Advanced WAF sandbox. This should be improved in the future.
View full review »MK
Mahdi Karimian
Security Specialist at Saman Electronic Payment (SEP)
I would like to see a better interface and better documentation compatibility with other products. It's more complicated with OWASP.
F5 has a learning university, but it's very complex. I teach other people, and it can be confusing with the different versions of software. It's very hard to support that.
View full review »I think the contextual-based component needs a lot of help. It is all based on regular-expressions. That is something I think companies like Signal Sciences are doing a really good job with. We are transitioning off to Signal Sciences on some of our WAF components because of the capabilities Signal Science has. I think that contextual-base signatures would definitely help in F5 WAF.
View full review »JD
Jamshaid Dayar
Network Engineer at a tech services company with 11-50 employees
If I had to summarize what needed improvement, I'd say they are currently in the process of updating their software. But more specifically, I would say their graphical interface, the GUI. I don't like the GUI as much as before, but now I think they're focusing on it. We are getting some new good features in the latest update. But there is still room for improvement on the user interface as well. It's easy to use. It's not difficult but it is not pleasing to the eye. Most of the time you want to see something dynamic, something like the reporting section or the system usage, the CPU, some detailed graphs, anything of that sort. So I guess they have some room for improvement there. Don't make it more complicated, just make it more pleasing to the eye.
We are using the most stable version. Because recently we got an email from F5 suggesting that if you have any user on the 14.1.2.0 that there was a vulnerability on that feature. And it was quite a severe one, so they asked us to immediately update that license to another version.
They currently have 15 versions, but they are not stable. They didn't recommend them to us. So most of the customers in Pakistan are using the 14.1.2.6 version. That is the most stable version and is recommended by F5.
My focus is normally on logging and reporting, because customers always ask for a clear reporting criteria. I would like it if they could simplify the reporting process. If I create something, I want to get a good report on it that I can read in seconds or in minutes. I don't want extra details in it. They should work on the exporting of the logging and reporting.
View full review »I don't like the management control of F5.
Moreover, if you are not an expert, it would be really difficult to set it up.
View full review »It's sometimes difficult to customize APIs with F5 Advanced WAF, which could be made easier.
View full review »GM
GeofreyMwaseba
SOC Analyst at a financial services firm with 1,001-5,000 employees
The reporting portion of F5 Advance WAF is not great. They need to work out something better, as it is very basic. You only see the top IPs, I think there is more they can offer.
View full review »I would like for there to be a cloud-based solution, this would also help to improve scalability.
View full review »The vendor needs to work on developing an MSP model for this solution as that is what's trending on the market, plus integrating this solution under a SASE model. Not all vendors' products are compatible with SASE, and not compatible with delivering multi-deployment options from hardware appliance, VM-based, shared cluster, etc.
The compatibility of F5 Advanced WAF with multiple public cloud environments also needs to be improved, and not to be overlooked with the VMware environment.
This solution shouldn't only focus on Azure public cloud compatibility, as they need to also work with and be compatible with private cloud on multiple environments.
I'm not aware of the latest updates in terms of features, but they need to work on enhancing their product, because it seems they have an issue in the market. Day by day, they seem to be lagging behind all the new products in the market.
They could provide better pricing.
View full review »GS
Georges Samaha
Security Consultant at a tech services company with 501-1,000 employees
We usually use a third-party tool for logging and reporting. It would be nice if we could do that right on this solution. They have one, but it's not very stable. Logging and reporting effectively would be a big enhancement.
The solution still needs some development to handle more traffic, especially in huge environments. In small environments, it's not an issue.
View full review »What needs to be improved in this solution is the accuracy of its automatic learning feature, because we frequently have to help it manually, particularly to stop blocking things it isn't supposed to block.
The technical support for F5 Advanced WAF, though fast and accurate, is costly. The cost could be improved.
View full review »NI
Nadeem Inamdar
Deputy Manager at Saraswat Bank
Although we're getting some reports, we're not getting all the reports we need. There seems to be a gap in report management.
HN
Nguyen The Huy
Solutions Specialist at FPT
I would like to see the API Protection improved.
View full review »IK
IIan Kogan
Security team leader at a aerospace/defense firm with 10,001+ employees
Its price should be better. It is expensive.
View full review »PM
Priyesh MP
Solution Architect at Softcell Technologies Limited
It should be a little bit easy to deploy in terms of the overall deployment session.
One of our customers is a bit unhappy about the reporting options. Currently, it automatically deletes event logs after some limit if a customer doesn't have any external Syslog server. It is a problem for those customers who want to review event logs after a week or so because they won't get proper reports or event logs. They should increase the duration to at least a month or two for storing the data on the device.
F5 is not a leader in Gartner Quadrant, which affects us when we go and pitch this solution. Customers normally go and take a look at such annual reports, and because F5 is currently not there as a leader, the customers ask about it even though we are saying it is good in all things.
F5 is not known for something totally different or unique. They were a major player in ADP, and they are just rebranding themselves into security. They should improve or increase their marketing as a security company now. They have already started to do that, but they should do it more so that when it comes to security, customers can easily remember F5. At the moment, if we say F5, load balancing comes to mind. With rebranding and marketing, all customers should get the idea that F5 is now mainly focusing on the security part of it, and it is a security company instead of load balancing. This is the first solution that should come to a customer's mind for a web application firewall.
View full review »If they could separate the control plane from the data plane, it would give us more flexibility, especially with the Hyper Cloud. This could be the reason they purchased NGINX.
They have released the first production release but they are not there yet. It would be good to have this separation in the near future.
Also, automation on the cloud is not easy. It's a bit of a job, and it doesn't auto-scale very well.
They need to work on the BIG-IQ, which is centralized management. There are too many devices. Managing them individually is inconvenient. Essentially, BIG-IQ is supposed to centralize the management for all of the boxes but it's not very effective.
View full review »RT
Reza Torabi
Senior Network Engineer at PECCO
Everything is good about the F5 WAF, except the reporting. It's really difficult to set records from that device, the UI is kind of hard to work with, and the reporting must be improved.
As a suggestion to the F5 company, they have to put in shells to have the next generation WAF. So, instead of buying different modules and different hardware and appliances, they can offer an all-in-one solution for WAF.
NR
Nishant Ramsumar
Snr. Technical ADN Consulting Architect at ADN Consultants & Architects (PTY) Ltd
The customer service could be improved.
View full review »We sometimes get pages with false positives. The F5 team does its best to deal with this problem. I'd like to see this product compatible with more mobile applications, like protecting something devices from a malicious server or from the mobile application itself.
I would like to see additional controls.
View full review »F5 Advanced WAF could improve the precision of the scanning. There are many false positives. They should improve their threat database.
The reporting could be clearer and embedded to include our movement data. The product could improve the interface by reducing the bookmarking more frequently and some other features. Ideally, it could do with a brand new interface. There is sometimes information overload in the logs. It is sometimes difficult to detect attacks on the firewall because it is hidden amongst many other data. The logs are not always helpful in this regard. I was disappointed in the reporting.
View full review »The interface is old-looking, it's not modern, which is why it's not always comfortable to use.
I would hope that they provide some updates sooner rather than later.
View full review »The scalability could be improved. There is a version with 25 and 200 Mbps, no options in between
I would like to see the pricing of this solution improved. There are a lot of other products that are trying to compete with this solution, and there are a few now that are very good. I know that F5 doesn't always worry about the pricing because of the branding, but if they want to capture more of the market then they need to consider that not everybody thinks about the brand. Some are concerned with the price, and some of the competitors offer solutions at a lower cost. While it is true that price is only one of the things that people consider, it is one of the major factors that can cause them to lose the battle to a competitor.
This solution can be made more user-friendly.
View full review »The templates of the iApps could be better.
The solution's dashboard could be improved. When you're moving from policy to policy, the logs and the integration of the logs in other systems aren't straightforward.
The solution has a lot of training material, but not about integration in a virtual improvement. They should create more documentation around this for users.
View full review »GD
User54664
Works at a financial services firm with 10,001+ employees
I would not expect traffic details to pass through the web application firewall across the length of the whole application. I think that there is a web application where it can let the application function without traffic going in into the WAF.
I think the solution is already being phased out. They are now going for a more advanced option but I'm referring to the web crawler. The web crawler should be able to allow a web application on its own to create policies, rather than wait for traffic to go to the WAF.
View full review »The solution is tedious. It takes a lot of discrete settings so one needs to get detailed and granular when they use the solution. It takes you a whole lot of energy and concentration to configure. It needs to be much more straightforward, like other web solutions.
They need to have a way to define attack signatures. It might help improve the user experience.
View full review »This solution is the best out there on the market. One thing that can be improved, is to increase the quantity over predefine policy. I know it's impossible to do it all, but what I would have liked to increase the ready-to-deploy templates with only a few clicks.
View full review »I think the deployment template can be better, like the iApps they have in the F5 MPM. I think the deployment templates can be better.
View full review »For F5 Advanced WAF, it's only 70% different over time with upgrades. F5 can still build AWS support after many long years of absence. It's difficult to use.
F5 Advanced WAF needs better integration within the application, like remote dashboards. The pricing is too high. It needs better security features with the interface or dashboard.
We go through some problems with the Disc Doctor services and F5 was recommended to fix or avoid the same situation in the future.
F5 now is the product we use for the web products to have a web application firewall.
We need better integration in the application and more security features in the future.
View full review »The administrator's user interface and some of the settings can sometimes be very complicated to understand. It would really help if they could be easier and more user-friendly. Perhaps the developers can add a training video that shows users what to do. I am sure it is a good product and you only need some experience to become familiar with it.
Another thing that may need improvement, is upgrading from one version to another. It is good, but it can be faster.
View full review »GS
Georges Samaha
Security Consultant at a tech services company with 501-1,000 employees
In general, the web interface is not really catchy. It's very powerful, very customizable, but it doesn't have a very nice GUI interface for a new adopter. For them, they'd have to do a lot of configuring. At least the reporting and monitoring parts, let's say, to be honest, should have a better interface. A few other products have very nice dashboards, out of the box, and F5 is not that friendly to use.
Also, when you buy WAF, you have to buy another module called APM to do authentication. You have to buy another module with an extra license, to have the authentication feature. Other vendors have it interwoven. For example, I don't know if Barracuda has it, but Citrix has it under the same license. So maybe add authentication functionality in the AOS license, and not separate.
View full review »The BNS module needs improvement.
View full review »The Sandbox integration feature could be improved.
View full review »The delay times on firmware patches and software updates could be better and improved.
View full review »Buyer's Guide
F5 Advanced WAF
July 2025

Learn what your peers think about F5 Advanced WAF. Get advice and tips from experienced pros sharing their opinions. Updated: July 2025.
861,390 professionals have used our research since 2012.