I have had experienced with several WAF deployments and deep technical assessments of the following:
1. Imperva WAF
2. F5 WAF
3. Polarisec Cloud WAF
Typical limitations on cloud WAF is that the solution only includes generic level of web application protection. The difference primarily with on-premise WAF / dedicated WAF solution like Imperva is ability to protect business logic in the web application. This approach allows user to apply strict positive security as opposed to negative security model.
Cloud WAF typically revolves around technical level attacks mitigation such as SQLi, XSS, CSRF and bot related detection and mitigation. To do more customized rule settings (for instance to protect business logic), a multi-tenant capable solutions usually do not have high level of customization ability due to its nature of generic, wide range of client types coverage.
Nevertheless, the capability to protect technical level attacks might be sufficient for your web application, given the fact that AWS is tightly integrated in its PaaS offering, making the implementation and deployment much more seamless compared to the other products.
In my opinion, you could consider AWS WAF if:
1. Your web application do not serve complex business logic such as Internet Banking.
2. Your only concern about security is technical attacks mitigation.
3. Your web application is hosted in AWS infrastructure.
AWS WAF provides configurable rules, integration with AWS services, and scalable protection against web threats like SQL injections and DDoS attacks. Its automation and reliable performance are highly valued by users.AWS WAF is a web application firewall offering significant security features like geo-restriction, custom rules, and IP filtering. Designed for seamless orchestration within AWS environments, it facilitates easy configuration and threat automation. Users benefit from its security...
Hi Varun,
I have had experienced with several WAF deployments and deep technical assessments of the following:
1. Imperva WAF
2. F5 WAF
3. Polarisec Cloud WAF
Typical limitations on cloud WAF is that the solution only includes generic level of web application protection. The difference primarily with on-premise WAF / dedicated WAF solution like Imperva is ability to protect business logic in the web application. This approach allows user to apply strict positive security as opposed to negative security model.
Cloud WAF typically revolves around technical level attacks mitigation such as SQLi, XSS, CSRF and bot related detection and mitigation. To do more customized rule settings (for instance to protect business logic), a multi-tenant capable solutions usually do not have high level of customization ability due to its nature of generic, wide range of client types coverage.
Nevertheless, the capability to protect technical level attacks might be sufficient for your web application, given the fact that AWS is tightly integrated in its PaaS offering, making the implementation and deployment much more seamless compared to the other products.
In my opinion, you could consider AWS WAF if:
1. Your web application do not serve complex business logic such as Internet Banking.
2. Your only concern about security is technical attacks mitigation.
3. Your web application is hosted in AWS infrastructure.
Hope this answers could be useful.
@John Rendy Also, if you are dependent on AWS certificate manager, as other WAF require you to provide your certificates which AWS will not export.
Hello @Venkatesh VRH , @Vinamra Singhai and @DanielSeco. Can you please help here?