F5 Per-App-VE Advanced WAF with LTM, IPI, TC (PAYG, 25Mbps)

I am working with an integration and security company that collaborates with various vendors. I am currently dealing with F5 Advanced WAF .

The whole mechanism of F5 Advanced WAF  is effective. It contains the logic of both negative and positive security combined, providing added value to the company I work with to protect their applications.

I do not have anything in mind right now that needs improvement. Generally, it works well. If we need any specific feature, we approach F5 directly.

I have probably used it for ten years or so.

I do not need them much because my team is professional. If there is a bug, the support is usually understanding and resolves issues.

Neutral

The price is affordable and satisfactory.

One of the best features is the bot protection capabilities. I rate the product eight out of ten.

I use F5 Advanced WAF  to manage enterprise clients, focusing on licensing and support flexibility to accommodate various customer segments, including enterprises and mid-market customers.

F5 Advanced WAF  provides two different licensing models. The subscription-based model offers competitive pricing, making it easier for me to see ROI. However, the perpetual license, despite an initial higher cost, lacks transparency regarding support expiration. Due to the subscription, I can compare it with other tools, but as a perpetual buyer, I am unaware of support expiration until after the purchase, allowing indicative ROI calculations but not actual ones. 

Furthermore, F5 Advanced WAF  offers features not available in other products, though I suggest consulting a technical expert for specific features.

F5 Advanced WAF  sells perpetual licenses as perpetual assets during sales without informing me that support ends after a few years. I find out later and am required to pay for support without receiving updated versions. Deployment training for F5 Advanced WAF is lacking and restricts growth by being inaccessible and costly for partners.

I provide the feedback based on my recent experience and judgment.

I have interacted with F5's support, and while I have no major complaints, they could improve. I rate them eight out of ten.

Positive

Deployment is easy for me, but enablement training is not easily available, accessible, or sufficiently supported.

I find it difficult to compute ROI for perpetual licenses due to the lack of upfront information about support expiry. Subscription models offer clearer ROI due to a more competitive pricing scheme.

Subscription models have competitive pricing, while perpetual licenses involve an upfront higher cost, leading to ambiguity regarding support cessation. 

Additional costs for deployment and training further impact my cost considerations.

I am interested in how F5 Advanced WAF features and pricing compare to alternatives like Fortinet and Check Point.

I rate F5 Advanced WAF eight out of ten. 

Despite a few issues, F5 Advanced WAF is performing well for me. Improving engagement and enablement for partners would enhance its value to GSI partners and service providers. 

Overall, I see potential positive development for the product.

The AOF solution is used for any customer with applications to protect them. It provides security features to protect the application from threats such as SQL injections and challenges of the browser using AI.

The AOF solution provides numerous security features. It protects applications from various threats, including SQL injection, and ensures that the application behavior is from a human, not a bot. It includes DDoS protection which has been enhanced after migrating from SDM. 

The solution is very effective as it includes security features important for financial applications where protection is necessary to avoid potential financial loss or penalties. It helps protect the core and backend of applications.

One improvement for AOF could be focusing on enhancing its AI engine to make it more mature.

I have used the solution for almost two years.

F5 is very good in terms of stability with no issues reported during maintenance.

F5 scalability is excellent. I have not experienced any issues with scalability.

F5 customer support is good but not as excellent as Infoblox support due to complexity issues. I would rate F5 customer support as seven out of ten.

Neutral

I recommend Infoblox because it's a leader in DNS security with more than 15 customers using it. It is very flexible in configuration, support, and scalability compared to F5.

The initial setup involves sending a request, understanding requirements such as policy and application number, and ensuring prerequisites are ready. It uses policy virtual servers and the network WAF , taking about five or six days to implement.

The ROI is very impressive as it is crucial for financial applications to be protected efficiently. Ensuring application security is a significant milestone, crucial to prevent financial losses or penalties.

The setup cost is normal, yet not the best in terms of the commercial aspect. Other competitors like Fortinet are cheaper than F5.

Fortinet and its FortiWeb product are competitors to F5. Fortinet has many products yet lacks concentration on a single part, unlike F5.

For enterprises in the financial sector, having F5 is essential. I would rate the solution a ten out of ten.

F5 Advanced Web Application Firewall  (AWAF) is primarily used in financial sectors like banking to secure web applications against advanced threats, ensuring compliance with industry regulations. Our Key use cases include:

1. Protection Against OWASP Top 10: Safeguarding banking applications from SQL injection, XSS, and other common vulnerabilities.
2. Bot Mitigation: Detecting and blocking malicious bots to prevent account takeovers, credential stuffing, and fraud.
3. DDoS Protection : Defending against application-layer DDoS attacks to ensure service availability.
4. PCI DSS Compliance: Enforcing security policies to meet compliance standards for protecting sensitive customer data.
5. API Security : Securing APIs used in banking platforms from abuse and unauthorized access.
6. Threat Intelligence: Leveraging threat intelligence to identify and mitigate zero-day attacks.
7. Application Traffic Control: Managing and monitoring application traffic to ensure optimal performance and security.

These use cases help financial institutions maintain secure and resilient applications, critical for trust and compliance.

F5 Advanced WAF  has significantly enhanced our organization's security posture by protecting critical banking applications against sophisticated threats. It ensures compliance with regulatory standards, improves customer trust through robust bot mitigation, and enhances application performance by mitigating DDoS attacks and securing APIs. Additionally, it provides real-time threat intelligence and streamlined security management, reducing downtime and operational risks.

1. Ease  of Deployment: Simplify initial setup and policy configuration.
2. UI Enhancements: Improve user interface for better navigation and usability.
3. Integration: Enhance compatibility with third-party tools like SIEMs and DevOps pipelines.
4. Performance Optimization: Reduce latency during high traffic volumes.

1. AI-Driven Threat Detection: Advanced machine learning for proactive defense.
2. Comprehensive API Protection: Extended support for GraphQL and WebSocket APIs.
3. Cloud-Native Integration: Better functionality in hybrid and multi-cloud environments.
4. Automated Policy Suggestions: AI-based recommendations for policy tuning.

It's been two years that I've been working with this solution.

I am not experiencing any significant instability.

F5 AWAF offers excellent scalability, enabling organizations to protect applications seamlessly across on-premises, cloud, and hybrid environments. It can handle increasing traffic volumes with minimal latency, ensuring consistent security for both small-scale deployments and enterprise-grade architectures. With its ability to integrate into CI/CD pipelines and auto-scale in cloud environments, F5 AWAF supports dynamic application growth without compromising performance or protection.

Customer service is very responsive. If the issue persists beyond my local support capabilities, I open a ticket with F5, and they respond quickly. I rate their technical support 9 out of 10.

Positive

Not now just I have checked the comparision and collect reviews from peerspoot and Quadrant 

The initial setup experience is straightforward, and I did not face any complexities. I recommend deploying the F5 AWAF solution on a single appliance with LTM.

F5 is relatively less expensive compared to other solutions as F5 is considered the best.

Not Now

I rate F5 eight to nine out of ten. I recommend F5 to customers who require a robust solution and have the budget for it. However, for customers looking for modest pricing, I would not recommend the F5 solution.

I'd rate the solution eight out of ten.

The primary use case for F5 Advanced WAF  is to protect applications that are exposed to the internet. It is used to protect applications from known attacks, such as cross-site scripting and DDoS attacks.

F5 offers a versatile solution that can be integrated with APM  in cases where integration with an external IDB is needed. It is useful for authentication backup if the on-prem directory service is unavailable. 

Additionally, its WAF  functionality is valuable for protecting applications from attacks. It is a versatile and strong solution that's easy to understand and deploy.

The DDoS capabilities should be enhanced. More advanced features related to DDoS would be beneficial.

I have been working with F5 Advanced WAF  since 2017, which is almost eight years.

The stability is high. It's a robust product with high availability, ensuring no disruptions for end-users if a node failure is detected. Our deployments are based on high availability clustering.

F5 Advanced WAF  is highly scalable, both in its physical and virtual forms. Its scalability is based on the search, making it adaptable for various needs.

The support from F5 is excellent, with resources readily available online. The quality of support depends on the service SLA purchased, with various levels of service provided.

Positive

The initial setup of F5 Advanced WAF is straightforward and easy to understand. Without prior training, I could build and publish applications using just the documentation.

For standard and straightforward deployments, the implementation can be handled by a single person or a team based on the customer's size. Professional service can simplify the process significantly.

The pricing is not cheap; I rate it a six out of ten.

While it reflects the advanced capabilities of the product, reconsideration of the pricing is suggested.

For reverse proxy solutions, F5 Advanced WAF is the best choice. 

Overall, I rate the solution an eight out of ten.