Sold by: F5, Inc.Â
Deployed on AWS
Protect against automated attacks. Bot Protections Rules is a partner managed rule group for AWS WAF that stops a broad range of malicious bots activities such as vulnerability scanners, web scrapers, DDoS tools, and forum spam tools.
Overview
F5's Managed Rules for AWS WAF offer an additional layer of protection that can be easily applied to your AWS WAF. F5's Bot Protection rules analyze all incoming requests and block any malicious bot activities identified, including DDoS tools, vulnerability scanners, web scrapers, and forum spam tools. All rules are written, managed and regularly updated by F5's security specialists to ensure protection against evolving threats without the need for intervention on your part. The rules are licensed on a pay-as-you-go basis so you will only pay for what you use. Deployment guidance can be found at https://pages.awscloud.com/rs/112-TZM-766/images/F5_OWASP_Getting%20Started%20Guide.pdf .
Alternatively, if you require more sophisticated protection then F5's Advanced WAF or Distributed Cloud Bot Defense may be more appropriate solutions. F5 Advanced WAF leverages behavioral analytics and machine learning to thwart complex app-layer attacks, while Distributed Cloud Bot Defense offers market-leading bot protection capable of determining if requests originate from bots and whether they have malicious or benign intent. Learn more about F5 Advanced WAF (https://aws.amazon.com/marketplace/pp/prodview-kqebnc25kfoe6?sr=0-5&ref_=beagle&applicationId=AWSMPContessa ) or Distributed Cloud Bot Defense (https://aws.amazon.com/marketplace/pp/prodview-x5mf4isftlzcc?sr=0-1&ref_=beagle&applicationId=AWSMPContessa ).
Highlights
- Easily Enhance Security - No security expertise needed, simply attach rules to your AWS WAF instances to immediately bolster protection.
- Continuously Updated - Rulesets are monitored, maintained and update by F5's security experts to ensure protection against evolving threats.
- Fast & Simple Deployment - Attach F5's WAF rules to your AWS WAF instance in a matter of minutes following three simple deployment steps.
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/unit |
|---|---|
Charge per month in each available region (pro-rated by the hour) | $20.00 |
Charge per million requests in each available region | $1.20 |
Dimensions summary
F5 Rules for AWS WAF follows a two-part pricing model on AWS Marketplace. The monthly regional charge covers the base subscription for maintaining and updating the WAF rules in each AWS region you deploy, with the flexibility of hourly prorating. The per-million requests pricing applies to the actual traffic processed through the WAF rules in each region, ensuring you only pay for the protection you use. This straightforward model combines fixed and variable costs to align with your security needs and usage patterns.
Top-of-mind questions for buyers like you
How does the monthly regional charge work for F5 Rules for AWS WAF?
The monthly regional charge is a base fee applied for each AWS region where you deploy F5's WAF rules. This charge covers continuous rule updates, maintenance, and access to F5's security expertise, while being prorated hourly to provide deployment flexibility and cost optimization.
What defines a billable request in the per-million requests pricing?
A billable request is any web traffic that passes through your AWS WAF using F5's rule sets. This includes API calls, web page requests, and any other HTTP/HTTPS traffic that is evaluated against the F5 security rules, with charges calculated based on the total volume of requests processed in each region.
Are there any prerequisites or additional AWS costs to consider?
While F5's pricing covers the rules and updates, you need an active AWS WAF deployment which incurs separate AWS charges. The AWS WAF costs include web ACL capacity units (WCU) and per-request charges that are billed directly by AWS, independent of F5's pricing.
Vendor refund policy
For this offering, F5 does not offer refund, you may cancel at anytime.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
F5 Rules for AWS WAF are supported via F5 DevCentral - F5's extensive community of experts, developers and users addressing technical issues related to F5 products. If you have any questions or need assistance with any aspect of F5's rulesets please submit a question with the tag 'F5 rules for AWS WAF' (http://devcentral.f5.com/s/questions?tag=F5+Rules+for+AWS+WAF ). Response times may be up to 2 days. For online information regarding F5 Rules for AWS WAF, please refer to https://support.f5.com/csp/article/K21015971 . For any infrastructure and WAF related questions please contact AWS Support (https://aws.amazon.com/contact-us ) for AWS WAF related assistance.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By F5, Inc.
By Fortinet Inc.
By Cyber Security Cloud Inc.
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Bot Traffic Detection
Advanced analysis of incoming web requests to identify and block malicious bot activities
Threat Pattern Recognition
Comprehensive protection against vulnerability scanners, web scrapers, DDoS tools, and forum spam tools
Security Rule Management
Dynamically updated rulesets written and maintained by specialized security experts
Web Request Filtering
Automated blocking mechanism for identifying and preventing malicious automated traffic
Threat Behavior Analysis
Systematic evaluation of incoming web requests to detect and mitigate potential automated attack patterns
Web Application Threat Protection
Comprehensive ruleset covering OWASP Top 10 web application threats including SQL Injection, Cross Site Scripting, and Known Exploits
Security Signature Updates
Regular threat information updates from FortiGuard Labs to maintain current protection signatures
Malicious Traffic Detection
Protection against malicious bots and common vulnerabilities and exposures (CVE)
Configurable Security Response
Flexible configuration options to log, alert, and block detected web application threats
Attack Vector Coverage
Comprehensive security rules targeting multiple web application attack vectors including general and known exploits
Web Application Threat Protection
Comprehensive ruleset targeting OWASP Top 10 Web Application Threats with low false-positive rate
Vulnerability Mitigation
Managed rules addressing code injection techniques including SQLi, NoSQLi, OScommandi, XSS, and directory traversal
Technology-Specific Security
Protection against known exploits for web technologies like Apache Struts2, Apache Tomcat, Oracle WebLogic, WordPress, Drupal, and Joomla
Threat Intelligence Integration
Regularly updated rulesets incorporating latest cyber threat intelligence
Compliance Support
Security rules designed to help meet security standards such as PCI-DSS
Standard contract
No
No
No
Customer reviews
1
2 ratings
2 AWS reviews
|
24 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Banking
Evaluating the Effectiveness of F5 BIG-IP Advanced WAF ln Enhancing Application Security
Reviewed on Jun 01, 2023
Review provided by G2
What do you like best about the product?
its real-time threat intelligence integration, leveraging F5's Security Operations Center (SOC) and global threat intelligence network. This integration ensures that the firewall remains constantly updated with the latest threat trends, enabling it to proactively defend against emerging threats. Additionally, the Advanced WAF allows for extensive customization options, empowering organizations to tailor their security policies to the unique requirements of their applications.
What do you dislike about the product?
WAF is relatively high, positioning it as a more suitable option for larger enterprises rather than smaller organizations with budget constraints
Configuring and managing the Advanced WAF requires a certain level of expertise, which could result in inefficiencies or misconfigurations if not properly addressed.
Configuring and managing the Advanced WAF requires a certain level of expertise, which could result in inefficiencies or misconfigurations if not properly addressed.
What problems is the product solving and how is that benefiting you?
It enables organizations to customize security policies based on their specific application requirements. This flexibility allows for fine-tuning and optimizing security measures, reducing false positives and negatives while maintaining an optimal balance between security and application performance.
Katya G.
Best way to protect exposed applications
Reviewed on Dec 27, 2021
Review provided by G2
What do you like best about the product?
WAF configurations are very high level. I really feel safe in this sense. The microservice and DOS protection features are also great. The signature-based protection module is also very advanced.
What do you dislike about the product?
The interface could be better. f5 should now make the interface look better.
What problems is the product solving and how is that benefiting you?
We use it behind this WAF in all applications we open. We do this with a good configuration with the BLocking mode turned on. There may be occasional false positive situations in the first week, but then it works incredibly regularly.
Computer & Network Security
Industry leading solution for WAF
Reviewed on Nov 10, 2021
Review provided by G2
What do you like best about the product?
F5 Application Security Firewall is a robust solution. You can enable WAF on the F5 Load Balancer with one click with a license. F5 presents to the customers load balancer and WAF one same appliance. So while you can load balancing the application you don't need to send user requests to other products, F5 inspects the user request while load balancing. It offers comprehensive configuration for application security. It is learning the application then blocks the unwanted traffic.
What do you dislike about the product?
You have a piece of deep knowledge for configuring the F5 WAF. Configuration GUI is very complex, sometimes you can be lost while configuring. And the price is ver high.
What problems is the product solving and how is that benefiting you?
IPS on the firewalls is not enough to control user requests. We can check all clients request on F5 WAF. Clients unwanted requests stopped on WAF before they reached the application
Recommendations to others considering the product:
There are a few vendors at the market which offer detailed application security. F5 ASM is one of them. If you want to configure with detail and fight OWASP top 10 threats F5 ASM (or WAF) best fit your requests.
Banking
All in one feature set
Reviewed on Oct 11, 2021
Review provided by G2
What do you like best about the product?
A single appliance has all the features which require a webserver service, WAF, Server load balancer, GSLB
It has iRule feature, where I can script my custom requirements where it does not support by default.
It has iRule feature, where I can script my custom requirements where it does not support by default.
What do you dislike about the product?
For the advance reporting stuff, need to procure an additional system call BIG-IQ, which is not coming out of the box with BIG-IP.
What problems is the product solving and how is that benefiting you?
I have deployed many Advance WAF solutions. it is ready grate. Server load balancing and WAF requirements.
Information Technology and Services
F5 - LTM , GTM , ASM , APM | Citrix ADC , Gateway, GSLB | AWS ELB
Reviewed on Sep 30, 2021
Review provided by G2
What do you like best about the product?
F5 ASM has been a great tool to manage and fine-tune the security aspect, thus completing the complete application delivery chain.
Application security has never been so efficient and easy to deploy/tune/operate/ with ASM module.
However, the real winner is the F5 team that consistently develops & ensures the module is up-to-date with recent ''fire"(s) of the world.
Application security has never been so efficient and easy to deploy/tune/operate/ with ASM module.
However, the real winner is the F5 team that consistently develops & ensures the module is up-to-date with recent ''fire"(s) of the world.
What do you dislike about the product?
More documentation should be available on the best practices and what industries focus on, especially policies, signatures, and capabilties.
What problems is the product solving and how is that benefiting you?
Complete end to end security needs , monitoring & protection against vast array of web-based attacks.
Backtracking the application level changes triggering ASM alarms and mitigating them.
Mitigating security vulnerabilties is the big one.
Backtracking the application level changes triggering ASM alarms and mitigating them.
Mitigating security vulnerabilties is the big one.