The primary use case is to secure the organization's applications from web-based attacks, securing both web applications and APIs.

The product is used to secure web applications and has the ability to use API templates and bot protection features, such as blocking requests or presenting CAPTCHA pages to end users. We also implement Swagger files for API security and use custom profiles for device ID threshold management.

The main improvement needed is related to IP intelligence. Once we start receiving traffic from repetitive IP addresses, we have to report it to the SOC team to block it at the layer four level. Users would like to have an additional IP intelligence license to handle this within WAF itself without needing to engage with the SOC team.

The solution has been used for three years.

Customer service and support depend on the level of support subscribed to, such as silver or platinum support, which determines the response time.

Positive

Deploying the solution involves an application learning and blocking phase. The process includes collecting application data, creating policies, and applying them to lower testing environments like QA or dev before moving to UAT and production. The learning phase is used to handle false positives and fine-tune the policies before going live.

The in-house team manages and supports the WAF, handling incidents reported by end users when legitimate traffic is blocked. They update the policies to prevent the recurrence of similar blocks.

The pricing and support service levels affect response times from customer service, depending on whether the support level is silver, platinum, etc.

We are exploring cloud-based solutions like Azure WAF and AWS WAF.

I rate F5 Advanced WAF an eight out of ten.

I use and recommend F5 Advanced WAF as a web application firewall to protect various applications. It is particularly effective in load balancing and enforcing security policies.

F5 Advanced WAF efficiently handles traffic and secures web applications, protecting sensitive data best for  governmental organization. It ensures compliance with security standards by providing features like PCI DSS checks.

F5 Advanced WAF provides valuable features like signature-based protection, which includes up-to-date threat signatures for common attacks such as SQL injections and DoS protection. It also supports a load balancer for enhanced security and traffic management.

There are opportunities for improvement in updating the user interface to a more modern look. Additionally, the speed of technical support and community responses could be enhanced.

I have been working with F5 Advanced WAF for two years.

F5 Advanced WAF is very stable when configured properly.

F5 Advanced WAF is highly scalable and can handle large amounts of traffic due to its advanced load balancing capabilities.

The technical support team provides responses within a day for critical issues, however, the community support can be slow, sometimes taking up to two weeks for a response.

Negative

I have also used open-source WAF solutions such as OpenAppSec.

The initial setup of F5 Advanced WAF is complex and requires detailed planning, especially for configuration files and management interfaces.

Our internal team implemented F5 Advanced WAF with support from F5's sales engineers.

While F5 Advanced WAF is expensive, the investment is justified by its comprehensive security features.

F5 Advanced WAF is notably costly, especially for small companies, however, it provides strong protection for its price.

l evaluated open-appsec as an alternative WAF solution.

I would rate F5 Advanced WAF a seven out of ten. 

It is important to learn the network and security landscape before deploying. Understanding cybersecurity concepts and signature-based attacks is crucial.

I was in charge of the F5 on-premises solution, where I published several applications for certificate verification and protected various applications. Additionally, I was working with botnets.

F5 Advanced WAF is a comprehensive community platform with a strong commitment, making it valuable for businesses. The capabilities on GitHub are highly appreciated, allowing me to count on F5 for reliability.

I would like to see improved features in the F5 Advanced WAF solution, especially with a focus on enabling Kubernetes fully. The database needs better service discussions and updates on communication. Additional improvements could also be made in asset management for the data.

I've been working with F5 for what seems like a lengthy period.

F5 is logistics-oriented, ensuring that the Webpack performs well in making every single case for the Stereo platform.

F5 is scalable, especially for Stellar and virtualization processes. Customers can scale efficiently.

F5's technical support team is commendable. They are professional and take high-priority prompts seriously.

Positive

My experience includes comparing F5 with FortiWeb. F5 provides more security capabilities for applications than FortiWeb.

The initial setup of the F5 Advanced WAF solution involves multiple stages and might require revisiting configurations based on customer needs. The setup can be complex compared to other options.

I am part of the deployment and implementation team, and we follow a strategy that involves providing quality assurance to ensure data integrity and server protection. Collaboration and dialogue with customers are part of the implementation.

Customers have shown consistent ROI with F5 solutions, especially when daily requests come in for assistance.

The user interface and sub-management prices can be a concern, however, they generally align with the industry's needs.

I recommend the F5 Advanced WAF solution for everyone with critical applications. Security needs to be embedded within the full visualization pipeline, allowing significant savings. I rate F5 Advanced WAF at a nine out of ten.

We use this solution for load balancing and web application firewall (WAF) services. We use the solution standalone and not integrated with other solutions.

It provides web application security and reduces bot attacks.

The web attack signatures are very important for detecting attacks, and the bot detection capability is an important feature that works well with F5 Advanced WAF.

The product could be more user-friendly for administrators. The user interface could be easier.

I have been using it for almost three years.

The solution is very stable. I would rate its stability as nine out of ten.

Very scalable. We use this solution for multiple customers and across data centers.

The solution offers good support. That said, sometimes it takes too much time to reach the right person.

Positive

I have also worked with Citrix NetScaler and F5 products, depending on customer needs.

The initial configuration is not too difficult, but subsequent configurations can be complex because they depend on customer needs.

I don't have direct knowledge of the pricing. From what I know, it is not too expensive compared to other solutions.

I am familiar with F5 and Citrix NetScaler solutions.

I recommend this product to others because of its effectiveness in mitigating threats.

I'd rate the solution eight out of ten.

We use the solution for load balancing and web application firewall (WAF) balancing. We operate in a data center and use it for web application security and services.

The solution provides strong web security, particularly against web attacks, and has effective bot detection that helps reduce bot attacks.

Web attack signatures are very important for detecting web attacks. The bot detection feature is also crucial in reducing bot attacks.

The product could be more user-friendly, particularly the user interface for administrators. Additionally, configuration can be quite complex and needs improvement to be less complex.

I've been using it for almost three years.

The product is very stable. From one to ten, I would rate its stability at a nine out of ten.

The solution is scalable. We use it for multiple customers and data centers, and I would rate its scalability as nine.

The customer service is good. That siad, sometimes it takes too long to reach the right person. I would rate their effectiveness as an eight.

Positive

I am familiar with Citrix NetScaler and F5.

The initial setup was not too challenging. Post-initial configurations can be complex.

Two to three engineers are typically involved in maintenance operations.

I don't know the exact pricing. It is not the cheapest yet not the most expensive. It depends on needs, budget, and vision.

I have experience with Citrix solutions.

I recommend this product to others.

I'd rate the solution eight out of ten.

Our clients mostly have their own applications, such as banking apps, and use F5 Advanced WAF to avoid vulnerabilities and threats on both the application layer and transport layer. 

We create web policies for their apps and configure ASM signatures to prevent vulnerabilities. After configuring the policies, I monitor logs continuously to block vulnerability attacks and assist clients in addressing any issues.

One of the things that surprised me the most about F5 devices is their compatibility with the existing infrastructure of most customers. They can be easily integrated between the main firewall and back end servers, making it a seamless addition to enhance security.

The traffic learning feature stands out as the most valuable. When an app is accessed, the log generated in F5 Advanced WAF provides suggestions on what actions to take. This feature is particularly beneficial in new vulnerability scenarios, offering guidance based on learned data. 

Additionally, I appreciate the way F5 Advanced WAF builds policies by configuring a basic policy and queuing it in learning mode. The solution learns from logs, and based on that learning, I configure ASM signatures.

The GUI interface can be confusing due to similar-looking tabs for policy building, traffic learning, and event logs. A more explanatory GUI would be beneficial. However, F5 solutions are a bit expensive compared to others, although they provide the best service and options.

I have been working with F5 Advanced WAF for around six months.

The solution is very stable. I would rate it a nine out of ten for stability.

F5 Advanced WAF is very scalable, and I would rate its scalability as nine out of ten.

F5 support is excellent and deserves a ten out of ten. Their technical support is responsive and helpful, making the overall experience very satisfactory.

Positive

I have not worked with many other vendors as extensively as F5, but I have some knowledge of FortiWAF. FortiWAF has fewer options compared to F5, particularly in features like iRULES, which offers more flexibility for traffic management and coding.

The initial setup is not very lengthy. Once the device is on-premises, configuring and managing it is quite efficient, though the entire project from start to end may take about a month to a month and a half.

I work with a team of five to six network engineers across different cities, providing support and collaboration for client deployments.

The return on investment is quite high with F5 solutions. Customers prefer F5 for their superior service and features, despite the higher cost.

F5 is on the expensive side but offers superior solutions and options. Customers are willing to pay for the quality and features provided.

I have some knowledge of FortiWAF, but F5 provides more options, especially with features like iRULES for managing traffic.

I would recommend F5 Advanced WAF to other users. It provides excellent features, flexibility, and support.

I'd rate the solution ten out of ten.

We use F5 Advanced WAF to restrict attacks on our remote access VPN. We've implemented geolocations. Our APIs are exposed over the Internet, so we've utilized F5 Advanced WAF to protect those APIs, and it's integrated with our other applications.

The WAF solution works perfectly fine. If we face any issues, we get hotfixes from the solution experts. It is a little bit difficult to engage with a solution expert firsthand, but once they're engaged, they do whatever is best to resolve the issue.

We faced a lot of outside attacks on our VPNs and APIs, so the geolocation feature works perfectly fine for us. We use iRules as well. Our internal access VPN is advertised from a Cisco firewall, and above that, we have an F5 LTM. We have written some iRules on it to minimize the effects of attacks.

We are a PCI DSS-compliant organization, and we have a lot of security balance to improve our infrastructure. So we use this software to meet those requirements. It works well. So, F5 helped to meet compliance and regulatory requirements.

It's pretty smooth. Whichever load we put on it, we've observed minimal chances of the WAF exploiting the memory or sessions hanging. 

The bot protection aspect works perfectly fine. All the solutions and features are renewed and they're working well. I don't see anything that can be improved.

We also leveraged AI initiatives. 

Support is a little slow, but the solution itself is great. If I compare F5 and Fortinet, the main issue is the support. With Fortinet, it takes less time to engage a support engineer and get things sorted compared to F5.

I have been using F5 Advanced WAF since last January.

I work for a US-based firm, and the project I deal with relies heavily on F5 and F5 LTMs.

I work on both F5 BIG-IP cloud and on-premises and F5 LTM.

It is a stable product. 

The physical hardware is not as scalable. We have to decide which version is best for us to procure because it is a costly device. So we try our best to get all the juice out of one box.

There's around 2500 users getting services from the F5. In my team, we are twelve engineers who are managing the infrastructure.

Support is a little slow, but the solution itself is great. If I compare F5 and Fortinet, the main issue is the support. With Fortinet, it takes less time to engage a support engineer and get things sorted compared to F5.

I'll give F5 a five because it is difficult to engage an engineer and get the issue sorted. For Fortinet, I'd give them a nine.

Neutral

The initial setup process of the F5 WAF product is straightforward. There isn't an issue in setting up from scratch. We use F5 with the cloud as well, especially in Azure and AWS.

The deployment took around half an hour for an engineer to get the basic infrastructure done.

It is not difficult to manage bug fixes, upgrades, and everything. It doesn't take much time. The dashboards are good. All the basic information is given to us on the first page, and it's easy to manage.

It brings a return on investment.

It is a little bit costly, but it has all the features that are required.

I would recommend F5 Advanced WAF to other users looking to implement it.

My advice:

A lot of organizations are financially constrained when buying devices. So if the organization is capable of maintaining and managing a device like F5, we suggest F5. Otherwise, we suggest other solutions, like Fortinet or Citrix.

Overall, I would rate it an eight out of ten because of the support.

We use the solution for load balancing.

They should improve the capability, and then they should work on the virtualization of NGINX. Currently, most environments are virtualized. F5 Advanced WAF will not be able to protect it.

I have been using F5 Advanced WAF as a reseller for 5 years.

Technical support is good but not enough. It takes a lot of time to get support.

Neutral

The initial setup is not so easy nor not so complex. There is a learning phase, and there are policies to apply. It complies with regulations. Recently, we used it for Formula One, and it proved very effective.

ROI is covered in one year. You can see how it protects and mitigates damages in the network.

The product is not so expensive. It depends on the assets.

There are other solutions for data loss prevention, such as Symantec and IP solutions. There are options available for DNS blocking. While these solutions may specialize in certain aspects, They offer comprehensive coverage across various areas. Each vendor specializes in different aspects, but F5 Advanced WAF excels in its particular domain.

I recommend the solution. Most of the environment is going to virtualization.

Overall, I rate the solution an 8 out of 10.

Our company uses two versions of F5 Advanced WAF. The solution is used to protect against web hacking bots. 

F5 Advanced WAF has improved our organization's security posture by fending off all types of attacks. The solution has been successful in mitigating not just one kind of attack but also rare attacks that disturb the OS and try to achieve a denial of service. The solution has saved our company from performance deterioration and also enhanced security.   

The solution's most valuable features include application DDoS protection, bot blocking, and HTTP header verifications. The solution protects against seven types of DDoS attacks. 

More legacy protocols should be added to the solution. The aforementioned protocols are generally less used and might have been phased out from multiple solutions. But some of the large corporations that are clients of our company are unwilling to let go of applications that have been developed.

The aforementioned clients believe that as some of the new websites do not use these technologies, it wouldn't be ideal to replace the existing applications; for example, a bank with millions of dollars connected to a software wouldn't be willing to replace it instantly.

It often takes years for enterprise-level businesses to replace applications. The vendor of F5 Advanced WAF needs to consider that even if legacy protocols are not necessarily used for new projects, existing or prior applications projects rely heavily on them, and such protocols need to be protected until they are completely phased out of the market.

The vendor needs to provide complete support for the legacy protocols, just like the latest protocols in the market, until they are assured that none of the customers are using them. 

I would like to witness the expansion of the supported protocols set by the solution. The tool should be promoted as an advanced protection solution that supports all types of protocols. In future versions, some protocols offered by the solution need to be more specialized. All public-facing protocols should be added to F5 Advanced WAF. 

I have been using F5 Advanced WAF since 2018. 

If the solution is setup by professional services, then it will exhibit outstanding stability, otherwise there might be issues. I would rate the stability an eight out of ten. 

I would rate the scalability a nine out of ten. The solution is highly scalable and accommodating. The solution also allows troubleshooting due to its scaling capacity. The backend system of the solution allows the accommodation of solutions that one can pickup. 

In our company, there are about ten users of F5 Advanced WAF, and it's being used daily. Our organization also plans to increase the usage and the number of users for the solution. The tool's performance has benefitted application delivery in our organization. 

I would rate the tech support a seven out of ten. The tech support quality is slightly above average. The support team's first responders to raise tickets are not skilled engineers.

Large enterprises usually expect their issues to be resolved within a few minutes, so in a support process where first responders collect information and if they are unable to tackle it, the issue gets escalated, which overall becomes a huge, time-consuming process. The vendor should provide highly skilled first responders to large clients of F5 Advanced WAF, as for each second the solution is down, the clients might be losing money. 

Neutral

Before F5 Advanced WAF, our organization used IPS and Fortinet. Fortinet could only handle simple tasks, and F5 Advanced WAF is better for specialized application protection and scalability. Fortinet has a quick and easy setup process that doesn't require highly skilled engineers, making it suitable for resource management. 

I would rate the initial setup a seven out of ten. F5 Advanced WAF offers an easy setup process. Our company works with both the cloud and on-premise versions of the product. The solution's deployment, including the configuration, can takefour to five days. One engineer is enough to deploy F5 Advanced WAF for a single system.

The frequency of maintenance depends upon the setup of the solution; in case of faulty setup, the administration overhead will be greater due to repeated maintenance needs to fix issues. Often, customers invest in professional services to setup F5 Advanced WAF, following which an engineer can implement the maintenance. If professional services are not availed to setup the solution, it can take up to a month. 

The solution provides an ROI. When professional services install it, it has low administrative overhead and increases performance due to its scaling capacity. The solution can be used with any specific client or application as it allows user programming to be open-source. With F5 Advanced WAF, our company is able to adapt to the versatile requirements of clients. I would rate the ROI of the solution a nine out of ten. 

I would rate the pricing as seven out of ten. Sometimes, for specific models, additional licenses over the standard one need to be purchased. F5 Advanced WAF doesn't offer a single license that fits all use cases; the user needs to choose the license format. A structured license is usually preferred for F5 Advanced WAF. 

Our company also evaluated Palo Alto products, but F5 Advanced WAF offered superior scalability. 

The solution mainly provides automated responses; once the solution is set up and trained properly, it requires minimal intervention. As the solution is completely automated our company team has to only check the reports. 

But there is an elaborate setup process where, as part of our company, we deploy applications in an environment, implement work policies, and use automated software to simulate multi-vendor attacks and web hacking to test the solution's ability to detect attacks and, accordingly, we make adjustments to the flexible solution. 

After the simulation testing, the policy implemented for the solution is put in a station period where it won't be flexible initially, and then reporting is implemented, which will escalate to the anticipated restriction level soon. 

After the policies' staging period, when the solution has completed learning through simulations and our company feels confident with the test product in the active environment, the solution becomes automated from that point, and manual intervention is not necessary. A highly skilled team is needed for the abovementioned solution training process. 

Our company develops multiple applications internally as our work sites are not ready, and varying results are expected from different work sites, webpages, or newly added features. When a new feature is added to the solution, we revert back to the deployment process to test it. Our company needs to ensure that the in-house developed features that are integrated into the solution are not prone to attacks through simulation testing every time.

Our company feels confident when the solution's policies are developed through the staging, simulation and rule enforcement process. The aforementioned process helps with reports and also with performance. In our company, we have also encountered websites that didn't function well with the solution; even though the websites were functioning properly, the performance deteriorated slowly. Many attackers nowadays venture beyond the threshold, which might be difficult to capture.

If we consider any service or web applications over the internet that is attacked beyond the threshold, it wouldn't be a blind attack for the application owners as it would get blocked immediately, but instead, they progress slowly with the attack and ramp up once they can change the IP addresses and identify a suitable angle of attack, until these attacks get blocked they can affect your service.

Sometimes, a few of our organization's clients complain about the solution working slowly, even without apparent attacks. For example, if you're a trader, the website might function well enough most of the time, but sometimes you have to buy or sell within minutes, whereas if it doesn't work, you need to visit a different website, which can also be the goal of attackers. 

F5 Advanced WAF also allows you to write your own code for the interface.  F5 Advanced WAF specializes in behavior identification, which helps in superior attack mitigation. I would advise others to get the solution setup only by specialized or professional services. I would rate F5 Advanced WAF a nine out of ten. 

Primarily, the Advanced WAF sits behind our network perimeter. It centralizes traffic flow to our network, filters requests, and identifies any potential threats.

It helps us detect threats or malicious requests coming into the network, protecting it from being hacked. It helps guard against issues like cross-site scripting (XSS) and other similar threats.

So, F5 Advanced WAF helped mitigate bot traffic for our web applications.

Moreover, my experience is that it's pretty straightforward to use. Our firewall team handles requests through a change management tool within scheduled change windows. However, F5 is our only firewall solution.

It's a valuable tool to protect web servers exposed to the external network. With numerous web applications running on Apache or IIS servers, the F5 Advanced WAF's threat detection capabilities protect the network before traffic reaches those servers.

It's a fairly easy-to-use and user-friendly tool. My administrators and team also like its ability to customize the rules per the requirements. 

The self-service aspect could be improved. 

The user interface (UI) also seems a bit outdated. Making it more user-friendly would be beneficial.

We've been using it for approximately five to six years.

I would rate the stability a ten out of ten. It is a stable product. 

It is pretty good. I would rate the scalability a seven out of ten.

Ssometimes, the way our enterprise handles change requests might slow things down because of the internal rules and processes. But these changes, once approved, do take effect immediately on the firewall itself. 

We have a change window twice a week for these requests. I don't think the limitation is with the firewall itself; it's more about our internal procedures.

Overall, I would rate the solution an eight out of ten because I have seen that not too much customization is required during setup. The change requests we submit are usually clear and easily applied. 

Overall, the policies work well, and the threat detection is good. It catches deviations and anomalies effectively.

From a recommendation standpoint, it's a fairly easy tool to use. However, you definitely need some knowledge about scripting, OWASP fundamentals, threat detection, and general cybersecurity principles to get the most out of it.