• Home
  • Akamai App and API Protector vs. AWS WAF

AWS WAF vs Akamai App and API Protector comparison

Cancel
You must select at least 2 products to compare!
Akamai Logo
Akamai App and API Protector
Read 27 Akamai App and API Protector reviews
5,056 views|3,843 comparisons
100% willing to recommend
Amazon Web Services (AWS) Logo
AWS WAF
Read 52 AWS WAF reviews
17,303 views|13,553 comparisons
82% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
AWS WAF vs. Akamai App and API Protector
March 2024
Executive Summary

We performed a comparison between Akamai App and API Protector and AWS WAF based on real PeerSpot user reviews.

Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed AWS WAF vs. Akamai App and API Protector Report (Updated: March 2024).
Download the complete report
771,157 professionals have used our research since 2012.
Q&A Highlights
Question: Can you share your experience on migration from Akamai Kona Site to Amazon CloudFront and AWS WAF?
Answer: From people who have helped customers migrate from Akamai Services to Amazon CloudFront and AWS WAF, here's information on the migration process: The migration process may involve the following steps, as reported by others: Assess your current Akamai configuration, including identifying all of the content you deliver through Akamai and any specific rules or settings you are using. Design your new Amazon CloudFront and AWS WAF configuration, including choosing the right Amazon CloudFront distribution type, configuring caching and delivery settings, and creating AWS WAF rules to protect your content. Migrate your content to Amazon CloudFront by uploading files to Amazon CloudFront or using a CloudFront Content Delivery Network (CDN) migration tool. Once your content has been migrated to Amazon CloudFront, you must update your DNS records to point to Amazon CloudFront instead of Akamai. Once your DNS records have been updated, test your new Amazon CloudFront and AWS WAF configuration to ensure it works as expected. Many have shared that their experience using Amazon CloudFront and AWS WAF has been positive and that Amazon CloudFront is a reliable and scalable CDN you could use to deliver content to users worldwide with high performance. At the same time, AWS WAF is a powerful Web Application Firewall that can protect your content from various attacks.
Read more →
Featured Review
PallaviSharma
A scalable and reliable solution that has effectively secured our apps
All the solution's features are very good. Security-wise, BMP has helped us a lot. Hopefully, the account protector will also be good.
Prasanth MG
Allows us to set up security rules and has a good scalability
The solution helps our organization to comply with our security standards.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Traffic filtering and WAF are valuable.""I can attest to its benefits in terms of understanding and mitigating threats...The solution's technical support team seems to be pretty responsive.""We are getting security for each and every API.""The product has a good user interface.""The most valuable feature is the DDoS protection, which is the main reason we got it.""The dashboard is the most interesting feature of the Akamai portal where you can have a detailed analysis of all the attacks that are happening. You can drill down an issue and see exactly what is happening, who are the bad guys attacking your website, and how Akamai is protecting the website. That is the most valuable feature.""It enables us to move faster with new products because we have this layer of protection set up in our infrastructure.""The product is user-friendly."

More Akamai App and API Protector Pros →

"The most valuable feature is the scalability because it automatically scales up or scales down as per our requirements.""It is a one-click WAF with no effort needed.""The most valuable feature is the addition of managed tools that help us create customizable rules. In case we want to block a particular request, we can make use of those rules.""This is not a product that you need to install. You just use it.""Their technical support has been quite good.""The stability of AWS WAF is valuable.""AWS WAF has a lot of integrated features and services. For example, there are security services that can be integrated very well for our customers.""The tool’s stability is very good."

More AWS WAF Pros →

Cons
"The solution could offer even more integrations.""We are experimenting with EdgeWorkers to write our own code at the Edge level. It could grow to be much better.""It would be better if there weren't any issues with latency. We had latency issues, but I think they are all solved now.""The WAF features definitely have a lot of room for improvement. A lot of the WAF is really basic. For some products or some of our solutions, we need to run a second layer of more advanced WAF. If it had better layer seven protection then we would not need a second WAF.""They are already very flexible, but room for improvement is there. Reports generation could be better and should be improved.""There are some issues with pushing configurations across a network. It still takes about 20 minutes and that means to retract it's another 20 minutes.""The pricing could be reduced a bit.""One thing I asked them is to integrate the API discovery product that they have and push that data into Akamai App and API Protector so that we do not have two types of reviews to identify the type of traffic. We already know the APIs that are frequently getting used, so analysis becomes easier. We can integrate both products and use them."

More Akamai App and API Protector Cons →

"The user experience, the interface, is lacking. Sometimes it's hard to find certain areas that it has alerted on.""The solution is cloud-based, and therefore the billing model that comes with it could be more intuitive, in my opinion. It's very easy to not fully understand how you tag things for billing and then you can quite easily run up a high bill without realizing it. The solution needs to be more intuitive around the tagging system, which enables the billing. Right now, I have a cloud architect that does that on our behalf and it isn't something that a business user could use because it still requires quite a lot of technical knowledge to do effectively.""We must monitor and clean up the WAF manually.""We should be able to do proper whitelisting.""It would be better if AWS WAF were more flexible. For example, if you take a third-party WAF like Imperva, they maintain the rule set, and these rule sets are constantly updated. They push security insights or new rules into the firewall. However, when it comes to AWS, it has a standard set of rules, and only those sets of rules in the application firewalls trigger alerts, block, and manage traffic. Alternative WAFs have something like bot mitigation or bot control within the WAF, but you don't have such things in AWS WAF. I will say there could have been better bot mitigation plans, there could have been better dealer mitigation plans, and there could be better-updated rule sets for every security issue which arises in web applications. In the next release, I would like to see if AWS WAF could take on DDoS protection within itself rather than being in a stand-alone solution like AWS Shield. I would also like a solution like a bot mitigation.""An improvement area would be that it's more of a manual effort when you have to enable rules. That's one of the downsides. If that can be done in an automated way, it would be great. That's a lagging feature currently.""The solution could improve by having better rules, they are very basic at the moment. There are more attacks coming and we have to use third-party solutions, such as FIA. The features are not sufficient to prevent all the attacks, such as DDoS. Overall the solution should be more secure.""When users choose the free service, there isn't great support available to them."

More AWS WAF Cons →

Pricing and Cost Advice
  • "There is no license at all for Akamai. They are going to charge us only for the usage."
  • "The price they are offering is quite reasonable for premium customers, but it's very expensive if you're a small and medium-sized enterprises."
  • "Cost depends on the volume of traffic."
  • "The solution is not expensive."
  • "The product’s price is high."
  • "The solution is expensive."
  • "Akamai Web Application Protector is an expensive product."
  • "Price-wise, I would say Akamai's pricing is competitive."

    • More Akamai App and API Protector Pricing and Cost Advice →

  • "It's an annual subscription."
  • "There are no costs in addition to the standard licensing fees."
  • "There are different scale options available for WAF."
  • "AWS is not that costly by comparison. They are maybe close to $40 per month. I think it was between $29 or $39."
  • "It has a variable pricing scheme."
  • "We are kind of doing a POC comparison to see what works best. Pricing-wise, AWS is one of the most attractive ones. It is fairly cheap, and we like the pricing part. We're trying to see what makes more sense operation-wise, license-wise, and pricing-wise."
  • "It's quite affordable. It's in the middle."
  • "The pricing should be more affordable, especially as it pertains to small clients."

    • More AWS WAF Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    See Recommendations
    771,157 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Akamai Web Application Protector?
    Top Answer:The product is user-friendly.
    Read all 11 answers   →
    What is your experience regarding pricing and costs for Akamai Web Applic...
    Top Answer:The product is expensive, but it is worth the money.
    Read all 9 answers   →
    What needs improvement with Akamai Web Application Protector?
    Top Answer:The custom rules must be improved. If we have a domain to be monitored, we can use the solution to alert us if a certain specification is met. If we need only 20,000 transactions, but there are 40,000… more »
    Read all 11 answers   →
    What are the limitations of AWS WAF vs alternative WAFs?
    Top Answer:Hi Varun I have had experienced with several WAF deployments and deep technical assessments of the following: 1. Imperva WAF 2. F5 WAF 3. Polarisec Cloud WAF Typical limitations on cloud WAF… more »
    Read all 2 answers   →
    How does AWS WAF compare to Microsoft Azure Application Gateway?
    Top Answer:Our organization ran comparison tests to determine whether Amazon’s Web Service Web Application Firewall or Microsoft Azure Application Gateway web application firewall software was the better fit for… more »
    What do you like most about AWS WAF?
    Top Answer:The most valuable feature of AWS WAF is its highly configurable rules system.
    Read all 40 answers   →
    Ranking
    8th
    out of 82 in Web Application Firewall (WAF)
    Views
    5,056
    Comparisons
    3,843
    Reviews
    16
    Average Words per Review
    669
    Rating
    8.6
    1st
    out of 82 in Web Application Firewall (WAF)
    Views
    17,303
    Comparisons
    13,553
    Reviews
    30
    Average Words per Review
    415
    Rating
    8.4
    Comparisons
    Also Known As
    Akamai Web Application Protector, Akamai Kona Site Defender, Akamai Kona DDoS Defender
    AWS Web Application Firewall
    Learn More
    Akamai
    Amazon Web Services (AWS)
    Overview

    Akamai App & API Protector brings together web application firewall, bot mitigation, API security, and Layer 7 DDoS protection into a single solution. It quickly identifies vulnerabilities and mitigates threats across your entire web and API estates — even for the most complex distributed architectures. Recognized as the leading attack detection solution on the market, App & API Protector is easy to implement and use. It delivers automatic updates for security protections and provides holistic visibility into traffic and attacks.

    AWS Web Application Firewall (WAF) is a firewall security system that monitors incoming and outgoing traffic for applications and websites based on your pre-defined web security rules. AWS WAF defends applications and websites from common Web attacks that could otherwise damage application performance and availability and compromise security.

    You can create rules in AWS WAF that can include blocking specific HTTP headers, IP addresses, and URI strings. These rules prevent common web exploits, such as SQL injection or cross-site scripting. Once defined, new rules are deployed within seconds, and can easily be tracked so you can monitor their effectiveness via real-time insights. These saved metrics include URIs, IP addresses, and geo locations for each request.

    AWS WAF Features

    Some of the solution's top features include:

    • Web traffic filtering: Get an extra layer of security by creating a centralized set of rules, easily deployable across multiple websites. These rules filter out web traffic based on conditions like HTTP headers, URIs, and IP addresses. This is very helpful for protection against exploits such as SQL injection and cross-site scripting as well as attacks from third-party applications.
    • Bot control: Malicious bot traffic can consume excessive resources and cause downtime. Gain visibility and control over bot traffic with a managed rule group. You can easily block harmful bots, such as scrapers and crawlers, and you can allow common bots, like search engines and status monitors.
    • Fraud prevention: Effectively defend your application against bot attacks by monitoring your application’s login page with a managed rule group that prevents hackers from accessing user accounts using compromised credentials. The managed rule group helps protect against credential stuffing attacks, brute-force login attempts, and other harmful login activities.
    • API for AWS WAF Management: Automatically create and maintain rules and integrate them into your development process.
    • Metrics for real-time visibility: Receive real-time metrics and captures of raw requests with details about geo-locations, IP addresses, URIs, user agents, and referrers. Integrate seamlessly with Amazon CloudWatch to set up custom alarms when events or attacks occur. These metrics provide valuable data intelligence that can be used to create new rules that significantly improve your application protections.
    • Firewall management: AWS Firewall Manager automatically scans and notifies the security team when there is a policy violation, so they can swiftly take action. When new resources are created, your security team can guarantee that they comply with your organization’s security rules.

    Reviews from Real Users

    AWS WAF stands out among its competitors for a number of reasons. Two major ones are its user-friendly interface and its integration capabilities.

    Kavin K., a security analyst at M2P Fintech, writes, “I believe the most impressive features are integration and ease of use. The best part of AWS WAF is the cloud-native WAF integration. There aren't any hidden deployments or hidden infrastructure which we have to maintain to have AWS WAF. AWS maintains everything; all we have to do is click the button, and WAF will be activated. Any packet coming through the internet will be filtered through.”

    Sample Customers
    Douglas Omaha Technology Commission, ZALORA, PrintPlanet
    eVitamins, 9Splay, Senao International
    Top Industries
    REVIEWERS
    Computer Software Company21%
    Retailer16%
    Financial Services Firm16%
    Leisure / Travel Company11%
    VISITORS READING REVIEWS
    Financial Services Firm28%
    Computer Software Company13%
    Manufacturing Company8%
    Insurance Company6%
    REVIEWERS
    Computer Software Company25%
    Manufacturing Company13%
    Energy/Utilities Company8%
    Media Company8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm13%
    Manufacturing Company7%
    Comms Service Provider6%
    Company Size
    REVIEWERS
    Small Business15%
    Midsize Enterprise22%
    Large Enterprise63%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise13%
    Large Enterprise71%
    REVIEWERS
    Small Business37%
    Midsize Enterprise20%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise14%
    Large Enterprise63%
    Buyer's Guide
    AWS WAF vs. Akamai App and API Protector
    March 2024
    Free Report: AWS WAF vs. Akamai App and API Protector
    Find out what your peers are saying about AWS WAF vs. Akamai App and API Protector and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    771,157 professionals have used our research since 2012.

    Akamai App and API Protector is ranked 8th in Web Application Firewall (WAF) with 27 reviews while AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews. Akamai App and API Protector is rated 8.4, while AWS WAF is rated 8.0. The top reviewer of Akamai App and API Protector writes "Easy to learn and gives us a report of traffic". On the other hand, the top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". Akamai App and API Protector is most compared with Cloudflare Web Application Firewall, Microsoft Azure Application Gateway, Prolexic, AWS Shield and Arbor DDoS, whereas AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, F5 Advanced WAF, Imperva Web Application Firewall and Cloudflare. See our AWS WAF vs. Akamai App and API Protector report.

    See our list of best Web Application Firewall (WAF) vendors.

    We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.