Network Engineer at a tech services company with 11-50 employees
Aug 2, 2020
In terms of F5 Advanced WAF's most valuable features, I would definitely say its stability. F5 is one the most stable products. Either as the load balancer or the web application firewall, it is very stable.
The most valuable feature of F5 Advanced WAF is its grand unity of the implementation, where you have the freedom to configure based on how it affects your use case or your organization. With the default setting of implicit deny, you can gradually start defining and deploying the tool to align with your environment, whether it is outdated, recent, or futuristic. This allows you to customize the solution to protect you from threat actors. You have the ability to define what the advanced threat act should do - whether it should alert, deny, or both - and it will deliver based on your configuration. Unlike other online solutions, F5 Advanced WAF provides flexibility to deliver to your unique environment the way you want.
Security Consultant at a tech services company with 501-1,000 employees
Apr 18, 2022
Feature-wise, they are always cutting edge and up-to-date. Many features aren't available via competitors. There's always a lot of enhanced critical features that just aren't available through anyone else, or, if they are, are too lightweight.
SOC Analyst at a financial services firm with 1,001-5,000 employees
Jul 28, 2022
The most valuable feature of F5 Advanced WAF is its ability to have a pool of resources that can distribute your traffic, and that is a plus for me. My company tried to look into a competitor, Imperva, but it was lacking that capability, so F5 Advanced WAF outperforms Imperva.
Solution Architect at Softcell Technologies Limited
Nov 4, 2020
The valuable features vary from customers to customers. Some customers are okay with the basic features of the WAF, and some customers use advanced WAF with a few other features.
While F5 Advanced WAF does limit the number of partners in certain regions to ensure successful business transactions, they could also benefit from expanding their partnerships and making it easier for more people to learn about and become experts in F5 Advanced WAF. By doing so, they could increase the reach and exposure of their solution, similar to how Cisco has become widely recognized in the security industry.
Security Consultant at a tech services company with 501-1,000 employees
Apr 18, 2022
We usually use a third-party tool for logging and reporting. It would be nice if we could do that right on this solution. They have one, but it's not very stable. Logging and reporting effectively would be a big enhancement.
SOC Analyst at a financial services firm with 1,001-5,000 employees
Jul 28, 2022
For me, an area for improvement in F5 Advanced WAF is the reporting as it isn't so clear. The vendor needs to work on the reporting capability of the solution.
What I'd like to see in the next release of F5 Advanced WAF is threat intelligence to protect your web application, particularly having that capability out-of-the-box, and not needing to pay extra for it, similar to what's offered in FortiWeb, for example, any request that originates from a malicious IP will be blocked automatically by FortiWeb. F5 Advanced WAF should have the intelligence for blocking malicious IPs, or automatically blocking threats included in the license, instead of making it an add-on feature that users have to pay for apart from the standard licensing fees.
F5 Advanced WAF could improve resource usage, it is CPU intensive. Additionally, adding automated remediation would be a benefit. For example, an easy button alerts us of the events that are occurring, and what we want to do at the time. An automated approach where somebody could be alerted very quickly. Instead of going and reconfiguring everything, an automated approach is what I'm looking at.
Solution Architect at Softcell Technologies Limited
Nov 4, 2020
It should be a little bit easy to deploy in terms of the overall deployment session.
One of our customers is a bit unhappy about the reporting options. Currently, it automatically deletes event logs after some limit if a customer doesn't have any external Syslog server. It is a problem for those customers who want to review event logs after a week or so because they won't get proper reports or event logs. They should increase the duration to at least a month or two for storing the data on the device.
F5 is not a leader in Gartner Quadrant, which affects us when we go and pitch this solution. Customers normally go and take a look at such annual reports, and because F5 is currently not there as a leader, the customers ask about it even though we are saying it is good in all things.
F5 is not known for something totally different or unique. They were a major player in ADP, and they are just rebranding themselves into security. They should improve or increase their marketing as a security company now. They have already started to do that, but they should do it more so that when it comes to security, customers can easily remember F5. At the moment, if we say F5, load balancing comes to mind. With rebranding and marketing, all customers should get the idea that F5 is now mainly focusing on the security part of it, and it is a security company instead of load balancing. This is the first solution that should come to a customer's mind for a web application firewall.