AWS WAF Reviews & Product Details - Page 5

It is a great solution that allows protecting the environment of web applications of different types of attacks such as xss scripting, injection sql and the entire vulnerability map defined in the owasp project (Open Web Application Security Project).

With this solution you can define a set of rules that allow you to filter web traffic in order to mitigate the exposure gap when exploiting vulnerabilities in web applications. Review collected by and hosted on G2.com.

In this case, I do not have articles that I do not like about this solution, the embargo to be able to configure the rules is important to have knowledge about the vulnerabilities that extend the web applications in order to determine which is the package of rules that adapts, of otherwise, false positives would be generated once the service is enabled. Review collected by and hosted on G2.com.

It's WAF as code when implemetned with cloudformation, making it a quick and repeatable WAF implementation. One of the biggest issues with typical WAF products is that they're placed inline and costly, or are host based and are a suck on the instance resources. Being able to apply your WAF rule at the edge (cloudfront) is vastly better than letting malicious traffic travel deep into the environment. Review collected by and hosted on G2.com.

Almost impossible to setup without using the AWS provided cloudformation template. However, once the template is used it's rather trivial to add in your own custom rules. My biggest dislike would be -> I honestly dont think the 3rd party tie-ins do anything. I would also like to see lower rate based options, 2k is rather high for a minimum. Review collected by and hosted on G2.com.

i have been working with WAF for 1 year , it protects web sites from Application and server OS vulnerabilities securely , it protects from uploading malicious content it also protects from sophisticated and targeted attacks , based on my own experience it becomes the most useful service while growing the web infrastructure because as you grow your infrastructure your website becomes more venerable for cyber attacks , it basically filters all the request coming towards web server and protects it from cyber attacks!! Review collected by and hosted on G2.com.

it's pricing are very higher than other services , quality of support provided is not so good other than this there is nothing to dislike about AWS WAF!! Review collected by and hosted on G2.com.

Pricing model, control, ease of change, technical support, pace of innovation are all outstanding. AWS WAF offers an API (by the way, a full-featured one) that automates security rules' creating, deploying, and maintaining. We like that the deployment of new rules can last just a few minutes. Apart from other reasons, this allows quickly responding to alterations in traffic patterns. Besides, AWS WAF allows monitoring Internet traffic in a mode close to real time, so we can quickly create new rules or warnings in Amazon CloudWatch. Review collected by and hosted on G2.com.

I think that documentation could be better but after all, this service is our choice number one. It provides various documentation which is helpful at the outset and also they have videos and other kinds of documentation as well. Review collected by and hosted on G2.com.

Can do what all modern WAF solutions can do without paying thousands of dollars extra. Review collected by and hosted on G2.com.

Compared to other WAF's it does not have a detailed console output of the events. Review collected by and hosted on G2.com.

Basically amazon is most trusted organization worldwide. And the firewall for web services enables the user to filter web requests and work accordingly. one can anytime restrict or accept request from any unknown client. Review collected by and hosted on G2.com.

There is nothing to dislike but one thing is that we need to configure it separately. It doesnt come along with the cloud web service. Review collected by and hosted on G2.com.

One feature I enjoy is being able to dynamically alter WAF rules based. We use traffic analysis tools to feed back into our WAF to dynamically respond to threats. Review collected by and hosted on G2.com.

It'd be great if there was a better interface or clarity of the WAF. We usually set it up through the CLI but the UI for WAF could be better. Review collected by and hosted on G2.com.

Easy setup when compared to other systems providing firewall services for web services. Single click enablement versus infrastructure deployment. Can be deployed for all LBs in the VPC without additional configuration. Review collected by and hosted on G2.com.

ONly able to set-up a single subscription per WAF. Example: F5 provides three separate subscriptions each addressing s specific need but only one can be added. Other rule sets need to be manually written. Review collected by and hosted on G2.com.

The functionality could be extended via lambda functions and the rules could be distributed across the whole system.

Easy to set up and really east to get started Review collected by and hosted on G2.com.

Limitations on the number of rules and also the price seems to be a little high Review collected by and hosted on G2.com.

100% the best thing about it is the pricing, especially compared with other commercial options. You can protect multiple workloads with a simple, affordable, AWS-api and console interface.There are commercial rulesets availalbe for very little money and that is super attactive. Review collected by and hosted on G2.com.

The one big drawbacks (curretnly) are the inability to link more than one commercial ruleset and the lack of control for where to redirect rejected traffic. Review collected by and hosted on G2.com.