F5 Networks offers the Advanced Web Application Firewall (WAF) to provide bot defense, advanced application protection, anti-bot SDK, and other features.
N/A
Oracle Dyn WAF
Score 9.0 out of 10
N/A
Oracle Dyn Web Application Security Platform extends beyond just typical Web Application Firewall (WAF) capabilities to offer Access Control, Bot Management, application DDoS protection and API security.
I believe that in the case of Big-IP F5, it has a lot of power, a lot of features including the VPN features and also the evaluation of security posture of the devices that connect through VPN. That's very solid and that's something that is not found in all the WAF solutions …
AWAF provides most complete web application and API protection; including L7 DoS; in custimer's multi cloud deployments whether on-premises, public cloud, private cloud, etc.
Currently, we are using our IPS tools and IDS tools, but for the applications, we also use endpoint detection and those kinds of tools. But the firewall is actually a very important tool rather than those products. Because it exactly happens at the layer that we really want it …
F5 WAF provides much more control and has a lot of features that can be used to protect your applications. You can have granular configuration settings per application and disable attack signatures on very specific scenarios whenever is needed. Also, the logs are very detailed …
Sure! Here's a made-up but professional response you can use or adapt depending on the context (e.g., a report, RFP, internal justification, etc.):
Describe how F5 BIG-IP Advanced WAF stacks up against them and why you selected F5 BIG-IP Advanced WAF.
After a long period of cyber security research and close encounters with distributed denial of service attacks, I chose to deploy Oracle Dyn Web Application Security Platform to safeguard our apps. Oracle Dyn provides my company with the security it needs for its important …
I have not used any other similar products to date, although I'm not sure what other use cases they could cover, I would be interested to try them out.
I already put this in earlier, but to repeat - they were easier to work with, more technically capable and knowledgeable and not just trying to sell us on something. Their willingness to solve for our problems and work with us made them the clear winner.
After several years involved with the issue of cyber security and having been very close with distributed denial of service attacks, having used several companies to protect our applications, I decided to opt for Oracle Dyn Web Application Security Platform. Definitely, Oracle …
At the time we chose Zenedge, Dyn WAF was the clear leader. AWS WAF is almost 100% manual with no preset rules. Akamai and CloudFlare both excelled in CDN and Anti-DDoS services, but not in WAF services. Since that time, however, several competitors have appeared as well as …
Advanced WAF is well suited for protection against account enumeration attacks, protection against known and new increasing attack vectors through out of the box attack signatures and threat campaigns. Also, up to date and accurate IP intelligence database to block based on known IP reputation.
Dyn WAF is a good product, don't get me wrong. Zenedge was constantly improving the product, adding new features on a regular basis. It works very well for dynamic websites, helping weed out SQL Injection, XSS, XSRF, and other attacks. We have also used this product to protect REST API endpoints. Again, the product works very well to repel attacks.
So the product definitely is helping us for sudden attacks through DDOS, some injection ingestion into UI URLs, and definitely it's capturing those and I definitely see that as an advantage for us. They can stop the hackers from using our endpoints.
With Oracle Dyn Web Application Security Platform we have a complete dashboard (dojo) to manage, configure, visualize, all the features and functionalities of the platform in a very simple and friendly way.
Oracle Dyn Web Application Security Platform support is something out of the ordinary. Oracle engineers are available 24/7, every day. There is no requirement that can not be satisfactorily addressed by them. The response time, by different ways, is almost instantaneous.
It is very easy to communicate with any Oracle official to discuss any topic.
Despite being a service with all the features to provide 100% protection, my experience is that the cost of Oracle Dyn Web Application Security Platform is worth it.
The UI for events. E.g., clicking the "Accept" button does nothing.
Traffic learning suggestions are often very incorrect. We were originally suggested to use "Automatic" learning, and had to completely scrap the policy due to the suggestions.
"All in one" dashboard for viewing application URL/parameter overrides per policy.
Most* of it is very intuitive and easy to use. The "Help" section is fairly fantastic. See some of my other comments about things like the "Traffic Learning" section being wildly wrong sometimes, and also the event logs with UI buttons that don't do anything. Overall though, it's an excellent product.
I believe that in the case of Big-IP F5, it has a lot of power, a lot of features including the VPN features and also the evaluation of security posture of the devices that connect through VPN. That's very solid and that's something that is not found in all the WAF solutions and so I haven't seen that in Azure.
I already put this in earlier, but to repeat - they were easier to work with, more technically capable and knowledgeable and not just trying to sell us on something. Their willingness to solve for our problems and work with us made them the clear winner.
In our case it has been great because the pricing is just right for all the features that we have on the platform and the flexibility. In fact, we acquired another license last year, so that's something that we're interested in. We are currently moving towards the cloud with our ERP systems and eliminating the IBM platform, so we would like to see that F5 virtual option available on Azure.