Overview
Product Information on AWS WAF
What is AWS WAF?
AWS WAF Pricing
Overall experience with AWS WAF
“AWS WAF Eases Integration But Requires Additional Investment In Managed Rule Sets”
“Limited Features Available Despite Ease of Use for New Tenant Solutions”
About Company
Company Description
Amazon Web Services (AWS), established in 2006, is focused on providing essential infrastructure services to businesses globally in the form of cloud computing. The key advantage offered through cloud computing, particularly via AWS, is its capacity to shift fixed infrastructure expenses into flexible costs. Businesses have been able to forgo extensive planning and procurement of servers and other Information Technology (IT) resources, owing to AWS. AWS seeks to provide businesses with prompt and cost-effective access to resources using Amazon's expertise and economies of scale, as and when their business requires. Currently, AWS offers a robust, scalable, economic infrastructure platform on the cloud powering an extensive array of businesses worldwide. It operates across numerous industries with data center locations in various parts of the globe including U.S., Europe, Singapore, and Japan.
Company Details
Do You Manage Peer Insights at Amazon Web Services (AWS)?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
User Sentiment About AWS WAF
Reviewer Insights for: AWS WAF
Deciding Factors: AWS WAF Vs. Market Average
Performance of AWS WAF Across Market Features
AWS WAF Likes & Dislikes
The best feature by far is its seamless integration with other AWS services. There are no extra servers to manage, no complex DNS changes to reroute traffic. You can attach the WAF to an ALB or CloudFront distribution with a few clicks, and it just works. The pay-as-you-go pricing model is also perfect for our budget, as we avoid the massive upfront cost of a traditional WAF appliance. I also really value the AWS Marketplace for WAF rules. Being able to subscribe to managed rule sets from other vendors gives us enterprise-grade protection without needing a dedicated security expert on staff to write and maintain complex rules.
easy to use on new tenant solutions
What I like most about AWS WAF is how smoothly it integrates with the rest of the AWS ecosystem. Managed rules are very effective against common threats, which saves time and effort. Also the flexibility to create custom rules for our applications it gives a strong balance of ease of use and control. Overall, it makes securing applications feel reliable.
The primary challenge is that the AWS WAF, by itself, is essentially a blank slate. Without adding managed rules, you are responsible for writing, testing, and maintaining every single rule yourself. This can be incredibly complex and time-consuming, and there's a real risk of writing a bad rule that either blocks legitimate traffic or fails to stop an attack. Consequently, the third-party managed rule sets are practically a requirement, which adds a significant and recurring cost on top of the base AWS WAF pricing. This hidden cost can be a surprise if you haven't budgeted for it.
some limitations with their packet inspection tooling
The only thing I would mention is about the initial learning of this as setting up the rules can feel complex. Pricing is also on the slightly higher side compared to othe competitors
Top AWS WAF Alternatives
Peer Discussions
AWS WAF Reviews and Ratings
- SENIOR CYBERSECURITY ENGINEER1B-10B USDTransportationReview Source
AWS WAF Eases Integration But Requires Additional Investment In Managed Rule Sets
For our small subsidiary, which is fully invested in the AWS ecosystem, using the AWS WAF was a natural and logical choice. Our overall experience has been very positive. It provides a robust layer of security for our public-facing applications running behind our Application Load Balancers and CloudFront distributions. The ability to deploy and manage it natively within the AWS console is a huge operational advantage for a small IT team like ours. It effectively blocks the common web exploits we worry about, but it's not a simple "on" switch; it requires a thoughtful approach to rule management. - IT SERVICES ASSOCIATE50M-1B USDIT ServicesReview Source
Seamless protection with easy integration into the AWS System
The overall experience with AWS WAF is really good. The integration with other AWS services is smooth and it provides good customization. It offers a strong protection with the managed rules that cover almost all threats. - DC & CLOUD MANAGER50M-1B USDConsumer GoodsReview Source
Cloudfront Integration Simplifies Setup But Advanced Protection Increases Cost
The product works well in most cases; there are cases where some extra features or flexibility could be added to be more intuitive. To fully leverage its benefits, it requires more advanced skills or add customized rules. Although they have improved the console, it needs more improvement. - SR. SYSTEMS ADMINISTRATOR<50M USDMediaReview Source
AWS WAF Effectively Blocks Threats But Legitimate Traffic Investigations Can Be Complex
We have been using AWS WAF to secure our websites and API's. It protects the published services from DDoS, vulnerabilities and other bot attacks. We have found it to be instrumental since we haven't encountered any breaches or downtime associated with the resources that WAF is protecting. - Security Analyst50M-1B USDSoftwareReview Source
AWS WAF is excellent, but requires extra products to complement it, raising costs
We use AWS WAF as a complement to other WAFs to prevent incoming traffic at an upper layer together with CloudFront, and it performs excellently overall.