Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

Barracuda 660v WAF: Feature Limitations Compared to F5 BIG-IP WAAP

Nishal_Rai
Cirrostratus
Cirrostratus

‎13-Sep-2023 23:05

Hey there!


If anyone has experience using Barracuda 660v WAF, it would be great to hear your insights! I'm particularly interested in understanding its major feature limitations when compared to F5 BIG-IP WAAP.

Feel free to share your thoughts in a casual and informal manner.

Looking forward to hearing from you!

Labels:
4 REPLIES 4

whisperer
Nacreous
Nacreous

‎16-Sep-2023 17:32

At a high level, F5 WAAP is delivered via Distributed Cloud. So, you would use the F5 cloud infrastructure to provide this protection, prior to requests going to your origin servers. Instead of maintaining a Barracuda virtual appliance, and mucking around with maintenance (upgrades), you would shift this task onto F5 where they provide incremental updates to the WAAP solution themselves (as they host it). Lot less work for you 🙂

0 Kudos

Nishal_Rai
Cirrostratus
Cirrostratus
In response to whisperer

‎22-Sep-2023 02:13

Hello Whisperer,


Thank you for the overview of the F5 WAAP in contrast with Barracudda virtual appliance. However, I'm looking specific features comparision between F5 WAAP 200Mbps VS Barracuda 660v WAF (200Mbps) such as

Barracuda 660v Feature Limitation 

F5 Feature Advantages 

Total number of Backend servers that can be inspected = 10 – 12 

https://www.barraguard.com/660-Vx.asp (Compare section) 

No Limit on backend server, can inspect servers within 200Mbps throughput limits 

Escalation of the prevention methods for the L7 DDoS protection is not available. 

 

https://campus.barracuda.com/product/webapplicationfirewall/doc/19693870/configuring-ddos-policy/ 
 

F5 provides the mechanism to escalate the prevention methods against the triggered L7 DDoS attacks. 

 

https://my.f5.com/manage/s/article/K13410341 

Barracuda maintains its own threat intelligence network that provides updates on emerging threats and vulnerabilities. 

 

https://campus.barracuda.com/product/webapplicationfirewall/doc/95260599/barracuda-active-threat-int...  

F5 leverages a global threat intelligence network that continuously monitors and analyzes web traffic patterns and security threats. 

 

https://www.f5.com/labs/learning-center#sort=relevancy  

 

https://www.f5.com/pdf/products/f5_threat_campaigns_waf.pdf  

 

https://www.f5.com/pdf/products/ip-intelligence-service-ds.pdf  

 

Suitable for small to medium-sized enterprises (SMEs), with potential limitations in scalability compared to larger solutions. 

Designed for large enterprises and service providers, offering high scalability and performance for demanding environments. 

The storage capacity for virtual appliances is around 1 million per log type. 

 https://campus.barracuda.com/product/webapplicationfirewall/doc/74547230/log-storage-capacity/  

The total storage capacity is around 3 million requests (search for million ) 

 https://my.f5.com/manage/s/article/K37655278  

No such score summary in terms of OWASP compliance and PCI DSS are available. 

F5 provides the score, in terms of OWASP guidelines and PCI DSS, of the deployed security policies. 

https://community.f5.com/t5/technical-articles/making-waf-simple-introducing-the-owasp-compliance-da...  
 
https://my.f5.com/manage/s/article/K61263495  

Barracuda does not have such features or mechanism to control and manage the IP application traffic.  

IRule provides unprecedented power over IP application traffic manipulation and management. 

 

TCL language for better web scripting  

https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-concepts-11-5-1/19.html#:~:... 


Is there any other reamining features to be discussed in the similar manner?

0 Kudos

whisperer
Nacreous
Nacreous
In response to Nishal_Rai

‎22-Sep-2023 04:47 - edited ‎22-Sep-2023 04:47

The important thing to ask and document, would be what are business or security requirements. Then it is easy to draw comparisons between 2 competing products.

If you are looking for sales positioning and differentiation here, I would certainly suggest you contact your partner engineer or F5 sales engineer for specifics.

0 Kudos

Nishal_Rai
Cirrostratus
Cirrostratus
In response to whisperer

‎25-Sep-2023 02:22

Thanks, whisperer for the advice.

Yes, I do agree about understanding the specific business and security requirements of the client to gain a holistic comparison between the two different security products.
However, I just wanted to know the general difference between the F5 BIG-IP and the Barracuda 660v WAF to have a better insight into the available features and limitations.

I hope you would understand.

0 Kudos
Copyright © 2023 Khoros, LLC