If anyone has experience using Barracuda 660v WAF, it would be great to hear your insights! I'm particularly interested in understanding its major feature limitations when compared to F5 BIG-IP WAAP.
Feel free to share your thoughts in a casual and informal manner.
Looking forward to hearing from you!
At a high level, F5 WAAP is delivered via Distributed Cloud. So, you would use the F5 cloud infrastructure to provide this protection, prior to requests going to your origin servers. Instead of maintaining a Barracuda virtual appliance, and mucking around with maintenance (upgrades), you would shift this task onto F5 where they provide incremental updates to the WAAP solution themselves (as they host it). Lot less work for you 🙂
Thank you for the overview of the F5 WAAP in contrast with Barracudda virtual appliance. However, I'm looking specific features comparision between F5 WAAP 200Mbps VS Barracuda 660v WAF (200Mbps) such as
Barracuda 660v Feature Limitation
F5 Feature Advantages
Total number of Backend servers that can be inspected = 10 – 12
https://www.barraguard.com/660-Vx.asp (Compare section)
No Limit on backend server, can inspect servers within 200Mbps throughput limits
Escalation of the prevention methods for the L7 DDoS protection is not available.
F5 provides the mechanism to escalate the prevention methods against the triggered L7 DDoS attacks.
Barracuda maintains its own threat intelligence network that provides updates on emerging threats and vulnerabilities.
F5 leverages a global threat intelligence network that continuously monitors and analyzes web traffic patterns and security threats.
Suitable for small to medium-sized enterprises (SMEs), with potential limitations in scalability compared to larger solutions.
Designed for large enterprises and service providers, offering high scalability and performance for demanding environments.
The storage capacity for virtual appliances is around 1 million per log type.
The total storage capacity is around 3 million requests (search for million )
No such score summary in terms of OWASP compliance and PCI DSS are available.
F5 provides the score, in terms of OWASP guidelines and PCI DSS, of the deployed security policies.
Barracuda does not have such features or mechanism to control and manage the IP application traffic.
IRule provides unprecedented power over IP application traffic manipulation and management.
TCL language for better web scripting
Is there any other reamining features to be discussed in the similar manner?
The important thing to ask and document, would be what are business or security requirements. Then it is easy to draw comparisons between 2 competing products.
If you are looking for sales positioning and differentiation here, I would certainly suggest you contact your partner engineer or F5 sales engineer for specifics.
Thanks, whisperer for the advice.
Yes, I do agree about understanding the specific business and security requirements of the client to gain a holistic comparison between the two different security products.
However, I just wanted to know the general difference between the F5 BIG-IP and the Barracuda 660v WAF to have a better insight into the available features and limitations.
I hope you would understand.