12 top web application firewalls compared

A web application firewall (WAF) is a critical component of an enterprise security infrastructure, providing a key security layer for web-facing applications and APIs.

1 2 Page 2
Page 2 of 2
  • Gartner PeerInsights rating: 4.5 stars
  • Target audience: Small to large businesses, with support for both on-premises or cloud-based workloads.
  • Notable features: Available in a wide range of architectures, with services capable of further securing your web applications.
  • Pricing: Hardware appliances retail from around $5,000 on the low end with the baseline virtual appliance (with a single CPU core) setting you back $3,669.75 retail. Hosting FortiWeb in AWS with a pay-as-you-go license has an annual cost of $5,374 using Fortinet’s recommended C3 Large VM.

10. Imperva Incapsula

Like several other offerings on this list, Imperva is in the content delivery business, and as such is well positioned to provide additional security for your web applications. Imperva’s Incapsula WAF is one piece of a suite of tools that offer load balancing, high availability, and (bad) bot and DDoS protection. Incapsula also offers some add-ons, including Log-in Protect, which leverages the WAF to provide two-factor authentication for URLs you specify through the use of e-mail, SMS, or Google Authenticator.

Incapsula WAF provides protection against cross-site scripting, SQL injection, and remote file inclusion, supports custom rule sets and both white and black lists. From an architecture standpoint, Imperva Incapsula is strictly cloud-based, which won’t bother most customers.

  • Gartner PeerInsights rating: 4.5 stars
  • Target audience: Imperva serves customers and web applications of all sizes.
  • Notable features: As with the other large-scale content delivery providers, Incapsula’s proliferation may be its biggest asset. Having the ability to analyze large amounts of traffic in real time and respond accordingly is the best way to identify bad actors and zero-day attacks in order to protect your web application.
  • Pricing: Imperva includes WAF in all its Incapsula pricing tiers, from the $59 a month pro tier to the high-end enterprise level service, which includes comprehensive DDoS protection, load-balancing and failover.

11. Radware AppWall

Radware AppWall is available as a standalone product in the form of a physical or virtual appliance, or as a managed service. On its own AppWall can protect against common web application attacks, including API attacks, brute-force credential attacks, and application-layer DDoS attacks. When coupled with Radware’s DefensePro network firewall, Appwall can integrate with the edge device in order to block attacks at the network perimeter, rather than allowing it to reach the WAF.

  • Gartner PeerInsights rating: 4.7 stars
  • Target audience: Medium to large enterprise, managed service providers, or cloud service providers
  • Notable features: Radware offers a comprehensive set of devices for securing your corporate network, and the integration between their application firewall and perimeter defense products is ideal for critical workloads.
  • Pricing: Radware AppWall as a managed service begins at $200 monthly, while on-premises deployments retail in the $20,000 neighborhood (not including discounts, maintenance subscriptions, or add-ons).

12. Sucuri Website Application Firewall

Sucuri Website Application Firewall is a cloud-based WAF that does DDoS mitigation, performance handling (smart caching, compression, etc.) and load balancing. Sucuri Website Application Firewall is positioned as an entry-level website security platform, as it’s easy to set up and get running.

Sucuri also offers a comprehensive white-glove website security solution that not only includes the WAF but monitors your site for known vulnerabilities, tracks and remediates blacklist listings, and features SLA-backed response times.

  • Gartner PeerInsights rating: 4.6 stars
  • Target audience: Small to medium companies
  • Notable features: Sucuri Website Application Firewall offers a robust feature set, including content-delivery and performance features) for smaller websites.
  • Pricing: Sucuri Website Firewall is available starting from $9.99 a month for the basic tier, which is targeted at blogger sites. The pro and business tiers add layer 3 and 4 DDoS mitigation for $19.98 and $69.93 a month, respectively, and are geared toward e-commerce or business sites.

Copyright © 2018 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
The 10 most powerful cybersecurity companies