We just raised a $30M Series A: Read our story

F5 Silverline Managed Services OverviewUNIXBusinessApplication

F5 Silverline Managed Services is #8 ranked solution in top Distributed Denial of Service (DDOS) Protection tools and #11 ranked solution in top Web Application Firewalls. IT Central Station users give F5 Silverline Managed Services an average rating of 8 out of 10. F5 Silverline Managed Services is most commonly compared to Cloudflare:F5 Silverline Managed Services vs Cloudflare. The top industry researching this solution are professionals from a computer software company, accounting for 28% of all views.
What is F5 Silverline Managed Services?

F5's Silverline Managed Services is a SaaS solution delivering DDoS protection, managed Web Application Firewall (WAF) services, and managed Shape Security Fraud and Anti-bot solutions.

Silverline services include 24x7 access to F5's Security Operations Center (SOC). F5's expert security professionals use F5 products with state-of-the-art security tools to ensure the best protection possible. As an add-on to Silverline DDoS or WAF services, Silverline Threat Intelligence integrates dynamic lists of threatening IP addresses to give context for policy decisions.

F5 Silverline Managed Services is also known as F5 Silverline Web Application Firewall, F5 Silverline DDoS Protection.

Buyer's Guide

Download the Web Application Firewall (WAF) Buyer's Guide including reviews and more. Updated: November 2021

F5 Silverline Managed Services Customers

City Bank, Ricacorp Properties, Miele, American Systems, Bangladesh Post Office

F5 Silverline Managed Services Video

Pricing Advice

What users are saying about F5 Silverline Managed Services pricing:
  • "F5 Silverline Web Application Firewall works based on your bandwidth. They look at the clean bandwidth and do the pricing. 20% of a total pipe would be a clean bandwidth. The list price or a non-negotiated price for F5 Silverline Web Application Firewall would be around $2,200 per application per year for everything that you need. When you get into an enterprise kind of a setup, they negotiate this to the last bit. I would easily take 20% on that, which would be the cost, but it should cover all your Advance WAF features, bot protection, tech campaign, etc. It is built as a package and gives you most of the capability. You don't get the mobile SDK, which is an additional license. Mobile SDK is required only if you're buying or if you have a mobile application, and you are going to instrument F5 or Imperva into your mobile appliance. This anyways would be an additional module. It doesn't come within the WAF, but it is a WAF feature."

F5 Silverline Managed Services Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
BK
Co-Founder and CTO at Cyber-CP Ltd
Real User
Top 10
It is flexible and lets you easily apply policies, but it needs to support more PoPs

Pros and Cons

  • "Its flexibility is the most valuable because it is a managed service. The good part is that you don't need to set it up. It just needs DNS routing, which is the easiest thing. Our client had Akamai for certain websites because they were using CDN features. They had NetScaler on the internal zone, F5 AWAFs on the data centers, and no WAF at all in the cloud. One of the main activities of the project was to move all these policies into a single WAF so that we could control and use that as a choke point. That exercise itself was very easy because it was a managed service and F5 Silverline Web Application Firewall does that for you. That's the best thing about F5 Silverline Web Application Firewall. It is easy to apply policies on-premises. If you have AWAF on-premises and you want to replicate some policies on F5 Silverline Web Application Firewall, other than the policies that it applies by itself, it is easy because you have a team that supports it. F5 Silverline Web Application Firewall works perfectly fine. It pretty much does everything that an Advanced WAF on-premises should do."
  • "F5 Silverline Web Application Firewall, being a new product in the market or comparatively related to a new product, currently supports less number of PoPs. They should introduce more PoPs. The current number of PoPs that they have is around 10 or 12, which is still relatively less as compared to 2,400 plus PoPs that Akamai offers. The user latency or the number of hops a user needs before reaching the actual web application is less in Akamai because it has its internal fabric to route the traffic. They need to spin up more data to increase its traffic handling capability. They can also include the bot detection capability, though it is a pretty advanced functionality. If they could include DataDome like functionality, that is, bot prediction, then F5 Silverline Web Application Firewall will be top-notch in the market."

What is our primary use case?

We are using this product for a major airline whose traffic is routed via F5 Silverline Web Application Firewall. All B2C sites are behind F5 Silverline Web Application Firewall. The data part is basically to Akamai for CDNs and to F5 Silverline Web Application Firewall for WAF capability. The resources are hosted on AWS or Azure. For parameters, we have another F5 AWAS module, which intercepts the traffic once it is inside the cloud parameters, and then the data goes to the backend application pool. Every B2C traffic gets inspected on F5 Silverline Web Application Firewall. Every HTTP profile is inspected on the Advanced WAF module, which is again F5 on-premises.

We are also deploying this solution for another client in the Middle East. We're basically deploying the architecture. We have F5 Silverline Web Application Firewall and the Check Point firewall as the next-generation firewalls. All HTTP traffic is via F5 Silverline Web Application Firewall, and it is routed back to the Check Point firewall for IPS and malware inspection because F5 Silverline Web Application Firewall does not do that. Non-HTTP profiles go via the Check Point firewall.

What is most valuable?

Its flexibility is the most valuable because it is a managed service. The good part is that you don't need to set it up. It just needs DNS routing, which is the easiest thing.

Our client had Akamai for certain websites because they were using CDN features. They had NetScaler on the internal zone, F5 AWAFs on the data centers, and no WAF at all in the cloud. One of the main activities of the project was to move all these policies into a single WAF so that we could control and use that as a choke point. That exercise itself was very easy because it was a managed service and F5 Silverline Web Application Firewall does that for you. That's the best thing about F5 Silverline Web Application Firewall.

It is easy to apply policies on-premises. If you have AWAF on-premises and you want to replicate some policies on F5 Silverline Web Application Firewall, other than the policies that it applies by itself, it is easy because you have a team that supports it.

F5 Silverline Web Application Firewall works perfectly fine. It pretty much does everything that an Advanced WAF on-premises should do.

What needs improvement?

F5 Silverline Web Application Firewall, being a new product in the market or comparatively related to a new product, currently supports less number of PoPs. They should introduce more PoPs. The current number of PoPs that they have is around 10 or 12, which is still relatively less as compared to 2,400 plus PoPs that Akamai offers. The user latency or the number of hops a user needs before reaching the actual web application is less in Akamai because it has its internal fabric to route the traffic.

They need to spin up more data to increase its traffic handling capability. They can also include the bot detection capability, though it is a pretty advanced functionality. If they could include DataDome like functionality, that is, bot prediction, then F5 Silverline Web Application Firewall will be top-notch in the market.

For how long have I used the solution?

I have been using this solution for a year or so.

What do I think about the stability of the solution?

It is so far stable. When I did a POC for one of my clients, I ran tests for a month on both Imperva, F5, and Akamai. I found F5 to be more regress in terms of infections than Imperva. It could be because of the teams on-site, representing these companies, doing their job right or wrong. If a PS consultant from Imperva did not configure the policies right, it probably would have scored less. 

What do I think about the scalability of the solution?

I know that F5 Silverline Web Application Firewall is scalable. We are using this product in two enterprise setups that can have a hundred thousand-plus requests at any given time.

Scalability for products like F5 Silverline Web Application Firewall or Incapsula is pretty easy because their sizing is managed by the vendor. Therefore, you don't have to really bother about what goes in there because that's a black box for you. However, if you are doing it on-premises, it's a task.

I've been involved in upgrading a traditional WAF to Advanced WAF. It's basically a license upgrade involving testing and re-profiling of applications and things like that. It's a sort of straightforward task. If you have the right team, it is not something really difficult. It isn't something like where you just add a few boxes and then scale.

Our airline client has millions of customers, and all this data is going via F5 Silverline Web Application Firewall, which is a lot of data. It's an enterprise kind of setup. We're not talking about end-user traffic here. We're talking about B2C traffic. For end-user traffic, we have around 400-odd unique URLs behind the F5 Silverline Web Application Firewall on-premises, which is again an Advanced WAF module. F5 Silverline Web Application Firewall has around 60,000 to 80,000 users, not at the peak but spread over time. All B2C requests coming into the website, like booking or looking for your seats on the flight, go via F5 Silverline Web Application Firewall, and that could go up to millions of hits a day.

How are customer service and technical support?

We have a personal rapport with both Imperva and F5 in UAE because we have worked with them for more than a year. I have found them to be really good. I may have once or twice talked to their central support team as the contact person for the account was not available. Otherwise, it has been a personalized experience for both products because we know the teams.

How was the initial setup?

The initial setup is certainly straightforward because F5 Silverline Web Application Firewall does the setup for you. All that you need to worry about doing is routing your DNS via F5 Silverline Web Application Firewall.

If I have a website, I would just make sure that it routes via F5 Silverline Web Application Firewall DNS, and then I would only whitelist the traffic between F5 Silverline Web Application Firewall and my application pool. That's the only configuration that I need to worry about, unlike a traditional WAF that you need to set up. You can't just say that it is a strength of F5 Silverline Web Application Firewall because Imperva's WAF on the cloud, Incapsula, also works the same way. 

What's my experience with pricing, setup cost, and licensing?

F5 Silverline Web Application Firewall works based on your bandwidth. They look at the clean bandwidth and do the pricing. 20% of a total pipe would be a clean bandwidth.

The list price or a non-negotiated price for F5 Silverline Web Application Firewall would be around $2,200 per application per year for everything that you need. When you get into an enterprise kind of a setup, they negotiate this to the last bit. I would easily take 20% on that, which would be the cost, but it should cover all your Advance WAF features, bot protection, tech campaign, etc. It is built as a package and gives you most of the capability.

You don't get the mobile SDK, which is an additional license. Mobile SDK is required only if you're buying or if you have a mobile application, and you are going to instrument F5 or Imperva into your mobile appliance. This anyways would be an additional module. It doesn't come within the WAF, but it is a WAF feature.

Which other solutions did I evaluate?

There are a lot of gray areas in WAF. If you take a look at the top ten WAF solutions, most of the WAFs in the market, or at least the advanced ones, do it right because the WAF technology is evolved.

If you look at bot protection, it is probably not everyone's game. I've seen Imperva doing it really well. If I masquerade a browser, for example, if I masquerade a Chrome browser by changing the agent files and make it look like Firefox, and then if I send a request to my F5 Silverline Web Application Firewall (or Imperva firewall), I would want to see if it identifies the real browser behind it. I've seen F5 Silverline Web Application Firewall (and Imperva) handling most of such cases well, but other WAF products in the market fail.

If you look at Imperva, their strength primarily is on the DDoS capability. In the volumetric attack part, Imperva scores or has at least a record of doing better than F5 Silverline Web Application Firewall. Imperva is also in the public domain, so they have mitigated larger attacks than F5 Silverline Web Application Firewall, but this is not something you can test in the lab. You wait for the doomsday, and then you do your actual test.

Overall, if you say F5 Silverline Web Application Firewall as a product, I would vote it over Imperva. It may be because I'm more inclined to work on F5 Silverline Web Application Firewall. I found working with it easier than Imperva.

What other advice do I have?

You should know what you're actually blocking. A lot of customers move to WAF or AWAF because they were told to do that, but they need to identify what they're actually looking to inspect. For example, one of the clients I worked with did not understand the differences in capabilities between a next-generation firewall and a WAF. When I say WAF, I am talking about AWAF, not the previous generation WAF. No one considers that anymore.

People who try to put WAF and think that they are secure are not really secure. There is still a fine grain of security that you need on a next-generation firewall. For example, if I inject a payload, I'm going to have HTTPS traffic that I pass on to WAF. If I do not do my SSL termination and just inspect the remaining stuff, such as headers, WAF is basically useless.

If you're using a WAF solution like F5 Silverline Web Application Firewall, one thing it does really well is the orchestration part. It can terminate your SSL and do the encryption. Basically, it may make your stream decrypted via texts, inspect every element of it, decrypt it back, and then send it. 

As a security consultant, I would add another next-generation firewall behind F5 Silverline Web Application Firewall. I will make sure that I do a service chaining, and every single stream or packet that is decrypted is again routed via a next-generation firewall to do IPS. This is because your WAF cannot do IPS. It is not its major strength; it is a firewall capability. Let's say you have a website where you upload files, and you are going to upload a file that probably has some malicious code that could be executed. When you upload it, it is going to sit on your system. How do you know that a file that is attached to a website is not malicious? A WAF generally doesn't take this up. That's where a combination of WAF and firewall comes into the picture. 

It's about defining and ensuring what is your load and how many applications you want to protect. Do you really have the skills to manage those policies in-house? If you don't have really good engineers who look at the policies and manage these boxes, then it is better to go for managers like Silverline. If you have good hands on the ground, then use an Advanced WAF in your data center. 

Some companies might not need on-premises deployments because they might be using a cloud. In that case, run this on the cloud. You could have virtual licenses or virtual machines running on the cloud, or you could use Silverline. If you're more security passionate, then you probably will have to have a Silverline for it and then another WAF within your cloud. Again, there's no one way to do it. It depends on your network, but do not rely on one product because every product has its limitations.

I would easily rate F5 Silverline Web Application Firewall a seven out of ten. I won't give it an eight because I haven't tested it for a longer period. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Lane Lu
Senior System Engineer at a financial services firm with 11-50 employees
Real User
Top 5
Provides great protection features and has good support

Pros and Cons

  • "The most important feature is that they have seven firewall protection, to protect our web servers."
  • "I just hope the price can be cheaper."

What is our primary use case?

Our primary use case of F5 is for a WAF. I used to use F5 to do some double load balancing. And now, for my current use case, we primarily use the F5 Silverline as an application firewall to protect our web servers. 

What is most valuable?

The most important feature is that they have L7-firewall protection, to protect our web servers.

What needs improvement?

I think F5 is one of the best web application firewalls in the world. So support is pretty good. They provide the best protection features in the market at the moment. I can't tell how they could improve. I just hope the price can be cheaper. I think they are changing. They are also providing some other pricing models, deployment models, etc. It's actually quite okay for us. It fulfills all of our requirements. But from the product perspective, I believe, there is some room for them, to improve.

I think they need to improve the APIs or tools. We are doing a lot of automation, so I find the APIs are not very easy to use. So the current automation is not that good for F5 at the moment. We still need to develop something by ourselves, so it's not that good, in the modern IT offices. I think that's a key thing that I want them to improve in the future.

For how long have I used the solution?

I have been dealing with F5 for over 10 years.

How are customer service and technical support?

I think F5 is one of the best Web Application Firewalls in the world. So support is pretty good.

What's my experience with pricing, setup cost, and licensing?

You have to pay for the base license. And if you need, for example, other features, like the Web Application Firewall, you need to pay for a separate license and you need to pay for the support contract. You need to renew your support contract yearly. So if that's cheaper it would be better. Just to maintain the F5 it's very costly.

What other advice do I have?

I would rate the F5 Silverline Web Application Firewall an eight out of ten. Pricing is the reason why I wouldn't give it a ten. There's really no 10 I think in the market. They always have something that needs to improve or upgrade.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Find out what your peers are saying about F5, Imperva, Akamai and others in Web Application Firewall (WAF). Updated: November 2021.
552,695 professionals have used our research since 2012.
NA
Senior Security Consultant at a tech services company with 1,001-5,000 employees
Consultant
Top 20
Has a good intelligence platform and excellent technical support

Pros and Cons

  • "F5 technical support is really good."
  • "In terms of the scalability, this part is always so confusing because they are checking for packet count. Also, after an attack, they said that the throughput must be from gigabits but then I check my bandwidth and it is already done in gigabits. So it is a little bit confusing."

What is our primary use case?

My team is providing services for this solution.

What is most valuable?

In terms of most valuable features in the solution, most of the time we check for learning periods and that it has an intelligence platform.

What needs improvement?

To make this solution much better, they must have a user-friendly configuration interface. I'm working for a partner site, so for the technical portion, it must have great troubleshooting stats.

For example, Arbor doesn't have web application firewall capabilities, and sometimes I need that capability. If a solution doesn't have it, I have to add additional solutions. This is confusing and it drives the solution price up.

For how long have I used the solution?

We are working with F5 Silverline DDoS Protection for nearly one year.

What do I think about the scalability of the solution?

In terms of the scalability, this part is always so confusing because they are checking for packet count. Also, after an attack, they said that the throughput must be from gigabits but then I check my bandwidth and it is already done in gigabits. So it is a little bit confusing.

How are customer service and technical support?

F5 technical support is really good. It is better than A10.

What's my experience with pricing, setup cost, and licensing?

Again, if the solution doesn't have a web application firewall capability, it can raise the solution price. Pricing can be higher than the other solutions.

What other advice do I have?

For someone considering this solution, they have to do a POC at first.

On a scale from 1 to 10, I would rate Sliverline DDoS an eight. 

They are so new in Turkey that they don't have too much to offer here yet.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
RP
Security Engineering & Asset Security - Information Security (ISC) at a financial services firm with 10,001+ employees
Real User
Top 20
A flexible solution that monitors traffic and does SSL offloading to help secure our application layer

What is our primary use case?

We use this product as part of our security solution for the application layer.

What is most valuable?

The most valuable feature is flexibility. We need the appliance to monitor traffic and also perform SSL offloading.

What needs improvement?

We need to have support for cloud protection, which is not offered by this solution.

For how long have I used the solution?

We have been using F5 Silverline WAF for more than three years.

What do I think about the stability of the solution?

This is a stable solution and we haven't had any issues.

What do I think about the scalability of the solution?

We have had no trouble with scalability.

How are customer service and technical support?

We have a local partner for technical support in Indonesia…

What is our primary use case?

We use this product as part of our security solution for the application layer.

What is most valuable?

The most valuable feature is flexibility. We need the appliance to monitor traffic and also perform SSL offloading.

What needs improvement?

We need to have support for cloud protection, which is not offered by this solution.

For how long have I used the solution?

We have been using F5 Silverline WAF for more than three years.

What do I think about the stability of the solution?

This is a stable solution and we haven't had any issues.

What do I think about the scalability of the solution?

We have had no trouble with scalability.

How are customer service and technical support?

We have a local partner for technical support in Indonesia and they have been good.

How was the initial setup?

We did not have any issues with the initial setup.

What other advice do I have?

We just renewed our license and will be continuing to use this product.

Overall, this is a good security solution, but there is no such thing as a perfect appliance in IT.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Download our free Web Application Firewall (WAF) Report and find out what your peers are saying about F5, Imperva, Akamai, and more!