F5 Distributed Cloud WAF
F5 Distributed Cloud WAF eases the burden and complexity of consistently securing apps across clouds, on-premises, and edge locations.
Combining F5’s Industry-Leading WAF with an Easy-to-Use SaaS Format
Improve threat protection and reduce false positives with AI-powered risk scoring
Move from configuration-heavy WAF operations to outcome-based detection. AI-driven capabilities compliment signature-based and behavioral tracking methods to improve detection coverage with less manual effort.
Secure app development with DevOps agility and SecOps control
Simplify app security by seamlessly integrating protections into the development process with core security functionality, centralized orchestration, and oversight. Delivering the programmability that DevOps needs combined with the efficacy and oversight that SecOps mandates, enabling faster, more secure application delivery and release cycles.
Secure apps everywhere with dramatically simplified operations
Mitigate web app attacks and vulnerabilities with comprehensive security controls and uniform policy and observability via our SaaS-delivered WAF that’s quick to set up and deploy, and easy to manage and scale across any environment.
Reduce time to resolution while defending against known threats and suspicious behavior
Quickly improve visibility and insight across all security events including WAF signatures hit, DoS events, automated and persistent threats, and all other client interactions along with app performance, including intuitive drill-down capabilities. Combining signature and behavioral protection easily identifies potentially bad actors and takes action even if the client doesn’t trigger any known threat signatures.
Product Overview
Public clouds
Manage and protect application workloads hosted across clouds, including AWS, Azure, and GCP.
On-premises
Manage and protect applications at your data center and edge sites.
F5 global PoPs
Manage and protect application workloads from any of the points of presence (PoPs) on the F5 Global Network.
Core Capabilities
F5 Distributed Cloud WAF combines signature and robust behavior-based protection for web applications. It acts as an intermediate proxy to inspect app requests and responses to block and mitigate a broad spectrum of risks stemming from the OWASP Top 10, threat campaigns, malicious users, layer 7 DDoS threats, bots and automated attacks, and more.
Platform Support
Broad platform and cloud provider support
Broad platform and cloud provider support
Distributed Cloud Services can be delivered to apps running on any platform on any public/private cloud. Connect and secure apps running in VMs, containers, bare metal or serverless.

Simplifying DevOps and SecOps
Simplifying DevOps and SecOps
F5’s native Terraform provider, vesctl CLI tool, and public APIs deliver the automation needs of app teams. Support for alerting tools (i.e., Opsgenie and Slack) and SIEM tools (i.e., Splunk and Datadog) simplify life of DevOps and SecOps.
Awards and Recognition
Resources
Featured

F5 Distributed Cloud WAF
Protect web apps in any cloud, edge, and on-premises environment with a comprehensive WAF as a Service from F5.
Get the overviewSolution overviews
Flexible App Security with F5 Distributed Cloud WAAP ›
Articles
F5 Distributed Cloud L3-L7 DDoS Mitigation ›
Securing against OWASP Top 10 Application Security Risks ›
Reports
Videos
Mitigate App Vulnerabilities Using F5 SaaS-Based Deployment Model ›
Malicious User Detection and Mitigation ›





