Most of us mortals are not technical enough to understand all the types of attacks website firewalls might need to block. Still, it would be advisable to check the basics and most common attacks that would be blocked, these would include (but not limited to):
Brute Force attack prevention,
SQL Injection protection,
Scraping protection and
Zero Day vulnerability
So ask the firewall provider if these are blocked!