Cloudflare SASE & SSE Platform Reviews

I'm just using the bare minimum amount of DDoS Protection out of the tier we use. We're a pretty small company, so we haven't been the target of any major DDoS attacks yet. That's why so far the basic DDoS is all we need.

If your company uses Cloudflare, then everyone in your environment inherits DDoS protection.

There is no such thing as maintaining this solution — everything is baked into it. Unless of course, you want to pay for the enterprise tier. Then maybe you could gain access to extra DDoS Protection.

In the case of an attack, Cloudflare provides an extra layer of security in front of our application server. It will take the blow rather than our applications should an attack occur. That's the whole idea. They protect us with this extra cushion.

We mostly use Cloudflare WAF, and gets basic Cloudflaire DDoS, caching as extra bonus . We like the factor these features are all integrated into 1 console, simple to manage. They work flawlessly in the background, nearly invisible to us. 

The initial onboarding was causing us some confusion. Who's going to do what and what steps need to be taken? Once we got through it once, it became a no-brainer. At this point, I'm pretty happy with Cloudflare. Everything is straightforward once you've figured it out initially. It's just the very first day that can be a little confusing. 

I recently sent some feedback to the company. There are thousands of rules in their WAF product, and I just wish I could have better insight. Right now, it's very superficial. You turn a radio button on or off for their rules, but when there's troubleshooting going on, it's very hard to figure out what's causing the rules to get triggered. With each rule, there may be hundreds to thousands of rules underneath it that are enabling the blocking.

Luckily for me, so far it hasn't occurred enough that it has required me to dig deep to figure out why or how to bypass it, but I could see this occurring a lot in a complex environment. It only happened to us three times, and I was always able to figure out a way to get through it. 

I have been using Cloudflare DDoS for roughly six months.

It's been very stable. Before we brought our server on behind Cloudflare, there was a reported outage which made us extremely concerned. However, since we've been onboarded, we have not noticed any downtime with Cloudflare. 

It's extremely scalable. That's the whole reason we use Cloudflare.

Support has been good so far. Just the initial headache of onboarding. After onboarding, there was some tuning involved. We worked closely with support to get through that. Once we got the gist of it, we didn't really require support anymore. It's become very low maintenance.

We are using AWS — that's our infrastructure. The only thing we compared on paper was the native AWS DDoS Protection. The reason we selected Cloudflare, is because it provides us with an extra security layer in front of our applications. It has all the security features built into one platform rather than managing different pieces. With AWS-native tools, I have to select AWS Web or AWS DDoS Protection. There are individual components I have to install and manage. With Cloudflare, because it's an all-in-one platform, everything is much easier. 

At this point, considering the size of our company and the traffic we have seen, there is no need for us to pay extra for the enterprise tier. That's our current state. Things could change; we'll have to wait and see. As our company grows and as we become more successful, it may attract more attacks.

If you were to just use a native AWS tool, it may be a little bit cheaper. But considering the headache of spending more time to figure out how to install and manage the individual pieces, cost-wise, I think Cloudflare would be the cheaper option.  

Before implementing this solution, consider the size of the individual company: their cost budget, their budget range, and their specific needs. What are they looking for? If you're looking for an all-in-one security tool with DDoS, WAF, and rate control, all in one package for a low price, Cloudflare seems to fit pretty well. It really depends on the individual company — what their application is based on.

Take TikTok for example. TikTok has heavy traffic laws, so their security needs will be very different from my company's needs. We're low profile, we don't generate tons of traffic. So, it really depends on your environment, your budget, all of those things.

Overall, on a scale from one to ten, I would give this solution a rating of nine.

We have to make sure that we are protected in our domain, our website from the public Internet because we don't want any compromise to our site.

With DDoS, we have to ensure that we are not hijacked. So that's why we want to eliminate the attacks on our infracturer. 

The capabilities of the software are strong enough for me to do what it's supposed to do. For me, we don't need to do a lot of configuration on our site. We just enable it and monitor it.

Cloudflare is good at consolidating the solution embedded into one single console, which makes it interesting for us to explore more on Cloudflare. Besides that, the CDN performance has also helped us improve the accessibility of the site to the public.

There is little room for improvement dashboard-wise. 

In future releases, I would like to see alerts. The software has automated alerts, but the automated alerts are not available in the mobile app.

Now, we have to be fast to get ready, not just from the end-user site, but we have to know first if possible.

I have been using Cloudflare DDoS for almost three years. 

So far, we haven't received any complaints or issues from our application site. So far, we don't see any issues that are concerning. Because I am the one managing the infrastructure, the others are managed by my application team.

So, it has been a stable product for us. 

There are more than five end users in our company. So, we added a key percentage that manages the product and the system.

When I stepped into the current company, the system was already onboarded.

We use Cloudflare WAF CDN and DDoS protection for our domain.

The initial setup is easy and straightforward. For me, it's easy because we only need to point our DNS to Cloudflare, so we receive traffic from Cloudflare.

I'm suggesting using Cloudflare based on our experience. This is in terms of compliance. So, it complies with the top tech standards. And configuration is easy for us. We don't need to stress it for customization or configure rules. We enable it, and it's done. We only monitor the logs and any issues. So I'm suggesting you use Cloudflare if you want to.

Overall, I would rate the solution an eight out of ten. 

We use the solution as a web application firewall.

The blocking feature is very good. The traffic feature is also very good. The product has a lot of good features that we can use on-premises or on the cloud. I like the product very much. It is a very good defense tool.

The solution must improve support. The response time for support must be reduced.

I have been using the solution for one and a half years.

The tool is pretty stable. I rate the stability a nine out of ten.

I rate the tool’s scalability an eight out of ten. More than 40 people in my organization are using the tool.

We get people to support us when we contact them. However, it takes them too long to respond. The first response is quick, but the follow-ups are slower.

Positive

The initial setup was easy. The time taken for deployment depends on the devices we deploy, the logs we want, and the kind of product we are deploying.

The deployment was done in-house.

The solution is not that expensive. It is moderately priced.

The documentation is easy to follow. The documentation is really helpful for first-time users. Overall, I rate the product a nine out of ten.

Cloudflare is simple to use.

Cloudflare is similar to a toolbox. It's simple to handle the box, but it's a different story when it comes to handling the tools. The same is true for Amazon. That is true for all companies. The majority of them have it. They will sell you a toolbox, but you must know how to use it.

Cloudflare isn't all bad. We have customers who are getting rid of Imperva because they can't find anyone who knows anything about it. Our customers no longer use Cloudflare because its service is subpar.

There's another company, Sucuri, that has excellent customer support, but you don't buy it because you don't want to talk to customer support. Customer support is not something you want to purchase. You're supposed to buy something without requiring customer support, which is the main point.

The same goes for Fortinet. While I am not familiar with the machine, it can cost a lot of money sometimes, $300,000 for a medium-sized business. Furthermore, you will require a full-time employee in your office who is knowledgeable. Dependent on the skill level today's resources can range from 80 to 150.

You don't want to pay. The price tag is no longer $200,000, but rather $300,000 to $400,000. It's twice.

The industry is changing right now. There is artificial intelligence. You have blockchain, and Quantum is on the way. It's there and on its way. So there is a significant shift in that area, of cyber security.

And, on top of that, there is a global shortage of 3.5 million security experts or professionals.

You are not an expert in your first year. People believe they are experts because they have a certification or something similar. Experts do not behave in this manner. Expert in dealing with a crisis. To become an expert, you must go through many crises. However, people are now claiming to be experts simply because they can scan something.

I would rate Cloudflare DDoS a seven out of ten.

We use the product to access applications that are restricted to employees only. 

Cloudflare Zero Trust Platform removes the risk of exposing the applications to the public. 

Cloudflare Zero Trust Platform needs to improve its documentation. It took time to do the implementation. 

I have been using the product since January. 

I rate the solution's stability a ten out of ten. 

I rate the product's scalability a ten out of ten. 

Cloudflare Zero Trust Platform's deployment can be complex if the documentation doesn't cover the use cases. 

Cloudflare Zero Trust Platform's pricing is good. 

I rate the product a nine out of ten. 

We use the solution to protect some of the services. It helps us protect our applications and infrastructure.

The solution is user-friendly in terms of graphical interface and is easy to deploy.

Our subscription plan for the solution has a limitation of bot signatures.

It is a stable solution.

It is an in-built tool in our Cloudflare infrastructure, and we use it as a DNS service. Thus, we don't necessarily have to configure it. We add it as a service, and it works great for us.

The solution is excellent. It helped us a lot with DDoS issues. I rate it a ten out of ten.

I am not a reseller, but an implementer. We help our customers utilize this solution.

Cloudflare Access is primarily used in government homage for DDoS protection.

We decided to use Cloudflare Access to solve a problem with DDoS protection.

It covered the things that we needed at the time.

The pricing is an area that can be improved. Pricing, as far as I recall, was the source of our problems.

I have been working with Cloudflare Access for the last 12 months. I am working with a company that has many customers in different areas, and we have absolutely used Cloudflare for some of them.

I became familiar with Cloudflare Access four years ago.

Cloudflare Access is a stable solution.

Cloudflare Access is scalable.

I especially remember that we got great support.

I would absolutely rate the support a five out of five, they helped us a lot.

Positive

It's been a while, but I don't recall any problems with setting it up.

At the time, it was me and two other technicians to manage this solution.

The prices are slightly expensive.

I evaluate many things to educate myself in the work that I am doing.

We have used others as well, but I think that they are pretty comparable to other solutions that are available. Cloudflare, in my opinion, was easy to implement.

It was very good, I would rate Cloudflare Access an eight out of ten.

We use the product for DNS security and DDoS. 

Cloudflare DDoS is better than its competitors for its security, deployment, and scalability. 

The tool should provide on-premise versions. Currently, all versions are cloud-based. 

I have been using the solution for six months. 

Cloudflare is a customer-oriented company and offers solid support. 

Positive

The tool's deployment is complex. I rate it a three out of ten. 

I rate the tool an eight out of ten.