Radware DDoS Reviews

We use Radware DDoS for our web services, and currently, we have added one more thing; we are using it for our API gateways also. The API service we are calling is being managed through the load balancer only.

Radware DDoS can reduce our bandwidth and provide the required performance. Bandwidth compression and all other features are available. SSL encryption, decryption, and offloading are all features we are using, and they provide the benefit of reducing the workload on the server. The server will perform related applications and will not have to do other tasks like DDoS protection, SSL encryption, decryption, or compression. Everything is handled by Radware only. Rather than the requirement of the server being increased two to ten or fifteen fold, with four to five servers, it will properly optimize, and we are getting proper performance.

From the features perspective, the best features in Radware DDoS include SSL onloading and offloading, compression, and the proxy feature. The reverse proxy we are using is a great feature. The response time is excellent. We are getting responses in two to three milliseconds, so performance-wise, it is excellent.

Radware DDoS has reduced my need for additional infrastructure investment due to DDoS threats. We have invested in all the products in data center, disaster recovery, and far disaster recovery sites. For the cloud, we have also purchased Web Application Firewall in the cloud.

From the features perspective and functionality-wise, there are areas of Radware DDoS that I would like to see improved or enhanced in the future. Version upgrades are being provided, but they should communicate with clients about these new features being available so clients can test them and deploy them on the disaster recovery system before moving to the live segment. There should be a test report that will provide confidence that the version is stable and everything will work properly. Last time we faced an issue with a version upgrade, and we faced extensive troubleshooting with littile bit more time in the troubleshooting process. It turned out to be a small issue that was resolved by the engineering team.

I would like to see improved support from Radware DDoS. Sometimes in support, we have to log the call with their support partners rather than Radware. After ten years of experience, we know exactly what the issue is, and we understand that it cannot be handled by their support channel or partner level. Radware team always asks us to go through the partners, but sometimes we have found that the issue cannot be handled by the partners. After the partners fail to resolve the issue, it goes to the Radware team. At that time, one to two days of required timeline gets increased by one to two days. If Radware came into immediate action and resolved the issue rather than relying on their service partners, it would be better. After ten years, we have the knowledge of troubleshooting, and we understand that the issues we are facing with Radware can only be resolved by their team. However, due to their policy, they insist we move through the partner first, and only after the partner fails do they escalate to Radware. During that troubleshooting period of twenty-four to forty-eight hours, we remain in an unresolved state with the reported issue.

I have been working with Radware DDoS since around 2016 and 2017. I am currently working with Radware DDoS and we renewed the product as well.

When it comes to performance, I find Radware DDoS to be stable. I have not seen it utilized beyond a particular load. It is not even using 10% of its capacity. It is fully optimized, and the performance is very good. It is top-notch.

I assess Radware DDoS's response times after an attack as stable. The response time is stable and consistent. It works stably during any attack. It is very optimized, as the utilization never gets more than 10%.

Radware DDoS detects incidents immediately. If you are monitoring, it immediately detects and shows the issues on the system. It is not taking much time. In milliseconds, it shows that the issue is on the dashboard. After that, troubleshooting becomes easier to proceed further. Whatever the dashboard shows, whether the service is down or any misbehavior, we can identify it immediately.

Radware DDoS is scalable. As per requirement, we can scale it. We can increase the connection and whatever required server connection is needed. As I mentioned, it is never seen at 10% utilization, whether in bandwidth, CPU, or RAM, it does not cross 10%. There is more than enough capacity and room for scalability in future requirements.

I would evaluate Radware DDoS technical support and customer service team as an eight out of ten.

Positive

Prior to Radware DDoS, I used F5.

My experience with the deployment of Radware DDoS has been smooth. We had the existing product of Radware, so we only had to export and import the configuration. A half hour of downtime was required. It was smooth, and we never experienced such a wonderful migration with Radware. Within a half hour or within a fraction of time, we exported and imported the new configuration to the new hardware from the old hardware, and it has been working smoothly without any hesitation or issue.

I purchased Radware DDoS directly through an authorized Radware vendor. Through the RFP process, we obtained the product from the authorized service partner. Radware team is directly in touch for the installation and upgrades of the system, including pre-planning and post-migration activities. Everything involving Radware DDoS is handled by the Radware team.

I have seen return on investment with Radware DDoS. Within three and a half years, we found that we are achieving the ROI on the product investment.

I assess the cost versus value of Radware DDoS protection compared to other solutions that I have evaluated as always better with Radware. We have proceeded with Radware DDoS, and we are achieving the ROI in three and a half years as mentioned earlier. Rather than providing service on a subscription basis, we purchased it for a long period of time. This provides better value for the ROI.

The key differences, both pros and cons, of Radware DDoS in comparison to F5 or other technologies I have evaluated are based on usability and cost. We have conducted evaluation with Array as well. Array has a complicated GUI, while Radware DDoS has a user-friendly GUI. The configuration part is user-friendly and very understandable. F5 also has the same configuration part, but in terms of cost, Radware DDoS is far more comfortable and budget-friendly. Array does not have user-friendly interfaces, and we found some challenges with it. We decided to choose Radware DDoS because it performs at the top-notch level like F5, and it is budget-friendly. Whatever requirements we have are fulfilled with Radware DDoS, so we proceeded with it.

My experience with Radware DDoS's behavior-based detection technology in terms of real-time attack detection and minimizing false positives has been positive. False positives are not occurring. Detection is working perfectly because we observed that whatever required traffic is passing through with the required URLs. There is proper protection related to DDoS and other required vulnerabilities.

Radware DDoS protection ensures that legitimate users are not affected during a DDoS attack by properly blocking traffic and allowing only required traffic. During a DDoS attack, Radware blocks whatever traffic is necessary, and they allow only the required traffic. For a particular time frame, they will block particular IP addresses. Whatever the attacks are and the IP address or any stream, it will be blocked.

Radware DDoS has helped me reduce the number of false positives that my organization receives in response to attacks. Their support is available, but after issuing the ticket, they rely on the service partner. Rather than relying on the service partner, if direct support from Radware was provided, it would be better.

Overall, Radware DDoS has helped me reduce downtime associated with attacks. As mentioned earlier, minimum downtime of one to two days is required by default. That is why they need to improve support. One more thing I would like to add is that they have a limitation in the knowledge base articles on their platform or any other platform on search engines. Either they should open their existing learning module to understand the issues and solutions that we have faced and reported, or other users and clients can understand the issues and take benefit from the resolution through the knowledge base articles. One more thing is that certification is also required from their side. If there is an educational certification in Radware, they should provide it or promote clients to take an active part in the certification to understand the new functionality and what is going on in Radware DDoS. After the certification, clients are able to understand better and will also reduce their downtime with proper education and knowledge of Radware DDoS products.

Given my rich experience with Radware DDoS, I can share this piece of advice with other organizations considering it: automated reporting is required. When anything happens, automatic reporting should be provided through email or any platform. Rather than being able to log on the dashboard continuously twenty-four hours a day, seven days a week, if there is any incident, you should get a report or an email alert that something is happening or something is wrong with your system. Through reporting or email communication, you will be able to understand. If the team is monitoring, they can take immediate action on that.

My impressions of Radware DDoS's SecOps dashboards for monitoring and reporting metrics are that they need improvement. As mentioned earlier, version upgrades require some improvement in the monitoring version. A little improvement is required in the monitoring version. There is a single management console, but there is too much room for improvement in automation and reporting.

I assess Radware DDoS's SecOps dashboard for providing historical information on protected objects and networks as providing a detailed view. It provides a detailed view of the objects. There is an option for modification and detection, and we can take action through the dashboard and monitoring system. However, as I mentioned, there is a requirement for some improvement as per the competitor's standards. Room for improvement exists for reporting automation and some advanced features. I think it is not a part of the licensing, because we are already on the top license or higher license side. Whatever features are available should already be there.

Regarding how easy or difficult it is for non-technical staff to use Radware DDoS's SecOps dashboards, I would rate it six to seven out of ten, rather than other products. It is not that difficult to understand.

Overall, I give this review a rating of nine out of ten.

We are using Radware Cloud DDoS installed in our organization, and I work with a banking client where we use it to protect against outside attacks coming from external sources.

I have used Radware's WAF, HTTP, and L7 DDoS protection, which protects from layer four to layer seven. It functions as a WAF device, and for layer seven, it is very useful for us in protecting from application layer attacks. We use Radware Cloud DDoS in our organization for many purposes, such as detecting new TCP handshake violations, and we maintain contact with Radware TAC for any issues. We raise Radware TAC cases for technical assistance from the portal and receive support.

We use both Akamai and Radware DDoS, with 95% of our traffic routed through Radware DDoS itself. I have seen it effectively protect our system from external threats and malicious IPs, helping us check the traffic and block any unwanted IPs. Compared to Akamai, we find Radware DDoS cloud solution somewhat better, so we route our traffic through it.

Radware DDoS protection ensures that legitimate users are not affected during a DDoS attack by having configured policies for our banking subnets. We know our subnets, and for legitimate users, we have configured a policy allowing our endpoints through Radware DDoS. Anything other than our endpoints is detected and quarantined, and we receive alerts on our mobile if there are flood attacks. Our team gets notifications so we can log in and check the specific IP involved and quarantine it accordingly.

Radware DDoS is quite stable, and we have not encountered issues recently. Previously, we had issues with customer support, but over the past three months, I worked on TAC cases and found their response to be prompt, usually within three to four hours, providing legitimate solutions.

Radware DDoS has been quite effective in mitigating advanced DDoS threats such as burst and DNS attacks, encrypted SSL floods, and IoT botnets.

I have worked simultaneously with both Akamai and Radware DDoS. Radware DDoS was in place before I joined, but we later brought in Akamai due to previous support issues with Radware DDoS. Nonetheless, we still route 95% of our traffic through Radware DDoS.

Radware DDoS is very useful for us in protecting from many attacks, particularly flood attacks and SYN flood attacks, which we deal with in the banking environment. When people are trying to access our systems and attempting to hack, they send continuous pings and flood our systems, and we are using Radware DDoS for that purpose.

What I appreciate about Radware DDoS is that it is very easy to use. We are configuring new rules on Radware DDoS by directly going to the Radware cloud firewall and writing new rules for bypassing and blocking. We use it for geo-based blocking as well, blocking access for users from countries such as China or Japan if we do not want to give them access. We are configuring the objects and implementing them on the security rules, and it is interesting and user-friendly. It is easier for us to handle the access part and any configurations.

My experience with Radware DDoS's behavior-based detection technology in terms of real-time attack detection and minimizing false positives is positive. It provides granular control where you can configure per hour or per day for different threats. Its layer seven cloud firewall protects against outsider threats, and it is very effective in that aspect.

Radware DDoS response times after an attack are quick, and we receive alerts within seconds of a flood attack happening.

The average time for Radware DDoS to detect an incident is only milliseconds, as even a delay of ten seconds is significant in networking.

I see measurable benefits from Radware DDoS in terms of efficiency improvement, particularly in the banking environment where many flood and TCP attacks are happening. It serves as one of the best solutions against the current cyber attack trends.

In Radware DDoS, everything is good as it is, but I think it can improve with more automation linked to the system. We have good real-time monitoring, and documentation is also helpful, but any integration with platforms such as Splunk would enhance it further.

In terms of specific features missing in Radware DDoS, I would appreciate seeing an API Protector or similar capabilities that Akamai has. These allow for record creation on Akamai that Radware DDoS currently lacks.

I have been working with Radware DDoS for the past year.

Radware DDoS is quite stable, and we have not encountered issues recently.

In terms of scalability, Radware DDoS is easy to use. They have support documents available in their cloud portal, so we can check through them easily to see what can be done.

Previously, we had issues with customer support, but over the past three months, I worked on TAC cases and found their response to be prompt, usually within three to four hours, providing legitimate solutions.

I would rate the tech support of Radware DDoS a ten. They are proactive, joining calls and resolving issues effectively, fetching logs, sending reports, and providing resolution steps for the issues we have encountered.

Positive

I have worked simultaneously with both Akamai and Radware DDoS. Radware DDoS was in place before I joined, but we later brought in Akamai due to previous support issues with Radware DDoS. Nonetheless, we still route 95% of our traffic through Radware DDoS.

Key differences between Radware DDoS and Akamai are that in Akamai we can create external records and block traffic, but in Radware DDoS, we can only add endpoints for protection. However, we mainly work on Radware DDoS because most of our traffic is going through it.

I was not involved in the deployment of Radware DDoS.

Radware DDoS solutions have not reduced my need for additional infrastructure investments due to DDoS threats because it effectively stops attacks.

Radware DDoS helps to reduce downtime associated with attacks, depending on how we troubleshoot the issues. Because of Radware DDoS, many attacks can be mitigated effectively.

Generally, it saves us a maximum of five to ten minutes, minimizing downtime or response times.

I have worked simultaneously with both Akamai and Radware DDoS. Radware DDoS was in place before I joined, but we later brought in Akamai due to previous support issues with Radware DDoS. Nonetheless, we still route 95% of our traffic through Radware DDoS.

I would recommend Radware DDoS as a solution to others because it provides good timely responses and effectively stops attacks.

I do not have specific recommendations for other organizations considering Radware DDoS, but I find it quite good and think it should have more features, such as record creation. I have given this review an overall rating of eight.

Our primary use at the moment is on auto-scaling in AWS. By using that and changing the architecture a little bit, auto-scaling is basically only needed when it comes to high-volume times like Black Friday and end of the year. Instead of having it permanently running, it is now only used during certain times of the year when we scale up and then scale in again.

I have used Radware DDoS web DDoS protection, such as HTTP L7.

Radware DDoS has been very good in mitigating advanced DDoS threats, such as burst, DNS attacks, and floods.

Radware DDoS protection ensures that legitimate users are not affected during a DDoS attack. This protection has helped uncover miscommunication between different departments within the company. For instance, the marketing team decided to allow a company to scrape the website or a specific part of the website. By finding that out and confirming it, it created a new communication channel internally and between users and clients, whether it is a B2C or B2B type of connection. We were able to find out in advance that a company was busy scraping a lot of data, but it looked like a bad configuration on their side where it was supposed to be a simple query, without having to break anything. This information was highlighted within the technical side and then communicated to create a communication channel.

The most valuable features I have found include sourcing geo information to determine where the DDoS queries are coming from, and then assisting with reporting to management and senior management. The technical information is great, and converting that into what is being targeted by the DDoS and from where is very helpful.

My experience with Radware DDoS behavior-based detection technology in terms of real-time attack detection and minimizing false positives helps from a technical perspective to get the information and then conduct deeper analysis. The behavior analysis around company announcements, whether it is a retailer or a bank, helps to see how the increase in attacks happens around certain keywords, especially if it is a financial announcement.

There is always room for improvement as nothing is perfect.

The additional features or improvements I would like to see in the next release of Radware DDoS include better algorithm tweaking and enhanced analytics for finding unique possible attacks. There are many people on the dark side that use spray and pray tactics, yet there are companies making use of very light tests and getting small but consistent replies. If that can be automated better, then that will help. This is also known as a low and slow attack.

I have been working with Radware DDoS directly for about four or more years now.

I would rate Radware DDoS stability about an eight.

I would rate the scalability of Radware DDoS a nine. There is always room for improvement.

I think their technical support is about an eight to nine, depending on the person I talk to and the willingness to reach out internally if there is something that they need to find out.

The quality of first-level support might not be so high at times, especially if it is a technical team that is working or managing the DDoS environment as a client.

Positive

Before Radware DDoS, I researched other products. Other than that, it was more just tools that were available within AWS, Azure, and those types of things, WAFs, that we configured but could not handle.

My experience with the deployment was straightforward. Obviously, there were some misunderstandings and assumptions that came to light during the deployment. From my side, that is normal in these situations: not understanding what was explained or someone within the team on our side assuming something instead of asking questions and conducting research.

We deployed it ourselves and with Radware.

I have definitely seen return on investment with Radware DDoS. The number of failed requests after implementation reduced drastically.

Radware DDoS has reduced my need for additional infrastructure investments due to DDoS threats.

My experience with the pricing of Radware DDoS has been that it is reasonable. There is always the request to sharpen pencils, which is a normal story.

I evaluated what is now called Thales and their services, and then also a company that had a proprietary algorithm that they use, which was not good. It was a local company. I also went through some testing of Citrix and Cisco and all those providers that said they had services available to see if it fits our requirements.

Radware DDoS protection ensures that legitimate users are not affected during a DDoS attack. This protection has helped uncover miscommunication between different departments within the company.

The average amount of time it takes for Radware DDoS to detect an incident is quick. The average that we used was a five-minute checkup, and it is usually less than that, which is what we found.

I would assess Radware DDoS response times after an attack as very good. It is catching something before it gets noticed by the SOC, which is always helpful.

My impressions of the SecOps dashboards for monitoring and reporting metrics are that they are good. Most people are pleased, which is normal. Someone would always prefer to see something specific, and understanding what people want is usually one of the big things.

I assess the SecOps dashboard for providing historical information on protected objects and networks as great for the security team. For reporting, it helps to break it down into different environments, if it makes sense, to report to management.

It is easy for non-technical staff to use the SecOps dashboards with just a little bit of training.

I would rate Radware DDoS as a product an eight overall.

Radware DDoS dashboards are very interesting for me. The specific dashboard for analyzing traffic is very useful since I can display the different traffic of my customer for specific countries, such as Colombia, the United States, or India. This information is very important for protecting the solution. Another dashboard shows attacks, allowing me to check the amount and size for different types of attacks. In another dashboard, I can find reports, and it is very interesting how the reports work because I can configure them for different policies or physical interfaces. This is very useful for me. Another dashboard requires a license for GIL, but I don't have much experience with that feature. In general, this is good for me.

The best thing about Radware DDoS for me is that the solution is very accurate. The information and the different types of graphics and data are very important. It is easy to operate and to understand the solution in my case. I had the opportunity to work with other types of solutions, Cloudflare, for example, and Forti DDoS, which is another solution for Fortinet specific to DDoS attacks. Radware is very easy to use. In fact, I had the opportunity to finish many courses for this type of technology.

Radware released a new solution specific to HTTP or Layer 7, and I find this solution very interesting. I try to know more about this specific solution because nowadays many types of attacks are not only Layer 4 or Layer 3 but also application-layer attacks. This solution is very important for me because it aims to understand the traffic, the different protocols, the thresholds for specific applications, and I try to understand the correct behavior. In order to do this, I aim to mitigate different types of attacks. This solution is a significant win compared to other vendors because it tries to understand the traffic and the behavior of the traffic, and it utilizes intelligence or machine learning to mitigate false positives, which is highly customized for different types of customers.

It is very interesting how Radware DDoS works because it is necessary to understand how different types of traffic operate. It is necessary to understand how DNS works. DNS, the domain name system, requires understanding the different queries. The solution for specific DefensePro is very interesting because I can configure the queries and the different types of queries of DNS. This solution permits me to configure and protect the DNS service for different companies. This customization is very easy to implement in order to protect the DNS solution.

Radware can improve in several specific areas. The downside is the marketing. Radware does not have the same presence as others, such as Cloudflare or Akamai. This is a key factor because many types of customers prefer other solutions due to marketing. In my experience, the cloud solution needs improvement. For example, Cloudflare is better in this aspect. This is the downside for Radware, but this is my opinion only.

Marketing for the presence of different types of solutions is one area. Another is the cost. The different solutions for Radware DDoS are expensive. Better pricing is needed. The solution is very expensive, and a less expensive solution would be very beneficial because many people could acquire this solution and these products.

I have had the opportunity to use Radware DDoS since 2018.

Stability depends on the architecture and how the overall environment works. For example, when I have the DDoS solution, I need DefensePro. DefensePro is the technology that is in front of the traffic and protects against DDoS attacks. It is common for Radware to launch this solution with another product called Cyber Controller. This Cyber Controller is for logging and analyzing traffic to report and understand if a DDoS attack is occurring. In my experience, I don't have many issues with this. I remember only one time when not Cyber Controller but APSolute Vision, an earlier product, the memory and disk were full. When this happens, users can't connect. I solved this by contacting a Linux expert to increase disk size, which allowed user access again.

Support has two phases. I remember once that support was very bad, but if I don't have all the information, such as packet capture, architecture, or topology explanation, it is very difficult to present the correct environment to technical support, and it is easy to lose time. However, I had the opportunity at another moment with all the information collected in a document of files that explains the topology, how traffic works, and what the issues are that need to be reviewed. Then the support is good. For me, it is necessary to communicate effectively both about the technology and the context to ensure Radware understands everything quickly and efficiently.

Positive

My experience with other types of DDoS solutions is relevant. If I were to compare other solutions to Radware DDoS, I obviously view Radware as better. I had the opportunity to implement Forti DDoS, which is a solution for attacks by Fortinet, but the solution is very slow and hard to set up or configure. The concept of security is different, and for me, the solution for Fortinet is very bad compared to Radware. Radware works very well. I had the opportunity to operate Cloudflare, and it is good, with the solution in the cloud. For example, many customers move to Azure or AWS, and this solution is very native in those environments. I don't know how Radware works in this specific environment.

The initial deployment is very easy because when I implement this solution, the information and different materials from the vendor are very useful in order to implement it. Last year, I had the opportunity to implement a Shield for an important customer in Colombia, specifically in the government and forces in my country, Colombia. I had the opportunity to implement a Shield using DefensePro. I don't remember if it was a model 60 or 60P, but this solution is very useful, and the different stages to protect the solution for our customer are very good. The customer is happy with this solution because when the plan and the solution are very stable, it is easy to migrate.

The implementation of Radware DDoS technology requires proper planning and technical expertise. The material is very good because the technical information is useful for me. Deployment is typically in on-premises environments and needs careful integration into existing networks. It is common to know all technology and architecture of the network to avoid impacting latency or availability with this solution. But it is very common in these types of migrations or using this technology.

During the initial phase, the solution must learn the normal traffic. For example, planning with the customer on how the solution works is necessary. The initial phase is when it learns the traffic patterns for one week, two weeks, or three weeks, depending on the quality of traffic. After this time, I can block the solution to protect the traffic. This stage should be very easy and comfortable for our customers. In my opinion, this solution is very good for customers because in just two phases, I can protect against different types of DDoS attacks easily and quickly.

This behavior-based detection technology, VDoS, is a component that uses a mathematical statistical module that builds a threshold. This threshold is based on the amount of traffic and obviously behavioral patterns, such as how many packets in SYN, ACK, and the different flags for TCP or UDP traffic. The accuracy of these various traffic types is registered all the time.

It is very interesting how Radware's protection ensures that legitimate users are not affected during a DDoS attack. When I have the correct baseline, the traffic is blocked when it passes this baseline. It's very interesting how it works because the traffic is analyzed and registered. When the traffic is detected as illegitimate, it is blocked or dropped. It is necessary to make a decision in DefensePro in order to block or manage the traffic. Once I detect and correct it in DefensePro, obviously the traffic is blocked and returned for the customer. I have had the opportunity to see when different types of attacks materialize for different customers, and I understand that the customer continues using the traffic during an attack. It is very important for me that when different types of attacks materialize, the availability of data is vital for our customers. Radware works very well on this topic.

Radware can detect an attack very quickly because in November last year, I had the opportunity to implement this solution for another customer in banking, and I find the detection of different types of attacks to be very quick. During the initial phase, it learns to understand how the traffic flows. But once the traffic is detected, I can review different types of attacks, such as UDP attacks. ERT is another type of solution for Radware and is also very quick. When the traffic is analyzed, it quickly detects traffic for Radware in my experience. During this initial learning phase, while the traffic is learning, it obviously passes through and is not blocked. Then when I establish a plan with the customer of one week or two weeks to block the traffic, it obviously works better.

I like this technology because the concept of security is very good for me. It's very interesting how security impacts organizations. I like how Radware works because the concept of security is necessary to protect an organization's assets in order to mitigate the different attacks that can be launched nowadays. I would give Radware DDoS a rating of seven out of ten.

My main use case for Radware DDoS is to spot DDoS attacks, filter them out, and block them as needed.

Regarding how my team interacts with Radware DDoS, the support is always available. If things don't go as planned, we know the Radware team is available. We have an engagement manager in place who gets back to us fairly quickly if there is an issue that doesn't resolve itself. We have a portal which shows us how many attacks come in, how many are filtered by Radware, and how many are spotted daily, and it's a really good tool to have within my team.

In terms of how my team uses Radware DDoS to stop attacks, I have noticed that it detects any attacks coming in and mitigates the attacks. If we have any issues, it's quite easy to get hold of the team at Radware to provide us support.

The best features of Radware DDoS are their use of DefensePro and DefenseFlow to automatically block detected threats. Normally, it automatically registers malicious behavior and filters those attacks out. Another feature I appreciate is the portal where I'm able to see how Radware DDoS has helped the company.

The specific features of Radware DDoS help my team day-to-day because the auto-detection and mitigation are really important. Attacks are automatically detected and mitigated, which means less hands-on work and it takes the pressure off. When we run into any other issues, the support is available, and it provides effective protection. It didn't take long to implement into our network, and the support is really good.

Radware DDoS has impacted my organization positively by providing robust DDoS protection. It offers excellent security and support, and it's an effective solution. It's there detecting attacks and mitigating them, which has allowed us to concentrate on other areas.

The impact of Radware DDoS on my team's workload and efficiency is positive because we don't have to have too many eyes on one thing. With the DDoS mitigation in place and automatic registering, it helps with that. The support from Radware puts less pressure on us to fix things on our own, and it has dropped the workload quite a bit.

Regarding the features of Radware DDoS, the portal could be more customizable, and the data on the portal could stay around for longer. I've been really happy with Radware overall. It has been really useful, and we have also worked with the team to improve the way traffic comes into our network, where we migrated certain services to certain areas of our network to help with the location of where Radware DDoS traffic comes in.

Improvements for Radware DDoS include enhancing the dashboard to allow for more customization, which would allow the organization to edit it to how they see fit. There could be better ways to retrieve data, perhaps a backend database for long-term data retention. The dashboard could be improved, but nothing stands out otherwise. It has been a good relationship.

I have been using Radware DDoS for three years since I've been at my organization.

Radware DDoS is stable. We have resiliency in place and it is geo-located, so it works well and remains stable.

Regarding Radware DDoS's scalability, there are always options to scale. As mentioned earlier, we had an issue where we needed to move our routers closer to Radware DDoS's infrastructure, and they were fairly flexible with it, allowing us to make the changes and arrangements. There is always the option to add more around the company, so it is scalable.

The customer support of Radware DDoS is rated 10 out of 10 because they are always available. We have a customer engagement member always available for us, so if we ever have an incident we're having trouble with or issues with the platform, we can always contact them. They are always on hand and put in the hours to solve any issues.

I did not previously use a different solution before Radware DDoS.

I was not involved in the part of setting up Radware DDoS, which includes pricing, setup cost, and licensing.

When it comes to the return on investment with Radware DDoS, it's hard to discuss in terms of money saved, but we definitely don't need to put as much focus on manually looking at attacks and mitigating them. In terms of cost saving, it has meant staff can work on other areas and improve automation or work on bigger issues such as incidents or future projects.

The advice I would give to others looking into using Radware DDoS is to make sure you put the time in during the setup. Get the setup correct and make sure you have everything in place. Know where you want to set it up, how you want it to help you, and what attacks you want it to address. You also want one person who is an expert in using the portal and can train other people, because having that expert will be useful when onboarding new people or showing others how to use Radware DDoS. I would rate my overall experience with this solution a 9 out of 10.

I currently use Radware DDoS to mitigate DDoS attacks, specifically highly volumetric DDoS attacks. There is an option to mitigate Layer 7 DDoS attacks to a good limit, though not fully. The better capability of this device is its machine learning capability, as it can create its own signatures on zero-day attacks.

Radware DDoS is effective at mitigating advanced DDoS threats such as burst and DNS attacks. This kind of attack is dealt with well when it comes to mitigations in Radware because the DDoS works efficiently in such scenarios.

Radware's protection ensures that legitimate, normal users are not affected during a DDoS attack because of the quota values. I set up these values based on the historic traffic I see, which is beneficial so that Radware DDoS will only be activated if the traffic is above that particular level. Another way is by using the security template, where I can allow genuine traffic based on the ports and protocols. I can create my own signatures in the security template to always allow them during a mitigation, and through these ways, I can achieve that.

The better capability of this device is its machine learning capability, as it can create its own signatures on zero-day attacks.

Radware DDoS's behavior-based detection technology is the best thing I have. I do not need to worry about any new forms of attack that are not pre-configured for filtering because it can create its own signatures based on the quota values I set for each protocol. A higher filter mode is stricter, but in low mode, it works fine. Low and medium modes work well.

One downside of Radware DDoS is that the GUI should be more user-friendly. I have experience in other platforms as well, and what I see with Radware is that it is not as user-friendly as the other ones, so that is definitely one thing that needs improvement. Additionally, I do not have an option to open a new tab within the existing GUI. If I want to open something in a new tab and try to compare it with what I have on the previous page, I cannot do it. I also note that as far as I know, Radware DDoS does not have any authentication countermeasures to mitigate any attacks, which needs to be addressed. I know it has protections for SYN floods and all, but that should be changed. It should be more transparent where proper authentication should happen with the source.

In my opinion, Radware DDoS's response times after an attack need to be improved. The response time is pretty bad sometimes.

The SecOps dashboards for monitoring and reporting the metrics are pretty bad. That is where the comparison with NetScout is more applicable because the NetScout reporting is really good. I am referring to the mitigation reports or the forensic reports. It is very hard to get a scaled report in Radware, and even after a mitigation, putting out a report for that specific mitigation is a hard process. That definitely needs improvement.

The aforementioned SecOps dashboards provide historical information on protected objects, networks, and so on, but when it is a sample report, it is not that accurate. As the scale goes bigger, the accuracy of the report also degrades.

Radware has not helped me reduce the number of false positives I receive in response to an attack because, as I mentioned, I do not use Radware DDoS as a detection mechanism. I have other detection mechanisms, so I do not work with Radware regarding false positive reductions. That is handled on a separate platform itself, so it is not needed here.

I have been using Radware DDoS for six years.

I have not seen any lagging, crashing, downtime, or any sort of instability.

Scalability in Radware DDoS is pretty good for me. The platform is good in that regard.

I would rate the scalability as 8 out of 10.

I have contacted technical support or customer support.

The speed and quality of Radware DDoS's support should be improved. Sometimes I do not get clear answers, and sometimes I do not even get a response for days, which I have experienced. That definitely needs improvement.

Negative

The initial deployment of Radware DDoS was moderate for me; it was not that easy, not that hard.

Maintenance for Radware DDoS is a collaborative effort; I take help from Radware on maintenance. If there is an issue with the device, I reach out to them, but the platform is managed by me.

Non-technical users do not use the SecOps dashboards.

If I were to rate them on a scale from one to ten for support, I would give them a score of four.

The average amount of time it takes for Radware DDoS to detect an incident is pretty good because it is less than two minutes. The detection part is impressive, but I do not have an exact time for this because I do not use it for detection most of the time. My detection mechanism is a bit different from what is normal, so I do not use it much in that sense.

It took me maybe a week to fully deploy Radware DDoS for the first time.

I am not sure if Radware DDoS's deployment can be done with one person or requires an entire team, as I was not part of the onboarding of the platform.

I use Radware DDoS for DDoS protection.

I thought that it would be much more work than it turned out to be at the end of the day because Radware has honeypot functionality that automatically blocks things they discover, and for our case, it blocks approximately 80% of the attacks or possible attacks. Automation is the best feature.

Regarding time and resource savings, it is difficult to say because with security, the answer depends on perspective. I would estimate it saves approximately 50% of resources, placing it in the middle.

Pricing has room for improvement. It is somewhat inconvenient for us because the new features that are introduced are pricey and are just add-ons to the original or baseline license. They could improve pricing from my point of view.

I have been using Radware DDoS for approximately 10 years.

Radware DDoS has helped reduce downtime associated with attacks. We have not experienced any downtime until now. However, this is a combination effort from Radware, from our ISP, and from other means of protection.

Radware DDoS is scalable, particularly in the field of cloud WAF.

I rate technical support at a 10 out of 10. The technical support is definitely excellent.

I compare Radware DDoS to other vendors such as Cloudflare, Akamai, F5, and Imperva. We have Imperva and DataPower from IBM. Radware DDoS is on the same level, and on some aspects, Radware DDoS is above the others for us. The primary reason is their technical support, which is great. They provide us with a great deal of expertise regarding our questions. The overall performance is pretty much the same, but I chose Radware DDoS because we are accustomed to it. The boxes perform their jobs fine, so we are quite satisfied with it.

The deployment was very straightforward. We completed it with Radware Professional Services, which did a great job. There were no objections or remarks.

Radware collects information over the phone or via WebEx or Zoom. We are doing great with Radware.

Radware DDoS web DDoS is not used for HTTP or L7 in our case.

Regarding threats such as burst, DNS attacks, encrypted SSL, and botnets, I believe Radware DDoS can help prevent them, but we do not use those capabilities. We have other ways to mitigate these types of attacks. We are aware of these features, but they are pricey and we use other methods of mitigation.

Concerning real-time attack detection and false positives, this feature was recently introduced. Overall, it is working fine regarding attacks, and we detect them quite easily. Regarding this new feature, it is too soon to have a definitive opinion because it has a nice graphical interface. The new features introduced are fine, but in the real world, it is too soon to judge if it is valuable for us. I believe it is, but for now, this is the best answer I can provide.

I use the SecOps dashboard, which provides historical information. We can perform forensics and obtain detailed reports. It is adequate.

I would recommend Radware DDoS to other users because in security, there are many layers of protection, and this is one of the most exposed regarding the internet. Radware DDoS is a first line of defense, and then other, more sophisticated methods can be added. I would definitely recommend it, but it is somewhat pricey, so if anyone can afford it, I would definitely go with it. My overall rating for this product is 10 out of 10.

The main use cases I have for Radware DDoS are traffic scrubbing, hybrid protection in the cloud and on-premise, and automatic mitigation when the bandwidth is saturated.

I use Radware DDoS in my day-to-day work with the company's core services and ERP exposed to the internet.

When the core services and the ERP are exposed to the internet, Radware DDoS has not managed to mitigate any specific attack with major impact that I can recall.

Radware DDoS has positively impacted my organization by giving us greater visibility into all the traffic that hits our applications and faster decision-making when it comes to mitigating any attack and determining whether it is a false positive or a real attack.

An indicator that has improved since I started using Radware DDoS is the reduction of incidents and it gives us more clarity about false positives.

I consider the best features that Radware DDoS offers to be the protection, including SSL protection, the creation of dynamic signatures automatically during attacks, inspection and mitigation of HTTPS and SSL attacks, and integration with the router to divert all the traffic and block malicious traffic.

I would like to add that the always-on protection and activation based on an attack threshold is an especially innovative feature.

I think Radware DDoS could improve the end-user interface slightly, but everything else is excellent as it is an easy-to-use tool.

I have been using Radware DDoS for approximately two years.

Radware DDoS is a very stable solution.

My experience when increasing or decreasing the capacity of Radware DDoS according to the company's needs has been very good, and I would give it a nine out of ten.

I would rate the scalability of Radware DDoS as excellent as it adapts well to changes in traffic volume and the company's needs.

I would describe the attention and assistance I have received from the Radware DDoS team as excellent, as they have been there when we have needed them.

I would describe Radware DDoS's customer support as excellent.

I did not use any other solution before Radware DDoS as it is the first solution we are using.

I would describe the ease of integration of Radware DDoS with other tools or systems that I use in my company as relatively simple, thanks to its compatibility with widely used networking and security standards. Radware DDoS allows integration with firewalls, and in our case we use Fortinet firewalls, and with additional network-level monitoring platforms that we have in the company.

Regarding daily management, I would describe the ease of administration and monitoring of Radware DDoS as very good as the dashboard is very intuitive and easy for the end user.

I have seen a return on investment since I implemented Radware DDoS with savings in resources and time, and greater visibility when making decisions.

My experience with the costs, pricing, and licensing of Radware DDoS is that while it is expensive, the tool meets all expectations.

Before choosing Radware DDoS, I evaluated other options such as Fortinet and F5.

My advice to other professionals who are considering implementing Radware DDoS is to validate the need for which the tool is going to be purchased, since it is expensive, but even so it is an excellent tool that in my case fit all the needs and meets all the objectives for which it was acquired. I gave this review a rating of ten out of ten.

We have been using Radware DDoS extensively for the past two years in our production network within the utility sector. Primarily, we use it for application layer filtering and for direct termination with our Internet Service Providers (ISPs). Initially, we encountered several challenges during the configuration process, primarily due to the lack of ready-made templates. However, over the last two years, we have successfully implemented filtering measures, effectively mitigating our DDoS attacks by removing unwanted traffic directed at our public IP addresses.

This system has been crucial in securing our operations and meeting our specific needs for our data center. All public domain URLs in the utility sector are hosted behind an Internet firewall, ensuring that the traffic directed to these public domains is properly managed through DDoS protection. That sums up our experience with this system.

Radware DDoS has been effective at mitigating advanced DDoS attacks such as burst or DNS attacks and encrypted SSL floods because we blocked all public domain IPs through access lists at my DC router, where all the ILLs are delivered from the ISP. We are getting IOCs, which are Indicators of Compromise from CERT-In, NCIIPC, and CS K-Cyber Swachhata Kendra, from central agencies.

My experience with the behavior-based detection technology for real-time attack detection and minimizing false positives is quite positive. The behavioral framework we have consists of three layers. The first layer focuses on DDoS protection, as we are implementing two policies for two ISPs simultaneously. In our environment, we are not using an active-standby setup; instead, we utilize both links from each ISP. Therefore, we are deploying two identical boxes, one connected to each ISP. These ISP links are directed towards our management service, where all public domain sites are hosted in our data center. Regarding the behavioral aspect, let's consider a scenario where there is suddenly a spike in packet traffic from a public domain. We typically monitor the daily bandwidth usage on the ISP side. For example, if the average bandwidth usage is around 200 Mbps, but one day we notice a surge to 400 Mbps, this may indicate unknown traffic hits. This is particularly concerning because we operate in the utility sector, where we collect electricity bills each month. We use handheld devices to fetch these bills from our system, processing them at the beginning of each month. This increase in traffic could likely stem from these sources, as they may be generating numerous unknown visits to our data center servers in an attempt to log in. 

To analyze this behavioral pattern, we first examine the trust levels associated with the bandwidth usage. We investigate the cause of the sudden increase in bandwidth and identify the unknown IP addresses responsible for the traffic. We then determine the locations of these IPs and formulate policies in our DDoS logon system to block any suspicious activity. Additionally, we address two other behavioral patterns: one through endpoint security for end-user services and another through anti-Advanced Persistent Threats (APT) measures. This comprehensive approach helps us safeguard our systems effectively.

Radware DDoS protects legitimate users during a DDoS attack. We have a behavioral filtering template that we enabled after subscription. Every month, we create a report analyzing the number of unknown hits generated from DDoS, identifying legitimate IPs from our customer base and unknown IPs from other countries. We conduct geo-fencing as the first level of protection, allowing only Indian region IPs to execute packets towards our management server. The second level involves using default templates to perform this activity efficiently.

The HTTP Layer 7 protection works effectively as the signatures are updated on a daily basis and automated from the Radware cloud. Zero-day protection happens automatically because the initial steps only require us to create the policy for filtering, but after that, it continuously does its job without any manual intervention.

The zero-day attack signatures for new types of attack threats and vulnerabilities are directly taken from the cloud and blocked. For DC network flow, the fast layer DDoS attack itself is removed from the entry point from the ISP side only. After that, the traffic lands with DDoS, coming from my perimeter firewall, providing another layer of filter and protection. After my perimeter firewall, the traffic goes to my anti-APT, where we perform another level of protection or filtering for DDoS.

There are areas where Radware DDoS could improve, specifically regarding centralized visibility. If someone is allowed access to one payment server but attempts to access the backend database and application servers from that source, we need to analyze the level of propagation. If they are performing suspicious activities such as random logins, it would be beneficial to have a centralized console that shows which IP is attempting which actions for greater visibility, enabling better analysis.

To sum it up, we suggest that clear visibility within a management console could significantly enhance Radware DDoS's usability. We use Radware DDoS and Check Point for our public site because understanding the origin and pattern of public hits is crucial. If the console could segregate packets by type—such as HTTPS, logger, database-related queries, or other behavioral data—and generate reports accordingly, it would better aid our analysis.

We have been using Radware DDoS for two years.

In terms of scalability, Radware DDoS excels. One device we procure is reliable and automates filtering by downloading signatures and providing behavioral analysis. It operates with predefined signature filtering without needing much from us other than receiving reports. I would rate its scalability as nine out of ten.

I have contacted technical support for Radware DDoS many times, and their support quality is the best I have encountered in my entire career. Their responses are quick, and the support surpasses my experience with other OEMs such as Check Point, Sophos, Fortinet, and Cisco, who can often be slow with their solutions.

I have faced issues and approached TAC, and their ability to provide skilled and technically sound support is impressive. They accurately address the service requests and come up with effective solutions faster than many other manufacturers. Their support is significantly better than other OEMs who often resort to trial-and-error methods.

Throughout my career, I have done DDoS filtering through ISPs, but currently, we have a dedicated appliance for DDoS, following recommendations from the DOT and Central Government of India for compliance with ISO 27001 certification.

The initial deployment process can be quite challenging.  The business analyst or and solution integrator often creates confusion, particularly in our location. The Solution Integrators are usually not able to explain everything clearly in one go, which means we often have to go through the information piece by piece. As a result, completing the initial setup and implementation can take nearly forty-five days. If there were a ready-made template available, it would greatly simplify the process. We need to identify the specific hardware requirements and develop a checklist for hardware compatibility and configuration that meets our cybersecurity policies. To comply with these policies, we are currently working on strategies to mitigate potential risks.

Getting a ready-made template for hardware considerations, including guidance on how to harden that hardware before moving to the production level, would be extremely helpful. Additionally, having recommended guidelines from Radware on enabling these policies could streamline our implementation process. In my opinion, this approach would allow us to complete the entire solution implementation within the recommended timeframe.

Maintenance involves ensuring that hardware is functioning properly, including checking subscriptions and enabling necessary blades. For example, last month, we had to enable geo-fencing to block all traffic except from India, which involved re-enabling a previously disabled geo-fencing blade. If there were a central management console that provided alerts about system health, such as fan RPMs and SMPS performance, it would help us maintain the Radware DDoS system proactively.

Typically, two to three people are required for deployment. Initially, we communicate with the application team to ensure proper TLS and SSL levels. After confirming application legitimacy, we assess the delivery and operation level, followed by database and server reviews before concluding that the application is ready to integrate with the DDoS devices.

We are going for seven-year support with a solution comprising two hardware boxes for redundancy and high availability, priced at around 2.4 crores. This pricing is manageable without any worry.

I have considered competing products in the market. We have raised a request for another solution besides Radware DDoS, as Cloudflare has been selected as L1 for another DR setup we are trying to establish. Management requests that we consider similar solutions, which is why Radware DDoS remains qualified as L1.

I would rate Radware DDoS a nine out of ten. 

We are using the service for DDoS protection, and all applications that are accessed over the internet need to be put behind the Radware WAF. Currently, we are using 60 to 65 licenses of Radware WAF where we have onboarded these internet-exposed applications. 

Our package includes protection from the Top 10 OWASP attacks and behavioral learning, which is important for traffic monitoring. We focus on low latency mitigations and granular controls in application level policies. When onboarding any application, we work with our stakeholders who inform us which controls should be enabled or disabled. We communicate with the Radware team, and after learning the traffic patterns for 10 to 15 days in the normal mode, Radware provides documentation to share with our stakeholders before moving to protection or block mode.

We are the owners of the Radware DDoS licenses, and there is a dedicated team providing 24/7 real-time monitoring of the product. The detection and prevention capabilities are very good.

It provides protection for network applications and infrastructure level, and the best part is the behavioral-based detection that Radware provides us, along with real-time signature creation. We also have some applications where we have botnets running, and it provides protection against them. 

Web DDoS targets the application layer, which is layer seven of the OSI model. For that, we focus on the Web DDoS technique for bot-based attacks because we have many applications where bots are running. We also face many random URL attacks every day, and it protects against malicious or suspicious random URL attacks.

It ensures both security and performance. It achieves this by learning behavior patterns and providing protection without blocking normal traffic. These are some of the features I am particularly satisfied with in this product.

There should be some extra layer of security and a method of advanced rate limiting. We can limit the number of IPs or URLs per session and per country. There should be improved bot management integration that mitigates bot-based DDoS attacks completely.

I have been using Radware DDoS for the last two to three years.

It's stable. I would rate it a nine out of ten for stability. 

It's scalable. I would rate it a nine out of ten for scalability.

We have 65 licenses.

I'm from India, and we have a dedicated technical account manager who is very supportive. Additionally, we have a large partner team that is a gold partner of Radware. They provide a lot of support as well. Whenever I encounter any issues, I can easily reach out to Radware. I typically submit a ticket for any malicious activity that occurs, and I usually receive a resolution within two to three hours.

Positive

Many years back, I used Barracuda WAFs. I cannot comment on what Barracuda is currently doing in the WAF area, but that solution was good. However, with Radware DDoS, the console is very easy to learn. There is no complexity, and everyone can use the console and easily see all the features. In the future, I will definitely continue with Radware DDoS.

The setup is easy as it is a cloud-based service. It does not present any significant challenges and takes only one or two days to implement.

It saved us 40% to 50% of time, money, and resources. 

It is not expensive. It is medium range. The pricing is good, as we recently renewed our licenses from Radware.

I've been using this solution for the past two and a half years at my company, and I’m pleased to share that we’ve successfully achieved all of our use cases with their services. We are very happy with the product, which effectively detects and prevents external attacks. We also recommend Radware DDoS to other customers because it truly is one of the best products available.

According to what I learned from the Radware DDoS team, the new features are AI-powered, which makes everything faster and more efficient. The best part is the auto policy with zero-touch tuning. We do not require much tuning as we can auto-apply the policy, which automatically optimizes itself using behavior analytics. We have recently purchased API discovery and protection features, which are working very effectively.

We purchased the API protection plan. Previously, testing was done manually while creating software. We have purchased the Radware API discovery and API protection plan, which has reduced our time effort and enhanced quality checks. There was only one incident in the last two to three years, which Radware WAF handled very effectively. We had only two to three hours of downtime for that particular application.

I recommend Radware because of its features, including AI-powered Web DDoS protection, zero-touch tuning, auto policy, API discovery and protection, and advanced bot manager. They have excellent device fingerprinting, behavior analytics, and enhanced threat intel feed that they provide to customers. These are the main reasons I would recommend other customers to choose Radware. 

I would rate this solution a nine out of ten.