Radware Cloud WAF Service Reviews

We have several web applications in various environments. Some are hosted on-prem or Azure and others are hosted at different locations or by business partners. Cloud WAF provides centralized control over the security of those web applications.

Cloud WAF protects us against all DDoS attacks, improving our resiliency and security. It has multiple security feature sets we use, such as OWASP Top Ten Protection. Radware lets us switch assets quite quickly. It fronts web applications, so we can redirect the traffic to a different page if the backend web application goes down. For instance, if we have an outage in our web form, we can redirect that from the Radware side to an Azure website instead of giving the user a "Page cannot be displayed." 

Cloud WAF gives us greater visibility. We sometimes get calls from clients who say they're getting an error. We can use Cloud WAF to discover the error generated and troubleshoot any bad behavior. Radware flagged some attacks from China where an attacker attempted to capture traffic. If you go look at the raw code coming in, you can see some suspicious characters being injected into legitimate traffic.

I can't say if our false positives decreased because we previously had no WAF protection. Information was stored in the IPS signatures or IAS logs, but we weren't ingesting those to look for anything interesting. Cloud WAF has given us more visibility than we had before.

Our only integration is pulling the telemetry out into our scene. We use the API to pull the data in. The only other integration piece, if you want to call it that, is using the generic error that they present to a client to troubleshoot client experience problems. We don't integrate much aside from those two.

I can't say that we saved time because we weren't using anything before Radware, but we don't spend much time configuring the solution. They're doing a lot of analytics in the background. We followed a process before we onboarded Radware where we put the solution in Learning Mode to see if there was anything interesting or any default conflict changes we needed to make. We mostly left it alone after that. 

It would likely take us around 15 to 20 percent more time to support the infrastructure ourselves. We would need a human to install updates and patches, but Radware manages all of that. 

DDoS protection was the critical feature we wanted when we decided to go with Radware. The company faced many DDoS attacks at the time, and we didn't have a solution. It's not the only reason we chose Cloud WAF. We do use it for other use cases.

Cloud WAF's interface is easy to use and protects us from OWASP Top Ten threats. Our dev team do QA checks on applications before they go live, but Cloud WAF creates an additional security layer on our website. 

The solution protects against multiple threat types. We see SQL injection attacks and DDoS probes constantly. Attackers attempt multiple queries and enumeration attacks against our applications. We previously had a basic firewall with an IPS feature set, but it wasn't providing the same level of protection we get from the WAF.

CloudWAF matches things automatically and identifies any threats. It seems to be doing its job. We sometimes have strange code-related behavior. When our developers write some poorly written code, it generates events in Cloud WAF. It's generally effective at detecting. We had an issue with a misconfigured rule where it blocked legitimate traffic. Overall, we haven't had many issues with it in the last three years. We leave it alone.

They've changed their process for call logging. I suppose it's fine, but I used to be able to send emails in. They could also build up more local resiliency here in South Africa. They're working on that, so it isn't much of an issue now. 

We have used Cloud WAF for about three years.

Cloud WAF is a highly stable product. We have only had two outages in four years. One was an update that they pushed out, and the other was a problem with the DDoS mitigation.

We only have about 15 websites, but Radware can scale because it's a cloud service. We've probably seen around 100,000 to 200,000 simultaneous users, and we're pushing more and more people through to it. Our clients vary in size, but the bulk of our business consists of small and medium-sized retailers. 

I rate Radware support an eight out of ten. I recommend buying the extended support, which we didn't purchase when we first signed up. We see a noticeable benefit from extended support in terms of response times.

Positive

Setting up Cloud WAF was straightforward, and Radware helped us when needed. Deploying everything took around a week, but we're a risk-averse company. We took our time before sending all the traffic through. We started with a few low-hanging fruit websites because we didn't know the tech, so it took us two months. The business stakeholders said we needed to test it with the less-critical websites for two months to ensure we had no issues. After that, we onboarded the main website.

My team deployed it. Cloud WAF is a hosted environment in two POPs in South Africa, and we buy the service. The service flows from there through to websites that sit on-premises or in other locations. After deployment, we don't need to do much on there. We only need to investigate events if we see something. Maintenance includes adding and removing users from the console due to company turnover. We also change certificates when they expire. 

Calculating the return on investment is hard, but we've reduced our risks. When we implemented Radware, South Africa was facing a wave of DDoS attacks that primarily targeted financial services, but we weren't concerned because we had DDoS protection.

We don't need a dedicated person to manage it. It's a hands-off service that alerts us if they pick up something. They do lots of additional monitoring for us, like if there is trouble on the back end and any of our sites go down. That frees us up a lot.

Our company started with nothing, so we realized instant value from the service. It starts providing protection immediately, and the assets that Cloud WAF protects need 100 percent uptime. We lose money if our sites go down because clients can't complete transactions. 

I think Cloud WAF is fairly priced, but the pricing model is a bit weird. It's modular. You buy Radware WAF, but DDoS and bot protection are bolt-on features. I would prefer to buy it as one complete package because bundles are usually cheaper than three standalone products.

We also looked at Cloudflare. Radware stood out because we are in South Africa, and the rest of the world is far away. The latency is too high if we host anything in Europe, so we needed something based in our country. 

Otherwise, we would need our own infrastructure. We would have to buy three devices and support that. Radware was the only vendor with a presence in our country, which made the decision easy. 

I rate Radware Cloud WAF Service a nine out of ten. We're pleased with the solution. If you plan to implement Cloud WAF, my advice for Radware and any cloud service is to know your SLA. Radware offers many extra services in its SLA on top of standard services. The SLA is an insurance policy if you need to call someone to check on things. Radware support has been incredibly responsive. Their monitoring team has gone above and beyond. They notify us when our websites fail, but they don't need to. 

The bank uses different channels, such as mobile banking, Internet banking, and Creditnet, and we adopted Cloud WAF to prevent blockages and attacks. We have passed the policy review stage and are ready to begin blocking. Right now, we are in reporting mode and heading to the blocking stage.

The bank has benefited from improved security and visibility. Two months ago, there was scouting at a national level in Bolivia from Brazil, and it was difficult to find. Cloud WAF gave us that visibility, and as soon as we had a bit of suspicion, we started to block things, mostly traffic. That has benefited us a lot, especially in having more peace of mind and visibility of events and possible attacks.

The network team started with RadWare Alteon, and after that, they began to consider WAF and Cloud WaF.  After a month of putting together infrastructure and having clarity, we have already begun to notice the benefit of visibility.

We do have greater visibility of false positives, but we understand that RadWare cannot make the change. It depends more on internal processes to validate false positives. It does provide support by detecting them, and then we need to coordinate internally. For example, we noticed many false positives in SQL injection—around 60 to 70 percent of the false positives were there—so we already have a basis for mitigating them in other channels. 

Cloud WAF has freed up our IT staff's time, saving us around 40 percent. For example, because we have visibility on the network level, we do not have to figure things out. If an event occurs in some SIEM or an attack occurs, we can act quickly to prevent the attack and loss of information or economic impact. 

From my side, it is a little easier to automatically see these events, show the teams, and coordinate this whole issue rather than spending time investigating, checking logs, and seeing those types of elements on servers, in the DMZ, or in the same application. 

I like that Cloud WAF provides me with lots of information. All the events and all the possible attacks appear in front of you, and false positives appear through different channels. The solution's automated analytics are excellent. I have several events that appear automatically.

The blocking part seems good. Since I'm just starting on the team, I don't know much about the tool. I'm discovering all its features right now, and they showed me some video tutorials.

We haven't seen any issues with integrating Cloud WAF at the same level of product. For example, we haven't had any problems integrating it with Alteon. I don't have direct experience integrating it with firewalls or other tools, but based on what others are saying, there haven't been any compatibility issues with other applications the bank uses. 

Cloud WAF's management portal lacks many indicators, and the interface could be more user-friendly. It should provide more detailed information on events, possible solutions, and what each event means. While it does give you the event and block part, it doesn't give you a solution. Let's say, for example, someone wants to go into an SQL injection and find a possible solution other than the blocking part, there are no details. It would be good to have possible solutions or the ability to create an automated report to send to the developers in the portal.

Also, they should offer more Spanish-language tutorial videos. There is only one tutorial in Spanish, which is difficult for us as Latin American customers. 

I've been using RadWare Cloud WAF for about two to three months.

Cloud WAF is very stable. We haven’t had any problems at the portal, tool, or service levels. 

We are just starting to figure out Cloud WAF's potential, but we already want to increase the usage in our company.

I rate Radware support eight out of 10. I have seen a lot of willingness from their side to help us, but you need to open the ticket and look for the details in English, and most support is in English, so explaining issues to them is challenging.

Positive

The biggest return on investment comes from improved security and avoiding information losses or DDoS attacks. We gain security and the certainty that we will always be operational. The number of attacks has been reduced, and there is a contingency area here that measures the indicators, including the TCO. It's hard to tell, but it looks like approximately 30 to 40 percent.

I rate Radware Cloud WAF eight out of 10. The interface could be a little more detailed. It would be great if Cloud WAF could provide us with alternative solutions to pass along to the developers, infrastructure, security, and all the teams involved in critical events. For example, you have no alternatives if you have a crisis that can be attended to this week or in the next two weeks. You can only block it or not, making things a bit more complicated.

I don't know the tool well yet, but from what I have seen it could be improved by simplifying the team coordination. Also, the categorization could be better because there are only four or five categories: injection, vulnerabilities, etc. If we had more details and options it would benefit us a lot. 

I recommend future users learn a little about the tool before using it and have training. It is extensive, so it's critical to know about the events. This tool opened my eyes. We were not covered through all the protocols, we weren’t really safe, this tool gave me a much-needed security.

Foreign Language: (Spanish)

Nos beneficiamos de una mayor seguridad y visibilidad.

¿Cuánto tiempo lleva usando esta solución?

He estado usando RadWare Cloud WAF durante aproximadamente dos o tres meses.

¿Cuál es su principal caso de uso de esta solución? (Incluya detalles sobre su entorno).

El banco utiliza diferentes canales, como banca móvil, banca por Internet y Credinet, adoptamos Cloud WAF para evitar bloqueos y ataques. Hemos pasado la etapa de revisión de políticas y estamos listos para comenzar a bloquear. En este momento, estamos en modo de informe y nos dirigimos a la etapa de bloqueo.

Comparta cómo Radware Cloud WAF Service ha mejorado su organización. Si no fue así, explique por qué.

El banco se ha beneficiado de una mayor seguridad y visibilidad. Hace dos meses hubo scouting a nivel nacional en Bolivia desde Brasil y fue difícil de encontrar. Cloud WAF nos dio esa visibilidad y tan pronto como tuvimos un poco de sospecha, comenzamos a bloquear cosas, principalmente tráfico. Eso nos ha beneficiado mucho, sobre todo en tener más tranquilidad y visibilidad de eventos y posibles ataques.

El equipo de redes comenzó con RadWare Alteon y después de eso, comenzaron a considerar WAF y Cloud WaF. Después de un mes de armar la infraestructura y tener claridad, comenzamos a notar el beneficio de la visibilidad.

Tenemos una mayor visibilidad de los falsos positivos, pero entendemos que el cambio no depende de RadWare. Depende más de procesos internos para validar los falsos positivos. Brinda apoyo al detectarlos y luego necesitamos coordinarnos internamente. Por ejemplo, notamos muchos falsos positivos en la inyección SQL (alrededor del 60 al 70 por ciento de los falsos positivos estaban allí), por lo que ya tenemos una base para mitigarlos en otros canales.

Cloud WAF ha liberado tiempo de nuestro personal de TI, ahorrándonos alrededor del 40 por ciento. Por ejemplo, como tenemos visibilidad a nivel de red, no tenemos que resolver las cosas desde cero. Si ocurre algún evento en algún SIEM o se produce un ataque, podemos actuar rápidamente para evitar el ataque y la pérdida de información o impacto económico.

Por mi parte, es un poco más fácil ver estos eventos de manera automatizada, mostrarselos a los equipos y coordinar todo este asunto en lugar de perder tiempo investigando, revisando registros y buscando ese tipo de elementos en los servidores, en la DMZ o en la misma aplicación.

¿Qué características le han parecido más valiosas y por qué?

Me gusta que Cloud WAF me proporciona mucha información. Todos los eventos y todos los posibles ataques aparecen frente a ti, y aparecen falsos positivos a través de diferentes canales. Los análisis automatizados de la solución son excelentes. Tengo varios eventos que aparecen automáticamente.

La parte del bloqueo me parece buena. Como recién estoy comenzando en el equipo, no sé mucho sobre la herramienta. Estoy descubriendo todas sus características ahora mismo y me mostraron algunos videotutoriales.

No hemos visto ningún problema con la integración de Cloud WAF con otras soluciones de RadWare. Por ejemplo, no hemos tenido ningún problema para integrarlo con Alteon. No tengo experiencia directa en su integración con firewalls u otras herramientas, pero según lo que dicen otros, no ha habido ningún problema de compatibilidad con otras aplicaciones que utiliza el banco.

¿En qué áreas se podría mejorar el producto o servicio?

¿Qué características adicionales deberían incluirse en la próxima versión?

El portal de gestión de Cloud WAF carece de muchos indicadores y la interfaz podría ser más fácil de usar. Debería proporcionar información más detallada sobre los eventos, las posibles soluciones y lo que significa cada evento. Si te brinda la parte de evento y bloqueo, pero no te brinda una solución. Por ejemplo, si alguien quiere realizar una inyección SQL y encontrar una posible solución distinta a la parte de bloqueo, no puede ya que no existen detalles. Sería bueno tener posibles soluciones o la capacidad de crear un informe automatizado para enviarlo a los desarrolladores en el portal.

Además, deberían ofrecer más videos tutoriales en español. Sólo hay un tutorial en español, lo cual es difícil para nosotros como clientes latinoamericanos.

Alternativas y consejos:

¿Utilizó anteriormente una solución diferente? De ser así, ¿por qué la cambió?

Antes de elegir, ¿evaluaste otras opciones? ¿De ser asi, cuales?

¿Tiene algún comentario o consejo adicional sobre esta solución?

Califico a Radware Cloud WAF con ocho sobre 10. La interfaz podría ser un poco más detallada. Sería fantástico si Cloud WAF pudiera brindarnos soluciones alternativas para transmitirlas a los desarrolladores, la infraestructura, la seguridad y todos los equipos involucrados en eventos críticos. Por ejemplo, no tienes alternativas si tienes una crisis que puede ser atendida esta semana o en las próximas dos semanas. Sólo tienes dos opciones: bloquear o no bloquear, lo que complica un poco las cosas.

Aún no conozco bien la herramienta, pero por lo que he visto se podría mejorar simplificando la coordinación del equipo. Además la categorización podría ser mejor porque solo hay cuatro o cinco categorías: inyección, vulnerabilidades, etc. Si tuviéramos más detalles y opciones nos beneficiaría mucho.

Recomiendo a futuros usuarios conocer un poco la herramienta antes de utilizarla y capacitarse. Es extensa, por lo que es fundamental conocer los eventos. Esta herramienta me abrió los ojos. No estábamos cubiertos ante todos los protocolos, no estábamos realmente seguros, esta herramienta nos brindó una seguridad muy necesaria.

Rendimiento

¿Cuáles son sus impresiones sobre la escalabilidad de esta solución?

Apenas estamos empezando a descubrir el potencial de Cloud WAF, pero ya queremos aumentar su uso en nuestra empresa.

¿Cuáles son sus impresiones sobre la estabilidad de esta solución?

Cloud WAF es muy estable. No hemos tenido ningún problema a nivel de portal, herramienta o servicio.

¿Cuál es su retorno de la inversión?

El mayor retorno de la inversión es la mejora en seguridad y el poder evitar pérdidas de información o ataques DDoS. Ganamos seguridad y la certeza de que siempre estaremos operativos. Se ha reducido el número de ataques, aquí existe un área de contingencia que mide los indicadores, incluyendo el TCO. Es difícil saberlo, pero parece que se ha reducido aproximadamente entre el 30 y el 40 por ciento.

Configuración y soporte

¿Lo implementó a través de un equipo de proveedores o uno interno? Si se trata de un equipo de proveedores, ¿cómo calificaría su nivel de experiencia?

Cuéntanos tu experiencia con el servicio de soporte al cliente.

Califico el soporte de Radware con ocho de 10. He visto mucha disposición de su parte para ayudarnos, pero es necesario abrir el ticket y buscar los detalles en inglés, y la mayor parte del soporte es en inglés, a veces explicar el problema es un reto.

¿Cómo calificaría esta solución en una escala del 1 al 10 en cuanto al servicio de soporte?

8.

We have external facing sites that our clients use, and it's important that those are protected. It's a traditional use case. The end-users are the firm clients trying to come into the firm using firm applications. So, this is the external perimeter, and that's the typical use case.

It gives you more insights into what may be happening in your environment. It doesn't free up people's time, but it helps them add an additional data point so that they can be better informed. In that sense, it improves efficiency. When you are in the security mindset, you want to make sure you have the ability to gain as many insights as possible for a potential attack. The intent is never around freeing up time.

It provides the first level of defense against external threats trying to come into the environment, but it's one of the many toolkits we use. 

I'm the global head of cybersecurity across all business lines with a prime focus on audit risk and compliance. I look at Radware in terms of the ability to do two things. One is being very well aware of what's happening in the industry and the threat landscape, and the relative to that is the right sizing of the product so that the product can identify those emerging threats in time and then block them. That's essentially what I'm expecting Radware to do. The ability to provide some insights into lookback is equally important, which means you found something today but that doesn't mean that it happened today. It could have happened many moons ago. That lookback is equally important. There is a lot more that is expected from Radware's automated analytics for looking at events. There needs to be more context of where protection is required these days.

I have used the API Discovery feature. It's relatively easy to use, but it pales to some of the tools that currently exist in the marketplace. They may be a little more sophisticated than what Radware provides. A lot of work needs to be done out there for the end-to-end API protection offered by the API Discovery feature. It's a good first step, but Radware isn't there yet. Similarly, in terms of integrating with other systems and applications in our environment, a lot more work needs to be done out there.

The visibility of API relative to data flow and contextual understanding of what that is for a business is extremely important, and APIs don't seem to cut it. The majority of the attacks take place in memory, so you need to make sure that there is close alignment around how you view that and draw conclusions based on that data. Right-sizing is based on the industry because some of them have the same set of APIs and the same set of structures from which you can easily draw context and draw conclusions in terms of what's happening.

We've been using it for two years. It came to us with an acquisition.

They've had one odd outage. You can't have an outage in that business. They got to get a little better for enterprise-grade.

They have been collaborative. They were eager to have the firm's business, so we received the kind of support we wanted, and that's fair. We have no complaints, and there is nothing that stands out of the ordinary. I'd rate them a seven out of ten.

Neutral

In an organization of our size, you don't have one single vendor. It's a layered defense model. You don't have one single product that you're heavily reliant on. From that perspective, Radware is a part of the ecosystem.

In terms of blocking unknown threats and attacks, Radware is at par with other firms. There is nothing extraordinary. The protection it provides is comparable. It isn't superior. It's amongst the top three or four, but it's definitely not number one.

It required tuning to meet our requirements, but that's true for all products.

It was implemented in-house. There were four people involved in its implementation.

The value proposition of a product is based on not just one feature set. It's based on the suite of features and the impact. It's no different than the value of a security guard outside the building. It's justified in case you have a major attack and it has been able to thwart that attack, but up until that point, you won't be able to say, "Hey, what is the true value that I'm getting out of this?"

When you're getting this or any other solution, you need to look at three things.

1. Is it fit for purpose? What are you getting it for, or does the solution meet the need?
2. Is it going to add value and be a strategic partner going forward? Do you see it evolving with where the threat landscape is heading and where the market is heading? Do you see a relationship?
3. Do they get it right? Are they aligned or in sync with the industry and with what the regulators are looking at? This one is generally missing in this case.

I've used CDN services offered by Radware in conjunction with Cloud WAF. Radware is in the same ballpark compared to the industry leaders, though some of the industry leaders are a little sophisticated in terms of features and offerings. However, there are certain areas towards which the industry isn't evolving, and Radware can obviously position itself so that it can succeed.

Overall, I'd rate Radware Cloud WAF Service a seven out of ten. There is a lot they can do. They're in a good position. They have their foot in the door. They need to just up their game.

We use the solution for safeguarding web applications.

The solution has been very good at protecting our business. We have many critical applications on the cloud and we can't protect it without Radware.

It's a very comprehensive and user-friendly solution. It's easy to implement and integrate. We also have found it's easy to reach support if we need help.

The solution has helped us enhance our cyber security posture. It's good for data protection. We've been able to protect our public-facing infrastructure.

We haven't had any incidents or compromises in the entire three years we've used Radware.

The Cloud WAF Service blocks unknown threats and attacks effectively.

The analytics are very good.

The API discovery feature is very helpful, and end-to-end API protection is useful. Everything is encrypted to ensure effective protection. We get Layer 7 protection from it. 

The API discovery is a very useful feature. It is easy to use. A few months before, I did a demo to learn more. We can see which APIs are being used or not. It helps us discover and remove unused APIs. In our case, we found 20 APIs that were not used by the team. 

We use the CDN features. It's pretty easy to use the combination of CDN and Cloud WAF. It helps your Radware Cloud connect with the nearest server or the Redware server. We have multiple servers worldwide, so this is useful for us.

Integration is very easy. Sometimes, we have 10 to 15 applications hosted on the cloud. It's very easy to add applications. It's not complicated.

From the Radware cloud, it's integrated with our SOC. All the logs are received by the SOC.

They need to improve their reporting. We need to present our management with reports and we need better options for reporting. They don't want lengthy reports. They need something that is one to two pages and includes everything - a more high-level document with the most important information. 

I've been using the solution for the last three years. 

The stability is very good. There is no crashing, and it's always easy to access.

The scalability is fine. We haven't faced any issues. 

I've contacted technical support if there's something I don't understand. However, we haven't had any big challenges. Support is very good. If we raise a ticket, they reply.

Positive

I did not use a different solution previously.

The initial deployment is easy. It's also easy to integrate various applications in the initial stage. We took about two to four months to add and enable multiple features.

After deployment there isn't really any maintenance needed. In the last two to three years, I haven't witnessed any downtime. If there are ever any issues, we get an email from Radware.

I'm not a part of the purchasing team. I do not know about the costs or licensing. 

I'd rate the solution ten out of ten. I'm very happy with this product.

We use the solution to protect our main public application for transportation tickets. We have the product in the cloud set up before our infrastructure, so there is no need to integrate it as if it were an appliance etc.  

Most importantly, the solution put our security team at ease. We previously had some other infrastructure to protect our servers, but having Radware in the cloud gives us confidence.

The tool helped free up our IT team for other projects and saved us significant time. It eased our workload, allowing us to work in other areas. Overall, the time savings are in the region of 10-15%.

Cloud WAF helped to reduce our false positives; we initially had a lot, but once we learned, we had very few. The solution reduced our false positives by about 80%.  

The solution requires very little maintenance; we install it, it works without any problems, is reliable, and we can almost forget about it.

Radware Cloud WAF works very well to block unknown threats and attacks; we set up some products and infrastructure beyond the solution, and they aren't detecting any threats.   

The tool's automated analytics work fine for looking at events; the fact is, we're preparing to renew our license for another three years. 

The primary area for improvement is in issue detection and understanding whether a log is a false positive. It can sometimes be a challenge to take the data of a given security event and determine if it's a genuine threat using a Wiki etc.

Navigating to find specific options can sometimes be challenging, but we only do this occasionally; we primarily control the logs, so it's not particularly significant for us.

We had some issues with the initial implementation, especially around tuning the solution to avoid false positives. 

I've been using the solution for three to four years. 

The solution was relatively unstable during the first year, and we encountered issues, but after that, it was very stable.

The technical support is excellent; they ask questions, and on rare occasions, they haven't been able to help us. However, they looked into the issues on these occasions and provided a solution a few months later.

Positive

Radware Cloud WAF is the first WAF solution we've used.

The initial setup was relatively complex; we had some DNS certificate issues, and the deployment took much longer than we expected. However, the second implementation was straightforward and much faster. We experienced DNS issues again, but we had the benefit of experience.

The initial deployment took a few weeks and was carried out by two staff members. We outsourced the solution's management to a civil security team of around ten members.

The product is excellent in terms of ROI because it has saved us a lot of time.

The pricing is fair; it's neither particularly cheap nor expensive.

I rate the solution eight out of ten, and I recommend it.

We have seen time to value with Cloud WAF, and we saw this value after around three months. Once we tuned the application to avoid false positives, we started to see a return on our investment.  

We don't currently use the API Discovery feature but plan to implement it soon.

We use Radware Cloud WAF Service to monitor and protect against data packet applications from websites and web applications.

Radware Cloud WAF Service excels at blocking unknown threats and attacks. It achieves this by providing real-time threat monitoring and reporting across all devices and platforms within our network regardless of the system we're using.

Cloud WAF's automated analytics simplify the process of identifying anomalies in network traffic. This is achieved by analyzing events and correlating them with captured data packets. The WAF can capture data at all seven layers of the OSI model, ensuring comprehensive network flow analysis.

Cloud WAF provides effective end-to-end protection for APIs.

Using the API discovery feature is easy.

The CDN Service works together with its Cloud WAF to secure our applications. Since most threats target the application layer, we leverage the Radware API to monitor activity and receive reports for further analysis and protection. Using Radware CDN Service, and Cloud WAF together is easy.

It offers a comprehensive range of benefits. It provides detailed reporting on network security, allowing us to monitor traffic across all routes. The WAF can then identify and block malicious activity within shared traffic, forwarding only clean traffic to our organization. This proactive approach effectively defines and protects our systems from harmful attacks.

Cloud WAF has helped reduce the number of false positives we receive through fine-tuning by 90 percent.

Radware Cloud WAF is a Cloud platform, so it allows for easy integration with other systems in our environment.

It has helped free up around 60 percent of the time for our IT team to focus on other projects and has helped reduce our total cost of ownership.

The benefits of Radware Cloud WAF Service became readily apparent soon after implementation. We experienced this firsthand through the prompt support we received and the solutions provided to address our most critical security threats.

The most valuable feature is the monitoring dashboard that we access through the portal.

The Cloud Portal has room for improvement.

I have been using Radware Cloud WAF Service for around five years.

I would rate the stability of Radware Cloud WAF Service ten out of ten.

I would rate the scalability of Radware Cloud WAF Service nine out of ten.

Our experience with Radware support has been positive. Our partnership with them grants us access to privileged customer tools and the customer community. This allows us to utilize valuable resources such as blogs and troubleshooting guides, ensuring we can effectively address any issues that may arise.

Positive

The implementation took three years to complete and we had three people involved.

We have seen around a 60 percent return on investment from Radware Cloud WAF Service.

Radware Cloud WAF Service falls within a mid-range price bracket compared to other web application firewall solutions.

I would rate Radware Cloud WAF Service ten out of ten.

We have around 500 customers utilizing the Radware Cloud WAF Service.

Radware provides a sufficient product that doesn't require maintenance from our end.

For comprehensive cloud and load balancing protection, I highly recommend Radware Cloud WAF Service to all organizations.

Our company does collections of debt and we have a number of public websites. We usually send emails or snail mail to the clients and they reach us through any of our three of our main sites. Because those sites are exposed to the internet, we use the web application firewall from Radware to protect them. It protects us from attacks like denial service, SQL injections, et cetera. It is an application-oriented firewall for everything that is exposed over the internet.

On the InfoSec side, it helps us to know who is trying to access our site but is not legitimate. The protection against low and slow DDoS attacks is helpful because they are another way that malicious actors try to get into our system.

Also, with Radware Cloud WAF, we have reduced our security headcount. Before we had it, we had to have at least one person going over all the elements of our firewall and fine-tune it against whatever attacks and elements were there. Now, that position is no longer needed because we can receive reports. We went from having almost daily conversations about elements that we were seeing in our firewall, to just presenting monthly reports of what we were protected against to senior management. We go in through Radware to the dashboard and get the information.

They do have an API for getting reports and we are in the middle of trying to get those reports automated. But, for the time being, everything is on the really nice and well-organized dashboard that we use for those executive reports. By the end of the month, we will actually have executive reports that go to our senior level.

Also, if Radware finds some sort of a legitimate attack, they actually call us, like a SOC would, and report it to us.

Another benefit is that it has reduced our false positives. Usually, we would have five to eight in a week. We're down to almost one a month. That's impressive. We were doing reactive fine-tuning, whereas this is more of an AI and machine-learning implementation, which is way better. Each of those false positives we used to have required between 10 minutes and almost an hour from us. In the worst-case scenario, we were putting in one hour daily on false positives, or 20 hours monthly.

The isolation feature is the most important one because everything is going directly to Radware first and then it goes into our system. What we get is the filtered version of everything that would otherwise come directly to us.

For blocking unknown threats and attacks, it uses machine learning. It actually learns what is normal traffic from clients. Once we got the solution, they asked us to open all requests to do some type of machine learning to understand what normal traffic is. With other elements that Radware has in its arsenal, it can differentiate between normal, human traffic and bots or even DDoS attacks.

And we haven't had any false positives so far from the solution's automated analytics. On top of that, it's a very good tool because we can actually see the locations that traffic is coming from, and we can prohibit it from very specific areas of the world. One thing we have learned is how to optimize some of our code to make the application faster. The solution can react to attacks from different parts of the world and block them from entering our servers.

We also use the API Discovery feature and the analysis of the contents of the API is very good. Because we are PCI-certified, we usually use external penetration tests and obfuscation of malicious code through API, and what is discovered by Radware, and blocked, is very impressive. It won't allow any callbacks unless they are from our IP. It also offers VPN connectivity that we are testing, to provide end-to-end protection. What it comes down to is that no one reaches out to our server that is publicly exposed; that exposure is only to Radware. We like that.

It's easy to use the API Discovery, but you must know what you're doing. You just enable it but there are some elements that you need to provide to Radware. The only downside there is the learning process on the Radware side. You need to run it without any filters so it can actually see what normal traffic is and then it can apply the protection.

In terms of integrating Radware Cloud WAF Service with the other systems and applications, everything is API-connected so it was really easy. There is a testing period and, in one case, it took us 90 days, but in another, it was only two weeks. But it integrates really well with our systems.

There is a learning curve for the API for reporting. It is not as easy as other APIs.

Also, the implementation was hit or miss for the first few months. They did some tweaking and, since then, there have been no problems. 

Another issue is that they don't go back into information beyond 90 days. We have to pull the information so we can have, let's say, a year of threats, attacks, and data to help us make decisions about providing more or fewer resources, depending on the year-long data.

I have been using Radware Cloud WAF Service since 2019.

The stability is good. There was one instance of downtime but it was basically our systems.

We haven't needed to scale, for the moment. But I know on their side that they have a huge number of denial-of-service attacks and we haven't had any feedback from our clients about not being able to reach our website. So the solution is working. I don't know how they scale it because, with a DDoS attack, if you don't know how to treat it, you will need to scale it so you can actually allow safe users into your system.

Our number of users is more than 5,000 with two locations. The number of people involved in the Cloud WAF project, on our team plus the networking team, is about 10.

Tech support is ticket-based. We have a 24-hour SLA that they have committed to, but we are more into having communication directly with them. Even though they have the ticket system and ask us to create tickets, we usually reach out to our contacts and try to expedite support requests.

Positive

We were using Cisco Firepower as our main firewall, but that is not a web application firewall. We switched to Radware Cloud WAF because we evaluate our InfoSec roadmap every year. Based on the capabilities that Radware offered, and on recommendations from each year's pen test, and because we are trying to evolve our security to make it more mature, it was the decision that we took. It was a good one.

The deployment is hybrid. There are elements that go to AWS and elements that go to our co-location services in Jacksonville. Eventually, everything is going to be exclusively cloud-based.

We are currently migrating everything to AWS. Setting things up, at that moment in time, was kind of hectic, but that was more because of our side. What Radware asked us to do was to redirect everything into our DNS, so it was fairly in terms of what their side needed. It was more an issue of understanding how we could tweak the solution on our side. With the planning included, it took less than a month.

In terms of maintenance, it mostly just works. But from time to time, based on the changes that we make to our web application code, we need to tweak some of the settings of the web application firewall.

Everything was in-house and we had four people involved.

Imagine those 20 hours we used to spend on false positives multiplied by the employees' salaries and you have an ROI. I can't tell you if the ROI takes less than a year or two years, but this solution is one of our main layers of defense and it is a requirement for everything we do.

The pricing is fair. We compared Radware to others using industry reviews and Radware is at the top right now.

Radware Cloud WAF is way better than what we had. It's more self-sufficient. When we used the regular firewall, we were the ones trying to build up the different signatures and create some sort of access control list based on location. And there was no API filtering. It is a night and day change.

My main advice would be to include the development team, because the adoption of really good API-based protection is going to happen by having really good communication with your development team. They actually consume some of the rules that we use to create those APIs, and they pass that to their machine-learning processes. That's what is going to customize the web application firewall for your environment. 

We use Radware to protect our applications and the portals that we share with our clients and business partners.

Among the improvements to our organization is that we are calmer regarding the use of the applications that we publish. Radware gives us a level of confidence that assures us that, if there is an attack, we have a tool that will protect us and that will block suspicious behavior.

Cloud WAF Service has also helped us reduce false positives. I don't have the exact data on how much they have decreased, but once we enter the portal we can see network connections that have an unknown IP and we can scan and block applications automatically from countries in which we do not have clients.

It has also helped save time for our IT team. We don't dedicate so much time to the threats, but we directly review the reports. We have saved about 30 percent in time invested.

One of the most valuable features we have found in the solution is protection against attacks from botnet networks and the requests that these remote networks can generate that are blocked from our servers. That frees us from having to deal with that traffic.

Cloud WAF Service has also been useful for us in terms of blocking threats because it automatically detects them, detects behavior patterns that have a threat pattern, and directly blocks them. Without making any changes or decisions, we automatically have protection.

Also, regarding the classification of events, the solution does productive work in detecting the logs where there could be threats to our applications, and that is quite useful.

We have had difficulties with the configuration of rules when it comes to allowing connections and having a list of IPs that are authorized to use a specific service. We have not been able to make a whitelist work.

For example, if we want to publish services to a limited number of providers and we only want those providers to connect, we need to forward those requests to the Radware support team and they apply them, but it takes some time. It seems to me that this long process would be faster if the configuration could exist directly in the portal. That would make things easier.

We are in our third year of use of Radware Cloud WAF Service.

We have only had one network outage which happened a while ago. Fortunately, it was short and we were quickly back in business.

We have plans to increase the use of Radware in our enterprise. There are a couple of applications that are going to be added.

The technical support is very good.

Positive

We did not have a previous solution. It was a fairly quick decision to go with Radware. It was chosen because Cisco offered a package of security solutions in which Radware was included.

The initial setup was pretty easy. An engineer from Radware helped us. We scheduled a meeting, discussed the changes that we had to make internally at the DNS level, and that's it. The engineer who helped us was assigned by Radware and we had a pretty good experience with him. On our side it required two people, our system administrator and security analyst.

The programming process and our first use of the solution were quite successful. It was deployed with a set of default rules and policies in a short amount of time, and these gave a certain level of protection for our applications. When we started using it, we understood its features and potential.

In terms of maintenance, there are changes and revisions that need to be made from time to time, mainly to check for false positives. Generally, only one person participates in that process.

We have seen return on investment through the level of reliability of the application and the optimal stability that it gives to our users.

In terms of TCO, it has not been an expense. More than anything, it has been a beneficial service that has reduced TCO by approximately 70 percent.

Radware Cloud WAF Service is a good option. It is a good tool that will definitely give you the protection you are looking for.

The most important lesson that Radware has taught me is that, as a service, it can relieve you of many application security tasks.

Foreign Language:(Spanish)

¿Cuál es nuestro caso de uso principal?

Usamos Radware para proteger nuestras aplicaciones y los portales que compartimos con nuestros clientes y socios comerciales.

¿Cómo ha ayudado a mi organización?

Entre las mejoras de nuestra organización está que estamos más tranquilos en cuanto al uso de las aplicaciones que publicamos. Radware nos da un nivel de confianza que nos asegura que si hay un ataque, tenemos una herramienta que nos protegerá y bloqueará comportamientos sospechosos.

Cloud WAF Service también nos ha ayudado a reducir los falsos positivos. No tengo los datos exactos de cuánto han disminuido, pero una vez que entramos en el portal podemos ver conexiones de red que tienen una IP desconocida y podemos escanear y bloquear aplicaciones automáticamente de países en los que no tenemos clientes.

También ha ayudado a ahorrar tiempo para nuestro equipo técnico. No dedicamos tanto tiempo a las amenazas, pero revisamos directamente los informes. Hemos ahorrado alrededor del 30 por ciento en el tiempo invertido.

¿Qué es lo más valioso?

Una de las características más valiosas que hemos encontrado en la solución es la protección contra ataques de redes botnet y las solicitudes que pueden generar estas redes remotas que son bloqueadas de nuestros servidores. Eso nos libera de tener que lidiar con ese tráfico.

Cloud WAF Service también nos ha resultado útil en términos de bloqueo de amenazas porque las detecta automáticamente, detecta patrones de comportamiento que tienen un patrón de amenaza y los bloquea directamente. Sin tener que hacer algún cambio o decisión, estamos protegidos automáticamente.

Además, en cuanto a la clasificación de eventos, la solución hace un trabajo productivo al detectar los logs donde podría haber amenazas a nuestras aplicaciones, y eso es bastante útil.

¿Qué necesita mejorar?

Hemos tenido dificultades con la configuración de reglas a la hora de permitir conexiones y tener una lista de IPs que están autorizadas para usar un servicio específico. No hemos podido hacer que una lista blanca funcione.

Por ejemplo, si queremos publicar servicios para un número limitado de proveedores y solo queremos que esos proveedores se conecten, debemos reenviar esas solicitudes al equipo de soporte de Radware y ellos las aplican, pero lleva algo de tiempo. Me parece que este largo proceso sería más rápido si la configuración pudiera existir directamente en el portal. Eso facilitaría las cosas.

¿Por cuánto tiempo he usado la solución?

Estamos en nuestro tercer año de uso del servicio Radware Cloud WAF.

¿Qué pienso sobre la estabilidad de la solución?

Solo hemos tenido una interrupción de la red que ocurrió hace un tiempo. Afortunadamente, fue breve y rápidamente volvimos a la normalidad.

¿Qué opino de la escalabilidad de la solución?

Tenemos planes para aumentar el uso de Radware en nuestra empresa. Hay un par de aplicaciones que se van a agregar.

¿Cómo son el servicio de atención al cliente y el soporte?

El soporte técnico es muy bueno.

¿Cómo calificaría el servicio y soporte al cliente?

Positivo

¿Qué solución usé anteriormente y por qué cambié?

No teníamos una solución previa. Fue una decisión bastante rápida optar por Radware. Se eligió porque Cisco ofrecía un paquete de soluciones de seguridad en el que se incluía Radware.

¿Cómo fue la configuración inicial?

La configuración inicial fue bastante fácil. Un ingeniero de Radware nos ayudó. Programamos una reunión, discutimos los cambios que teníamos que hacer internamente a nivel de DNS y eso es todo. El ingeniero que nos ayudó fue asignado por Radware y tuvimos una experiencia bastante buena con él. Por nuestra parte, requería dos personas, nuestro administrador de sistemas y el analista de seguridad.

El proceso de programación y nuestro primer uso de la solución fueron bastante exitosos. Se implementó con un conjunto de reglas y políticas predeterminadas en un corto período de tiempo, y estas brindaron un cierto nivel de protección para nuestras aplicaciones. Cuando empezamos a usarlo, entendimos sus características y potencial.

En cuanto al mantenimiento, hay cambios y revisiones que deben realizarse de vez en cuando, principalmente para comprobar si hay falsos positivos. Generalmente, solo una persona participa en ese proceso.

¿Cuál fue nuestro Retorno de la Inversión?

Hemos visto el retorno de la inversión a través del nivel de confiabilidad de la aplicación y la estabilidad óptima que brinda a nuestros usuarios.

En términos de TCO, no ha sido un gasto. Más que nada, ha sido un servicio beneficioso que ha reducido el TCO en aproximadamente un 70 por ciento.

¿Qué otro consejo tengo?

Radware Cloud WAF Service es una buena opción. Es una buena herramienta que definitivamente te brindará la protección que buscas.

La lección más importante que me ha enseñado Radware es que, como servicio, puede liberarte de muchas tareas de seguridad de las aplicaciones.