Radware Cloud WAF Service Reviews

We provide our clients with Cloud WAF Service, which enables us to detect and report web shell attacks against their servers. 

The main benefit is that all traffic is shifted by the cloud service, which exists outside the customer's infrastructure. It's highly efficient. Many customers have problems inside the infrastructure that must be efficiently detected. With Cloud WAF we can notify our client when an attack is outside and detect when a web shell script is already running on the server. This information helps the client understand what's happening with the web shell.

We've reduced many false positives using Cloud WAF Service. The learning period is helpful. Radware sends a policy with a lot of information that helps the customer observe and design their policies to eliminate false positives.

Cloud WAF saves us a lot of time because we face many strong attacks. It helps us modify the back end and implement some policies to prevent more attacks.

The best feature is the SQL injection signatures, and another is the DDoS protection. Radware is more efficient than other solutions. It handles unknown threats very well. We face many bad requests with malware that are expensive to remedy. Radware's service center in the cloud helps a lot. 

Radware's bot manager can be improved because it's very complicated to implement for apps. Radware could also add alerts by WhatsApp or Telegram. It only sends notifications via email or SMS.

We have had issues with Cloud WAF one or two times, but the service works fine most of the time.

Cloud WAF scales very well. 

I rate Radware support nine out of 10. They have a simple platform for opening tickets, and they respond quickly. 

Our previous solution was hard to install, but Cloud WAF is straightforward because it's cloud-based. You add the certificate for the business and point it to the IP. Deployment is very fast. It takes 30 minutes to an hour.  Cloud WAF requires some maintenance when a customer changes their website or programs. We need to adjust the policies.

I rate Radware Cloud WAF Service eight out of 10. It is the best solution for stopping DDoS attacks. 

After a security breach on one of our web applications, we transitioned to a cloud-based web application firewall solution. We chose Radware Cloud WAF Service to protect our critical web applications.

I would rate Radware Cloud WAF Service's ability to block unknown threats and attacks as nine out of ten.

Radware Cloud WAF Service initially operated in a learning mode for the first week after deployment, gathering data. Once it switched to action mode, we began to experience the service's full benefits.

Cloud WAF has helped reduce our false positives by 20 percent.

We have implemented Cloud WAF in conjunction with Alteon, and we are currently integrating a bot manager and web application DDoS protection. The integration was easy because we were accompanied by Radware.

Cloud WAF has helped free up our IT team for other projects.

The most valuable feature of Radware Cloud WAF Service is the visibility into attacks that are being cut off instantly.

It would be ideal if Radware could offer a bundled package that includes Cloud WAF, web DDoS protection, bot manager, and Alteon for a more comprehensive security solution.

I have been using Radware Cloud WAF Service for two and a half years.

Radware Cloud WAF Service is scalable.

Radware Cloud WAF Service met our scaling requirements.

The technical support is great. I have nothing bad to say about them.

Positive

The initial deployment process went smoothly and was completed in three weeks by a five-person team consisting of two representatives from our organization and three from Radware.

The pricing is fair. We pay for what we need.

After evaluating Radware Cloud WAF Service against other options and confirming its leading position in Gartner's Magic Quadrant for Web Application Firewalls, we chose it for our web security needs.

I would rate Radware Cloud WAF Service nine out of ten.

No maintenance is required on our end.

Radware Cloud WAF Service does what is expected and reduces the number of attacks on our web applications.

Our company does collections of debt and we have a number of public websites. We usually send emails or snail mail to the clients and they reach us through any of our three of our main sites. Because those sites are exposed to the internet, we use the web application firewall from Radware to protect them. It protects us from attacks like denial service, SQL injections, et cetera. It is an application-oriented firewall for everything that is exposed over the internet.

On the InfoSec side, it helps us to know who is trying to access our site but is not legitimate. The protection against low and slow DDoS attacks is helpful because they are another way that malicious actors try to get into our system.

Also, with Radware Cloud WAF, we have reduced our security headcount. Before we had it, we had to have at least one person going over all the elements of our firewall and fine-tune it against whatever attacks and elements were there. Now, that position is no longer needed because we can receive reports. We went from having almost daily conversations about elements that we were seeing in our firewall, to just presenting monthly reports of what we were protected against to senior management. We go in through Radware to the dashboard and get the information.

They do have an API for getting reports and we are in the middle of trying to get those reports automated. But, for the time being, everything is on the really nice and well-organized dashboard that we use for those executive reports. By the end of the month, we will actually have executive reports that go to our senior level.

Also, if Radware finds some sort of a legitimate attack, they actually call us, like a SOC would, and report it to us.

Another benefit is that it has reduced our false positives. Usually, we would have five to eight in a week. We're down to almost one a month. That's impressive. We were doing reactive fine-tuning, whereas this is more of an AI and machine-learning implementation, which is way better. Each of those false positives we used to have required between 10 minutes and almost an hour from us. In the worst-case scenario, we were putting in one hour daily on false positives, or 20 hours monthly.

The isolation feature is the most important one because everything is going directly to Radware first and then it goes into our system. What we get is the filtered version of everything that would otherwise come directly to us.

For blocking unknown threats and attacks, it uses machine learning. It actually learns what is normal traffic from clients. Once we got the solution, they asked us to open all requests to do some type of machine learning to understand what normal traffic is. With other elements that Radware has in its arsenal, it can differentiate between normal, human traffic and bots or even DDoS attacks.

And we haven't had any false positives so far from the solution's automated analytics. On top of that, it's a very good tool because we can actually see the locations that traffic is coming from, and we can prohibit it from very specific areas of the world. One thing we have learned is how to optimize some of our code to make the application faster. The solution can react to attacks from different parts of the world and block them from entering our servers.

We also use the API Discovery feature and the analysis of the contents of the API is very good. Because we are PCI-certified, we usually use external penetration tests and obfuscation of malicious code through API, and what is discovered by Radware, and blocked, is very impressive. It won't allow any callbacks unless they are from our IP. It also offers VPN connectivity that we are testing, to provide end-to-end protection. What it comes down to is that no one reaches out to our server that is publicly exposed; that exposure is only to Radware. We like that.

It's easy to use the API Discovery, but you must know what you're doing. You just enable it but there are some elements that you need to provide to Radware. The only downside there is the learning process on the Radware side. You need to run it without any filters so it can actually see what normal traffic is and then it can apply the protection.

In terms of integrating Radware Cloud WAF Service with the other systems and applications, everything is API-connected so it was really easy. There is a testing period and, in one case, it took us 90 days, but in another, it was only two weeks. But it integrates really well with our systems.

There is a learning curve for the API for reporting. It is not as easy as other APIs.

Also, the implementation was hit or miss for the first few months. They did some tweaking and, since then, there have been no problems. 

Another issue is that they don't go back into information beyond 90 days. We have to pull the information so we can have, let's say, a year of threats, attacks, and data to help us make decisions about providing more or fewer resources, depending on the year-long data.

I have been using Radware Cloud WAF Service since 2019.

The stability is good. There was one instance of downtime but it was basically our systems.

We haven't needed to scale, for the moment. But I know on their side that they have a huge number of denial-of-service attacks and we haven't had any feedback from our clients about not being able to reach our website. So the solution is working. I don't know how they scale it because, with a DDoS attack, if you don't know how to treat it, you will need to scale it so you can actually allow safe users into your system.

Our number of users is more than 5,000 with two locations. The number of people involved in the Cloud WAF project, on our team plus the networking team, is about 10.

Tech support is ticket-based. We have a 24-hour SLA that they have committed to, but we are more into having communication directly with them. Even though they have the ticket system and ask us to create tickets, we usually reach out to our contacts and try to expedite support requests.

Positive

We were using Cisco Firepower as our main firewall, but that is not a web application firewall. We switched to Radware Cloud WAF because we evaluate our InfoSec roadmap every year. Based on the capabilities that Radware offered, and on recommendations from each year's pen test, and because we are trying to evolve our security to make it more mature, it was the decision that we took. It was a good one.

The deployment is hybrid. There are elements that go to AWS and elements that go to our co-location services in Jacksonville. Eventually, everything is going to be exclusively cloud-based.

We are currently migrating everything to AWS. Setting things up, at that moment in time, was kind of hectic, but that was more because of our side. What Radware asked us to do was to redirect everything into our DNS, so it was fairly in terms of what their side needed. It was more an issue of understanding how we could tweak the solution on our side. With the planning included, it took less than a month.

In terms of maintenance, it mostly just works. But from time to time, based on the changes that we make to our web application code, we need to tweak some of the settings of the web application firewall.

Everything was in-house and we had four people involved.

Imagine those 20 hours we used to spend on false positives multiplied by the employees' salaries and you have an ROI. I can't tell you if the ROI takes less than a year or two years, but this solution is one of our main layers of defense and it is a requirement for everything we do.

The pricing is fair. We compared Radware to others using industry reviews and Radware is at the top right now.

Radware Cloud WAF is way better than what we had. It's more self-sufficient. When we used the regular firewall, we were the ones trying to build up the different signatures and create some sort of access control list based on location. And there was no API filtering. It is a night and day change.

My main advice would be to include the development team, because the adoption of really good API-based protection is going to happen by having really good communication with your development team. They actually consume some of the rules that we use to create those APIs, and they pass that to their machine-learning processes. That's what is going to customize the web application firewall for your environment. 

We mainly use Radware Cloud WAF Service for DDoS protection. This includes protecting against DDoS attacks. We know if there is an issue, we can quickly set up a call with the Radware team.

Radware Cloud WAF Service has significantly improved our organization's time of protection and detection capabilities. The support provided by Radware is quick and efficient. We have updated our solution on many occasions, and the design of our network has changed, largely due to Radware providing us with solutions.

The most valuable feature is Radware's ability to quickly detect attacks, even though it doesn't always meet the quicker threshold. We can set up a call with the Radware team if needed. Another crucial aspect is the support we receive from Radware, which is very quick and efficient.

Some of the tools are a bit difficult to navigate, and the user interface could be more user-friendly. It is not the cheapest solution, so cost is something to consider.

I started using Radware Cloud WAF Service when I joined the company about a year and a half ago.

I have never come across downtime, bugs, or glitches when working with Radware Cloud WAF Service. From that point of view, it maintains a very stable operation.

Anytime we've had any issues, Radware has provided us a solution, indicating its high scalability.

I would rate Radware support a nine out of ten. They are always available to help us, which is invaluable in our line of work.

Positive

I wouldn't be able to give a number, but Radware Cloud WAF does save time for our staff due to the automation and excellent detection, which is invaluable.

I would rate the cost around seven out of ten. Radware provides many different options, but it may not be affordable for companies that aren't large.

The automatic detection from Radware Cloud WAF is invaluable, and the support is outstanding. I would rate the overall solution a nine out of ten, with the only issue being the user interface. The overall product rating is nine out of ten.

We use Radware Cloud WAF Service primarily for monitoring purposes within our organization.

I like the security features when looking at the dashboard where I can see a lot of attacks that are rejected and blocked. It's one of the best features, and I approve of this solution. Radware Cloud WAF Service ensures our systems are stable, running smoothly, and blocking all attacks effectively.

There should be more customization options for the dashboard, as it is currently fixed and cannot be modified. Additionally, the API is limited to data retrieval and does not support programmatic modifications. It would be beneficial if we could perform POST requests and integrate our applications more effectively.

I have been using Radware Cloud WAF Service for five months.

I rate the stability of Radware Cloud WAF Service as nine out of ten. There have been no issues with downtime, bugs, or glitches.

The scalability of Radware Cloud WAF Service is very good, and I would rate it nine out of ten in terms of handling the capacity and volume.

I would rate the technical support from Radware as a nine out of ten.

Positive

We previously used Imperva but switched to Radware Cloud WAF Service primarily due to pricing. Both products are top-ranking solutions, but Radware is cheaper.

The initial setup of Radware Cloud WAF Service was easy.

We received support from Radware, which made the implementation process easy.

The ROI for Radware Cloud WAF Service is prominent as it is twenty percent more cost-effective compared to Imperva.

When comparing the pricing of Radware Cloud WAF Service, I would rate it as seven out of ten, with one being cheap and ten being expensive.

Yes, we switched from Imperva to Radware Cloud WAF Service.

Overall, I would rate Radware Cloud WAF Service as eight out of ten. The areas for improvement include customization and API functionality. I would recommend Radware Cloud WAF Service because it is a good solution, and we are satisfied with the benefits it offers.

We had adware attack mitigation systems and DDoS appliances in place, but these are primarily designed to handle flood attacks. We found that our frontend pages, including our online banking, were being attacked by bots. Hundreds of these connections created such a high load on our backend web servers that they failed to respond to legitimate requests. 

Our primary use case for Cloud WAF is to stop these malicious bots from continuously calling up web pages. They look legitimate, but they constantly call or refresh the web page.

We haven't integrated much yet. Cloud WAF is protecting our frontend pages, but our banking profile for logging our backend financial transactions sits behind our corporate frontend pages. Cloud WAF is also protecting that piece. Once we've completed protecting our landing pages, we'll start working on our other applications. 

From a financial point of view, we no longer constantly need to appropriate more horsepower to our backend web servers to service these requests because Cloud WAF is preventing malicious bots from accessing our web page. It reduced the load on our backend. 

We don't have all the in-house expertise to investigate a typical HTTPS request to see what's happening. We rely on Radware's emergency response team to provide us with biweekly feedback saying, "This is what we've observed and what we recommend." 

By using Radware Cloud WAF, we don't need to hire web threat specialists. We can rely on Radware's emergency response team to fine-tune our policies. Spinning up a web application firewall on our own is a long and challenging process. It's far easier to outsource that job to Radware.

Using Radware freed up resources, especially on the web side. We would typically require an internal team to look after the web pages, but that has been outsourced to Radware. Now, those employees can shift their focus to other projects, and they need not worry about what Radware's doing because they know that it's in the capable hands of an experienced team. 

Cloud WAF reduced our false positives. That's one feature Radware is known for. We get very few false positives, but when we do, we bring them up during our biweekly meeting with the Radware team. They help refine our policies so we no longer see the same issue. Most Radware products perform exceptionally well at eliminating false positives.

It's hard for us to quantify the reduction of false positives because it's a relatively new product. We'll start collecting these metrics toward the end of 2023. Based on our customer call center's feedback, we haven't received complaints about blocking legitimate traffic. When we adopted Cloud WAF, that was a concern our business units had. Some were worried we would deny a lot of traffic. That hasn't been a problem thus far. 

We now have more accurate statistics about legitimate website visitors because we've eliminated those malicious bots that artificially inflated the number of hits on our website. It was creating a false impression that we had an unusually high number of hits. Traditionally, they were there for web scraping, but we eliminated unwanted traffic pushing up our analytics. Google Analytics gave us the impression that we had a ton of traffic. Those figures have gone down because we've eliminated the baddies.

The most valuable components are the bot manager Radware offers as part of graph services and the WAF component. We haven't begun using the API protection, but we plan to implement that in the latter half of 2023. We're also looking at the content delivery network feature. CDN serves static web pages from the Cloud WAF to speed up processes. 

We recognize the potential value of the CDN function. It's part of Cloud WAF, so it can also be enabled relatively quickly. The CDN function offers specific bolt-on security because the application services are protected, and the CDN function is a click away. It doesn't require changes to our backend applications. We only need to use a TNA, and we will have access to the CDN features.

We're currently getting our money's worth from the WAF, the bot manager, and the DDoS components. We see a lot of value in these three components of Cloud WAF.

Our current web protection relies on a negative security model. In other words, we use signatures for known threats. We will eventually transition to a proactive security model Cloud WAF can accommodate where we deny everything by default and only allow specific things. 

We're currently vulnerable to zero-day attacks because we depend on known signatures. We're looking forward to shifting to a positive security model from the WAF we use in conjunction with the bot manager. Radware's intelligence about known bots is an extreme value add to us. 

The automated analysis of events is intuitive and user-friendly because we're not flooded with thousands and thousands of events. The analytics features provide a summary, so there's no need to look for something line by line. It's aggregated into a nice simplified event with the option to drill down for more details. 

We can investigate if we experience issues from a specific subset of customers. For example, we can search by ISP, URL, or IP address. Cloud WAF adds a lot of value by enabling us to pinpoint where we are experiencing an issue.

Our only complaint is the reporting on the DDoS side. We also use Radware for on-premises DDoS protection and their Vision product. I just want to paint you an example. We face so many Layer 3 and Layer 4 DDoS attacks on Cloud WAF. The reporting on those types of attacks can be improved.

We started a pilot project in April 2022 and purchased Cloud WAF in November 2022.

Cloud WAF has been extremely stable. We only had one service interruption during our proof of concept, but it has been reliable since we went live. We've never needed to make a DNS entry change and redirect that web traffic back to our perimeter. 

In the beginning, we were constantly watching it, but we don't have to check on it now that we know it's working. 

We haven't experienced any scalability issues because we requested all the throughput needed for our necessary applications or services from a bandwidth and billions of transactions per month. 

I rate Radware support a ten out of ten. I'm pleased so far. Everything was new to us in the initial phases. We called or emailed them, and they helped us within five minutes. Now, we follow the standard process where we log a case ticket and get a response in ten minutes. 

Positive

We used on-premises security solutions, but we are moving to cloud-based applications. Radware has done such an excellent job with our perimeter and cloud DDoS services. They were the only ones who correctly identified our issue with these small low-bandwidth usage attacks coming that look legitimate to the existing web solution. We piloted the web and bot manager solutions, and we were astonished by the number of malicious bots accessing our website and how that impacts our KPIs.

The WAF service runs on Radware's cloud. Their infrastructure is in a neutral co-location. Radware is able to offer the same protection for our on-prem equipment because it uses Nginx. Cloud WAF can protect on-prem systems plus AWS and Azure clouds.

The onboarding was quick. We finished within half an hour and moved some services onto the Cloud WAF within an hour. The beauty of the solution is that it requires no major changes on the customer side. You make a DNS entry change to point your website to the Radware hardware.

There is no maintenance on our side. We have a strict SLA with Radware that requires notification far in advance about maintenance on their end. They typically avoid maintenance at the end of the month, which is a busy period because people need to do banking. They also do not do maintenance during a year-end freeze. They only do maintenance on one location at a time, so if they take one down, we can continue working on the other. They have built that availability in South Africa.

We haven't seen a return on investment, but we expect to see that in the third year. If we set this up ourselves, we would need to pay for all the necessary appliances, hardware, VMs, and internal staff. Outsourcing to the Cloud WAF solution saved us capital expenses but increased our operational expenditures. We'll have some stats on the total cost of ownership by the end of the year. The time to spin up our own WAF service would be a lot longer than paying for Cloud WAF to protect our applications. 

A yearly license worked out to be a lot cheaper than what other competitors offered for an on-prem solution. We negotiated with Radware and managed to strike a good deal. The company was accommodating to our particular needs as a financial institution. We had to test things for pre-production and spin-up because they charge per FQDN as a service or an application.

When it came to pre-production testing, they set it up for us with a minimal charge, so our QA and UA teams could do testing. We saw the value added from DDoS protection for Layer 3 and Layer 4 attacks. It includes API protection. We had to pay extra for bot managers, but the pricing is competitive overall.

If you plan to deploy Cloud WAF, keep in mind that the product is priced based on the megabits of traffic that pass through and the number of transactions. You should get your requirements correct up front. The active attackers feed and CDN services cost extra, so you need to negotiate these features up front. 

Another company had a similar service but didn't have a presence in South Africa. Radware has got two locations in the country, and that was a deciding factor. There were other financial institutions and retailers on the cloud, so it was easy to decide that we no longer wanted to do this on-premises. We decided that it was better to let Radware spin up and maintain the hardware.

I rate Radware Cloud WAF a ten out of ten. 

No experts are required from our side, the onboarding is straightforward, maintenance is easy, and Radware's security operations enable us to stay agile. 

We use the solution to protect our main public application for transportation tickets. We have the product in the cloud set up before our infrastructure, so there is no need to integrate it as if it were an appliance etc.  

Most importantly, the solution put our security team at ease. We previously had some other infrastructure to protect our servers, but having Radware in the cloud gives us confidence.

The tool helped free up our IT team for other projects and saved us significant time. It eased our workload, allowing us to work in other areas. Overall, the time savings are in the region of 10-15%.

Cloud WAF helped to reduce our false positives; we initially had a lot, but once we learned, we had very few. The solution reduced our false positives by about 80%.  

The solution requires very little maintenance; we install it, it works without any problems, is reliable, and we can almost forget about it.

Radware Cloud WAF works very well to block unknown threats and attacks; we set up some products and infrastructure beyond the solution, and they aren't detecting any threats.   

The tool's automated analytics work fine for looking at events; the fact is, we're preparing to renew our license for another three years. 

The primary area for improvement is in issue detection and understanding whether a log is a false positive. It can sometimes be a challenge to take the data of a given security event and determine if it's a genuine threat using a Wiki etc.

Navigating to find specific options can sometimes be challenging, but we only do this occasionally; we primarily control the logs, so it's not particularly significant for us.

We had some issues with the initial implementation, especially around tuning the solution to avoid false positives. 

I've been using the solution for three to four years. 

The solution was relatively unstable during the first year, and we encountered issues, but after that, it was very stable.

The technical support is excellent; they ask questions, and on rare occasions, they haven't been able to help us. However, they looked into the issues on these occasions and provided a solution a few months later.

Positive

Radware Cloud WAF is the first WAF solution we've used.

The initial setup was relatively complex; we had some DNS certificate issues, and the deployment took much longer than we expected. However, the second implementation was straightforward and much faster. We experienced DNS issues again, but we had the benefit of experience.

The initial deployment took a few weeks and was carried out by two staff members. We outsourced the solution's management to a civil security team of around ten members.

The product is excellent in terms of ROI because it has saved us a lot of time.

The pricing is fair; it's neither particularly cheap nor expensive.

I rate the solution eight out of ten, and I recommend it.

We have seen time to value with Cloud WAF, and we saw this value after around three months. Once we tuned the application to avoid false positives, we started to see a return on our investment.  

We don't currently use the API Discovery feature but plan to implement it soon.

We use Radware to protect our applications and the portals that we share with our clients and business partners.

Among the improvements to our organization is that we are calmer regarding the use of the applications that we publish. Radware gives us a level of confidence that assures us that, if there is an attack, we have a tool that will protect us and that will block suspicious behavior.

Cloud WAF Service has also helped us reduce false positives. I don't have the exact data on how much they have decreased, but once we enter the portal we can see network connections that have an unknown IP and we can scan and block applications automatically from countries in which we do not have clients.

It has also helped save time for our IT team. We don't dedicate so much time to the threats, but we directly review the reports. We have saved about 30 percent in time invested.

One of the most valuable features we have found in the solution is protection against attacks from botnet networks and the requests that these remote networks can generate that are blocked from our servers. That frees us from having to deal with that traffic.

Cloud WAF Service has also been useful for us in terms of blocking threats because it automatically detects them, detects behavior patterns that have a threat pattern, and directly blocks them. Without making any changes or decisions, we automatically have protection.

Also, regarding the classification of events, the solution does productive work in detecting the logs where there could be threats to our applications, and that is quite useful.

We have had difficulties with the configuration of rules when it comes to allowing connections and having a list of IPs that are authorized to use a specific service. We have not been able to make a whitelist work.

For example, if we want to publish services to a limited number of providers and we only want those providers to connect, we need to forward those requests to the Radware support team and they apply them, but it takes some time. It seems to me that this long process would be faster if the configuration could exist directly in the portal. That would make things easier.

We are in our third year of use of Radware Cloud WAF Service.

We have only had one network outage which happened a while ago. Fortunately, it was short and we were quickly back in business.

We have plans to increase the use of Radware in our enterprise. There are a couple of applications that are going to be added.

The technical support is very good.

Positive

We did not have a previous solution. It was a fairly quick decision to go with Radware. It was chosen because Cisco offered a package of security solutions in which Radware was included.

The initial setup was pretty easy. An engineer from Radware helped us. We scheduled a meeting, discussed the changes that we had to make internally at the DNS level, and that's it. The engineer who helped us was assigned by Radware and we had a pretty good experience with him. On our side it required two people, our system administrator and security analyst.

The programming process and our first use of the solution were quite successful. It was deployed with a set of default rules and policies in a short amount of time, and these gave a certain level of protection for our applications. When we started using it, we understood its features and potential.

In terms of maintenance, there are changes and revisions that need to be made from time to time, mainly to check for false positives. Generally, only one person participates in that process.

We have seen return on investment through the level of reliability of the application and the optimal stability that it gives to our users.

In terms of TCO, it has not been an expense. More than anything, it has been a beneficial service that has reduced TCO by approximately 70 percent.

Radware Cloud WAF Service is a good option. It is a good tool that will definitely give you the protection you are looking for.

The most important lesson that Radware has taught me is that, as a service, it can relieve you of many application security tasks.

Foreign Language:(Spanish)

¿Cuál es nuestro caso de uso principal?

Usamos Radware para proteger nuestras aplicaciones y los portales que compartimos con nuestros clientes y socios comerciales.

¿Cómo ha ayudado a mi organización?

Entre las mejoras de nuestra organización está que estamos más tranquilos en cuanto al uso de las aplicaciones que publicamos. Radware nos da un nivel de confianza que nos asegura que si hay un ataque, tenemos una herramienta que nos protegerá y bloqueará comportamientos sospechosos.

Cloud WAF Service también nos ha ayudado a reducir los falsos positivos. No tengo los datos exactos de cuánto han disminuido, pero una vez que entramos en el portal podemos ver conexiones de red que tienen una IP desconocida y podemos escanear y bloquear aplicaciones automáticamente de países en los que no tenemos clientes.

También ha ayudado a ahorrar tiempo para nuestro equipo técnico. No dedicamos tanto tiempo a las amenazas, pero revisamos directamente los informes. Hemos ahorrado alrededor del 30 por ciento en el tiempo invertido.

¿Qué es lo más valioso?

Una de las características más valiosas que hemos encontrado en la solución es la protección contra ataques de redes botnet y las solicitudes que pueden generar estas redes remotas que son bloqueadas de nuestros servidores. Eso nos libera de tener que lidiar con ese tráfico.

Cloud WAF Service también nos ha resultado útil en términos de bloqueo de amenazas porque las detecta automáticamente, detecta patrones de comportamiento que tienen un patrón de amenaza y los bloquea directamente. Sin tener que hacer algún cambio o decisión, estamos protegidos automáticamente.

Además, en cuanto a la clasificación de eventos, la solución hace un trabajo productivo al detectar los logs donde podría haber amenazas a nuestras aplicaciones, y eso es bastante útil.

¿Qué necesita mejorar?

Hemos tenido dificultades con la configuración de reglas a la hora de permitir conexiones y tener una lista de IPs que están autorizadas para usar un servicio específico. No hemos podido hacer que una lista blanca funcione.

Por ejemplo, si queremos publicar servicios para un número limitado de proveedores y solo queremos que esos proveedores se conecten, debemos reenviar esas solicitudes al equipo de soporte de Radware y ellos las aplican, pero lleva algo de tiempo. Me parece que este largo proceso sería más rápido si la configuración pudiera existir directamente en el portal. Eso facilitaría las cosas.

¿Por cuánto tiempo he usado la solución?

Estamos en nuestro tercer año de uso del servicio Radware Cloud WAF.

¿Qué pienso sobre la estabilidad de la solución?

Solo hemos tenido una interrupción de la red que ocurrió hace un tiempo. Afortunadamente, fue breve y rápidamente volvimos a la normalidad.

¿Qué opino de la escalabilidad de la solución?

Tenemos planes para aumentar el uso de Radware en nuestra empresa. Hay un par de aplicaciones que se van a agregar.

¿Cómo son el servicio de atención al cliente y el soporte?

El soporte técnico es muy bueno.

¿Cómo calificaría el servicio y soporte al cliente?

Positivo

¿Qué solución usé anteriormente y por qué cambié?

No teníamos una solución previa. Fue una decisión bastante rápida optar por Radware. Se eligió porque Cisco ofrecía un paquete de soluciones de seguridad en el que se incluía Radware.

¿Cómo fue la configuración inicial?

La configuración inicial fue bastante fácil. Un ingeniero de Radware nos ayudó. Programamos una reunión, discutimos los cambios que teníamos que hacer internamente a nivel de DNS y eso es todo. El ingeniero que nos ayudó fue asignado por Radware y tuvimos una experiencia bastante buena con él. Por nuestra parte, requería dos personas, nuestro administrador de sistemas y el analista de seguridad.

El proceso de programación y nuestro primer uso de la solución fueron bastante exitosos. Se implementó con un conjunto de reglas y políticas predeterminadas en un corto período de tiempo, y estas brindaron un cierto nivel de protección para nuestras aplicaciones. Cuando empezamos a usarlo, entendimos sus características y potencial.

En cuanto al mantenimiento, hay cambios y revisiones que deben realizarse de vez en cuando, principalmente para comprobar si hay falsos positivos. Generalmente, solo una persona participa en ese proceso.

¿Cuál fue nuestro Retorno de la Inversión?

Hemos visto el retorno de la inversión a través del nivel de confiabilidad de la aplicación y la estabilidad óptima que brinda a nuestros usuarios.

En términos de TCO, no ha sido un gasto. Más que nada, ha sido un servicio beneficioso que ha reducido el TCO en aproximadamente un 70 por ciento.

¿Qué otro consejo tengo?

Radware Cloud WAF Service es una buena opción. Es una buena herramienta que definitivamente te brindará la protección que buscas.

La lección más importante que me ha enseñado Radware es que, como servicio, puede liberarte de muchas tareas de seguridad de las aplicaciones.