We use Radware to protect our applications and the portals that we share with our clients and business partners.
Jefe de Infraestructura y Seguridad at a comms service provider with 51-200 employees
Detects and blocks threat behavior patterns, giving us automatic protection
Pros and Cons
- "One of the most valuable features we have found in the solution is protection against attacks from botnet networks and the requests that these remote networks can generate that are blocked from our servers. That frees us from having to deal with that traffic."
- "If we want to publish services to a limited number of providers and we only want those providers to connect, we need to forward those requests to the Radware support team and they apply them, but it takes some time."
What is our primary use case?
How has it helped my organization?
Among the improvements to our organization is that we are calmer regarding the use of the applications that we publish. Radware gives us a level of confidence that assures us that, if there is an attack, we have a tool that will protect us and that will block suspicious behavior.
Cloud WAF Service has also helped us reduce false positives. I don't have the exact data on how much they have decreased, but once we enter the portal we can see network connections that have an unknown IP and we can scan and block applications automatically from countries in which we do not have clients.
It has also helped save time for our IT team. We don't dedicate so much time to the threats, but we directly review the reports. We have saved about 30 percent in time invested.
What is most valuable?
One of the most valuable features we have found in the solution is protection against attacks from botnet networks and the requests that these remote networks can generate that are blocked from our servers. That frees us from having to deal with that traffic.
Cloud WAF Service has also been useful for us in terms of blocking threats because it automatically detects them, detects behavior patterns that have a threat pattern, and directly blocks them. Without making any changes or decisions, we automatically have protection.
Also, regarding the classification of events, the solution does productive work in detecting the logs where there could be threats to our applications, and that is quite useful.
What needs improvement?
We have had difficulties with the configuration of rules when it comes to allowing connections and having a list of IPs that are authorized to use a specific service. We have not been able to make a whitelist work.
For example, if we want to publish services to a limited number of providers and we only want those providers to connect, we need to forward those requests to the Radware support team and they apply them, but it takes some time. It seems to me that this long process would be faster if the configuration could exist directly in the portal. That would make things easier.
Buyer's Guide
Radware Cloud WAF Service
December 2024
Learn what your peers think about Radware Cloud WAF Service. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
For how long have I used the solution?
We are in our third year of use of Radware Cloud WAF Service.
What do I think about the stability of the solution?
We have only had one network outage which happened a while ago. Fortunately, it was short and we were quickly back in business.
What do I think about the scalability of the solution?
We have plans to increase the use of Radware in our enterprise. There are a couple of applications that are going to be added.
How are customer service and support?
The technical support is very good.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We did not have a previous solution. It was a fairly quick decision to go with Radware. It was chosen because Cisco offered a package of security solutions in which Radware was included.
How was the initial setup?
The initial setup was pretty easy. An engineer from Radware helped us. We scheduled a meeting, discussed the changes that we had to make internally at the DNS level, and that's it. The engineer who helped us was assigned by Radware and we had a pretty good experience with him. On our side it required two people, our system administrator and security analyst.
The programming process and our first use of the solution were quite successful. It was deployed with a set of default rules and policies in a short amount of time, and these gave a certain level of protection for our applications. When we started using it, we understood its features and potential.
In terms of maintenance, there are changes and revisions that need to be made from time to time, mainly to check for false positives. Generally, only one person participates in that process.
What was our ROI?
We have seen return on investment through the level of reliability of the application and the optimal stability that it gives to our users.
In terms of TCO, it has not been an expense. More than anything, it has been a beneficial service that has reduced TCO by approximately 70 percent.
What other advice do I have?
Radware Cloud WAF Service is a good option. It is a good tool that will definitely give you the protection you are looking for.
The most important lesson that Radware has taught me is that, as a service, it can relieve you of many application security tasks.
Foreign Language:(Spanish)
¿Cuál es nuestro caso de uso principal?
Usamos Radware para proteger nuestras aplicaciones y los portales que compartimos con nuestros clientes y socios comerciales.
¿Cómo ha ayudado a mi organización?
Entre las mejoras de nuestra organización está que estamos más tranquilos en cuanto al uso de las aplicaciones que publicamos. Radware nos da un nivel de confianza que nos asegura que si hay un ataque, tenemos una herramienta que nos protegerá y bloqueará comportamientos sospechosos.
Cloud WAF Service también nos ha ayudado a reducir los falsos positivos. No tengo los datos exactos de cuánto han disminuido, pero una vez que entramos en el portal podemos ver conexiones de red que tienen una IP desconocida y podemos escanear y bloquear aplicaciones automáticamente de países en los que no tenemos clientes.
También ha ayudado a ahorrar tiempo para nuestro equipo técnico. No dedicamos tanto tiempo a las amenazas, pero revisamos directamente los informes. Hemos ahorrado alrededor del 30 por ciento en el tiempo invertido.
¿Qué es lo más valioso?
Una de las características más valiosas que hemos encontrado en la solución es la protección contra ataques de redes botnet y las solicitudes que pueden generar estas redes remotas que son bloqueadas de nuestros servidores. Eso nos libera de tener que lidiar con ese tráfico.
Cloud WAF Service también nos ha resultado útil en términos de bloqueo de amenazas porque las detecta automáticamente, detecta patrones de comportamiento que tienen un patrón de amenaza y los bloquea directamente. Sin tener que hacer algún cambio o decisión, estamos protegidos automáticamente.
Además, en cuanto a la clasificación de eventos, la solución hace un trabajo productivo al detectar los logs donde podría haber amenazas a nuestras aplicaciones, y eso es bastante útil.
¿Qué necesita mejorar?
Hemos tenido dificultades con la configuración de reglas a la hora de permitir conexiones y tener una lista de IPs que están autorizadas para usar un servicio específico. No hemos podido hacer que una lista blanca funcione.
Por ejemplo, si queremos publicar servicios para un número limitado de proveedores y solo queremos que esos proveedores se conecten, debemos reenviar esas solicitudes al equipo de soporte de Radware y ellos las aplican, pero lleva algo de tiempo. Me parece que este largo proceso sería más rápido si la configuración pudiera existir directamente en el portal. Eso facilitaría las cosas.
¿Por cuánto tiempo he usado la solución?
Estamos en nuestro tercer año de uso del servicio Radware Cloud WAF.
¿Qué pienso sobre la estabilidad de la solución?
Solo hemos tenido una interrupción de la red que ocurrió hace un tiempo. Afortunadamente, fue breve y rápidamente volvimos a la normalidad.
¿Qué opino de la escalabilidad de la solución?
Tenemos planes para aumentar el uso de Radware en nuestra empresa. Hay un par de aplicaciones que se van a agregar.
¿Cómo son el servicio de atención al cliente y el soporte?
El soporte técnico es muy bueno.
¿Cómo calificaría el servicio y soporte al cliente?
Positivo
¿Qué solución usé anteriormente y por qué cambié?
No teníamos una solución previa. Fue una decisión bastante rápida optar por Radware. Se eligió porque Cisco ofrecía un paquete de soluciones de seguridad en el que se incluía Radware.
¿Cómo fue la configuración inicial?
La configuración inicial fue bastante fácil. Un ingeniero de Radware nos ayudó. Programamos una reunión, discutimos los cambios que teníamos que hacer internamente a nivel de DNS y eso es todo. El ingeniero que nos ayudó fue asignado por Radware y tuvimos una experiencia bastante buena con él. Por nuestra parte, requería dos personas, nuestro administrador de sistemas y el analista de seguridad.
El proceso de programación y nuestro primer uso de la solución fueron bastante exitosos. Se implementó con un conjunto de reglas y políticas predeterminadas en un corto período de tiempo, y estas brindaron un cierto nivel de protección para nuestras aplicaciones. Cuando empezamos a usarlo, entendimos sus características y potencial.
En cuanto al mantenimiento, hay cambios y revisiones que deben realizarse de vez en cuando, principalmente para comprobar si hay falsos positivos. Generalmente, solo una persona participa en ese proceso.
¿Cuál fue nuestro Retorno de la Inversión?
Hemos visto el retorno de la inversión a través del nivel de confiabilidad de la aplicación y la estabilidad óptima que brinda a nuestros usuarios.
En términos de TCO, no ha sido un gasto. Más que nada, ha sido un servicio beneficioso que ha reducido el TCO en aproximadamente un 70 por ciento.
¿Qué otro consejo tengo?
Radware Cloud WAF Service es una buena opción. Es una buena herramienta que definitivamente te brindará la protección que buscas.
La lección más importante que me ha enseñado Radware es que, como servicio, puede liberarte de muchas tareas de seguridad de las aplicaciones.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Engineer at a transportation company with 51-200 employees
Features geo-blocking, protection against unknown threats, automated analytics, and excellent support
Pros and Cons
- "Geo-blocking is one of the most valuable features we use the most; most of our users are in North, Central, and South America, so we use geo-blocking to block access from other countries."
- "We receive many reports from our security team of IPs flagged by our security tools, such as Palo Alto. I cannot add the file containing the IPs to get them blocked; instead, I have to contact Radware support and open a ticket for them to do it. I need to be able to block flagged IPs myself, as it currently takes more time to open a ticket, contact the support team, and wait four to six hours for a response. I want to be able to upload a file with 2,000-3,000 IPs in the console and then apply and save the configuration."
What is our primary use case?
Our company infrastructure is supported in AWS, and we use Cloud WAF to protect most of our applications, including mobile apps, our main website, and other business-related apps.
We have many applications in the AWS cloud, including API gateways and balancers, so the backend is made up of all our apps and network load balancer. We use the solution as a frontend protection tool, and the integration is simple, uncomplicated, and works fine.
How has it helped my organization?
The most significant benefit of using Cloud WAF is the robust protection it provides, particularly against Layer 7 attacks. We've been protected against attacks on our website, and in the case of one DDoS attack, Radware supported us in detecting the attack behavior and blocking the threat. The block took five to ten minutes, we configured the solution to account for the specific behavior of the attack, and we re-established our website.
The product significantly reduced our false positives, as we previously had many. We had more false positives just after the implementation, but following some reconfiguration and changing some features with the help of Radware's implementation team, the tool works fine. We only have a few false positives; we've seen a reduction of around 80%.
Cloud WAF helps to free up our IT staff for other projects and saves us significant time. I manage the solution and log into the console around once a week; it takes very little time to configure. The tool doesn't require continuous supervision, just infrequent configuration changes, five times a month.
What is most valuable?
Geo-blocking is one of the most valuable features we use the most; most of our users are in North, Central, and South America, so we use geo-blocking to block access from other countries.
In our experience, Cloud WAF effectively prevents unknown threats and attacks. We have received reports of attacks in the past, but the product successfully blocked them. In a few instances, we contacted Radware support for assistance in blocking specific attacks. Despite experiencing around three incidents over the past four years, we are satisfied with the solution's performance and have not encountered any further issues.
The solution's automated analytics for looking at events works great, as it has a model that can analyze the traffic and respond to an attack. We can also configure the tool to block or allow specific traffic based on the analytics.
What needs improvement?
We receive many reports from our security team of IPs flagged by our security tools, such as Palo Alto. I cannot add the file containing the IPs to get them blocked; instead, I have to contact Radware support and open a ticket for them to do it. I need to be able to block flagged IPs myself, as it currently takes more time to open a ticket, contact the support team, and wait four to six hours for a response. I want to be able to upload a file with 2,000-3,000 IPs in the console and then apply and save the configuration.
For how long have I used the solution?
We've been using the solution for four to five years.
What do I think about the stability of the solution?
The solution is highly stable; we never had a direct issue with the tool in four years, so it's very solid.
What do I think about the scalability of the solution?
The solution is highly scalable; we can apply multiple servers and add applications to Radware almost immediately.
How are customer service and support?
We have contacted support on multiple occasions, and they are excellent, though it depends upon the case. If we have a P1 issue, we can contact support by calling them directly, which takes up to 15 minutes. For non-critical regular tickets, these can take between four and six hours, which is good. If we have multiple issues, we can enter a Zoom call with support, and they will help us to block malicious traffic, for example. I rate them nine out of ten.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup was very straightforward, and we implemented with a team of three or four staff. The product doesn't require any maintenance on our side; we sometimes receive emails informing us Radware will carry out maintenance, but it never affects the company.
What's my experience with pricing, setup cost, and licensing?
We are based in El Salvador and don't have a direct license with Radware; we purchase the license through resellers. The pricing is reasonable, as I managed an Akamai product in a previous position, and Cloud WAF is competitively priced.
What other advice do I have?
I rate the solution nine out of ten.
Radware is very valuable to our business, the deployment is simple, and it only took a couple of weeks to see that value.
My advice to others considering the solution is that it's a good tool. Regarding security, it's an excellent and feature-rich product that can protect your website, is easy to configure, and has strong support. The Radware technical support staff are very experienced and knowledgeable about their product. We can also generate periodic reports, and Cloud WAF is a great solution that will help improve your work.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Buyer's Guide
Radware Cloud WAF Service
December 2024
Learn what your peers think about Radware Cloud WAF Service. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Cyber Security Expert at NLB DigIT
Has advanced rules that can be useful for reconfiguring complex applications
Pros and Cons
- "Radware Cloud WAF Service has several valuable features, with good support and a user-friendly GUI."
- "The connection between the front and back ends could be improved."
What is our primary use case?
We use the solution to protect our environment against attacks.
How has it helped my organization?
I am satisfied with its ability to block unknown threats and attacks.
The Radware Cloud WAF Service is beneficial to our organization because it allows us to unify protection across cloud-based locations and have centralized control over it. Additionally, implementation of the solution is relatively straightforward if the web application is not overly complex.
I think we still need to analyze exactly how much the solution has helped reduce false positives. However, the estimate doesn't have as many false positives. The solution provides accurate signatures for most of the operating systems, and protections. I believe it is quite effective in reducing false positives as we can filter, we have detailed security reviews with the policy security reviews from the previous year and prior day implementation with the experts from Radware. The policies that are set are quite good and there are not as many false positives. We have seen around a 20 percent reduction in the number of false positives.
When the solution works flawlessly it frees up around ten percent of our IT people's time to work on other areas.
Compared to other solutions, the protection against the tax provided by Radware Cloud WAF Service is the same except we now have fewer false positives.
What is most valuable?
Radware Cloud WAF Service has several valuable features, with good support and a user-friendly GUI. There are some advanced rules that can be useful for reconfiguring complex applications, though not always. Advanced tools are also available.
The automated analytics of the solution is beneficial for examining events. We can traverse security events, extract the necessary information, and search for specific ones.
If the applications are not too complex, integrating the solution with other systems and applications in our environment is easy. However, if they have custom services ports and other components beyond the HCT protocols, then we may have a problem.
What needs improvement?
The connection between the front and back ends could be improved. The connection is not always accurate, and there are occasional bugs. Radware should consider introducing more advanced tools than the larger ones, as well as providing use cases within the documentation for more advanced rules such as client certificate authentication.
For how long have I used the solution?
I have been using the solution for seven months.
What do I think about the stability of the solution?
The solution is stable.
How are customer service and support?
The technical support is responsive.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We previously used on-prem solutions and switched to Radware Cloud WAF Service because of the cloud capabilities.
How was the initial setup?
The initial setup is straightforward as long as the applications do not have any custom ports and more services or applications are relatively basic and exposed on the outside without additional services.
A full deployment with security policies and complete implementation requires around three weeks.
I am the one who can operate everything on the cloud, but we need to obtain signatures from a number of people in order to change the IP addresses. The deployment requires one person from the IT security team and five or more people from the business side.
What was our ROI?
The return on investment is satisfactory and has stabilized at this point.
What's my experience with pricing, setup cost, and licensing?
The price is a bulk average.
What other advice do I have?
I give the solution an eight out of ten.
The solution's time to value is average. Sometimes bugs arise and take longer than expected, and sometimes everything goes smoothly. I would say the ratio is 50/50. When everything goes smoothly with the integration the value is seen immediately.
The solution has been deployed across multiple locations in six different countries.
It has required some maintenance a few times but not much.
We have 30 people using the solution.
I would recommend the solution; however, it is always beneficial to have a proof of concept first. You should go through the demo to ensure the solution fits their environment.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Cloud Engineering Lead at a aerospace/defense firm with 51-200 employees
Is an excellent solution for blocking unknown threats and attacks and frees up the IT team
Pros and Cons
- "I particularly appreciate the low administrative burden of this solution, as well as the excellent monitoring tools."
- "Radware does not have much online training available to help customers get the most out of this solution."
What is our primary use case?
We are a company that specializes in loyalty programs for airlines and retail businesses. Our website allows customers to log in and check their loyalty program points, redeem them for flights or other items, and purchase additional points or life miles. As this is a sensitive website that is subject to many attacks, we implemented Radware Cloud WAF Service to protect it.
The solution is deployed on the cloud. We use AWS, but the web application firewall is on Radware infrastructure.
How has it helped my organization?
The Radware Cloud WAF Service is an excellent solution for blocking unknown threats and attacks. We have follow-up meetings with our team every other month, and we receive a summary of all the threats the solution blocked. The metrics are very positive. Without this service, we would certainly be in trouble, as we experience a large number of attacks. The solution is very specific in identifying the region from which the attack originates, as well as the type of attack, such as mail service or SQL injection. It also provides details on how the attack was blocked.
The primary advantage of Radware Cloud WAF Service is that we can be confident that the website will not be vulnerable or that our client's accounts will not be compromised. Therefore, it is highly beneficial for us.
We have very few false positives; it is very rare. In the two and a half years I have been with the organization, there has only been one false positive. This occurred when an authentic IP from Colombia attempted to log into the website and was blocked by the WAF.
The solution definitely freed up our IT teams for other projects, as we no longer have to manage the WAF ourselves. With Radware taking care of the WAF deployment in our Amazon infrastructure, our IT personnel who would have otherwise been working on managing our application firewall can now be assigned to other projects. The solution helped save 30 hours a week.
What is most valuable?
I particularly appreciate the low administrative burden of this solution, as well as the excellent monitoring tools. I can easily view blocked requests and malicious activity in a summary dashboard without needing to intervene. The solution works well independently.
What needs improvement?
Radware does not have much online training available to help customers get the most out of this solution. For example, we do not know how to integrate the solution with other tools or take advantage of the analytics that it offers. Radware could improve access to this knowledge by providing short training sessions so that customers can benefit more from their work.
For how long have I used the solution?
I have been using Radware Cloud WAF Service for two and a half years.
What do I think about the stability of the solution?
The solution is highly reliable; we have never experienced any outages.
What do I think about the scalability of the solution?
The scalability is completely transparent for us. For instance, on Black Friday, we experience an increase in traffic on our website, yet we don't notice anything because Radware automatically scales, so we don't need to take any action. Therefore, it is very efficient at scaling.
What was our ROI?
From a financial perspective, we have definitely reduced fraud. This has been a return on investment, as we are no longer losing money compensating customers for fraud. I cannot provide an estimated amount, but we have a team in the company dedicated to preventing fraud. There has definitely been a return on the investment.
What's my experience with pricing, setup cost, and licensing?
It is slow for us to get a quote, which is something that could be improved by the sales or commercial team. However, I believe the prices are fair. We pay for each application we add to the protection, as well as for each additional website. We currently have three licenses and are satisfied with them.
Which other solutions did I evaluate?
We always compare Radware Cloud WAF Service to the Amazon web application firewall. We have found that Radware Cloud WAF Service is a better solution for us as it is specialized and managed, so we do not need to spend time configuring or managing the solution.
What other advice do I have?
I give the solution a ten out of ten.
We do not use the solution for integrating with other applications. The only other solution is the Cloud WAF Bot Manager, which is another product from the same company. We can access it from the same account using the same credentials. I can access both dashboards, the WAF and Bot Manager, but we do not integrate them with anything else.
The solution has not been implemented in multiple locations. Most of the traffic comes from Latin America and the United States. I do not have an exact figure for the number of end users that access our website, however, I can estimate that it is in the hundreds of thousands per day.
We have never performed any maintenance from our end.
We need to understand how the solution is priced, as our company has one main website, but sometimes there are other products with different URLs and websites, so we must pay for each one. My advice to customers is to understand how this is priced so they can plan accordingly.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
System Administrator at a comms service provider with 1,001-5,000 employees
Is user-friendly, helps save time, and has good end-to-end API protection
Pros and Cons
- "Radware Cloud WAF Service is user-friendly and easy to deploy."
- "Radware Cloud WAF Service should provide SSL certificates for its hosting customers."
What is our primary use case?
We have multiple use cases for Radware Cloud WAF Service. We use it to protect our voice domain, our banking solution, and any other applications that are open to the Internet. We use the same Radware WAF for our applications on AWS.
How has it helped my organization?
The effectiveness of Radware Cloud WAF Service in blocking unknown threats and attacks depends on the situation. Usually, when we deploy applications, we have everything planned in advance. In this case, we can simply log in to the portal and configure the WAF. However, if we are dealing with a repeated case or if we need to update a certificate, we can use automation to make the changes. In most cases, we do not need to make any changes to the WAF configuration. For example, if we need to block a specific IP address, we can create a template and apply it to all of our web applications. This allows us to use WAF for both web applications and API code.
Radware Cloud WAF Service's automated analytics for looking at events is good. We actually had something similar before, but this service gives us a better understanding of how we use WAF for different products. For example, DDoS protection is also included. This allows me to analyze which users are coming from which locations, what my status is, and if I have a SQL injection or something similar. There are a lot of features, so I definitely know my application better and can identify any security events that are happening on my web or application.
The end-to-end API protection offered by Radware Cloud WAF Service's API discovery feature is a good tool. However, it can only be effective if we understand the WAF portal concept and know what the tool does. Before we use the tool, we should read its documentation. Radware also has a universal university where we can learn more about how Radware works in a web application. This is helpful because different vendors have different ways of using the same application. I have been part of this learning experience and found it to be very helpful.
API Discovery is easy to use for those who are familiar with WAFs and APIs. However, we need to use a document to configure it, which is not a big deal.
Using Radware CDN services and Cloud WAF together is easy. However, it requires coordination between two different teams. The security team is responsible for CDN, while the development team is responsible for the application. If these teams communicate effectively, it is very easy to use the combined services. Even if the development team does not have experience with CDN, it is not difficult to learn. I have been part of both teams, and I can confirm that using Radware CDN services and Cloud WAF together is easy.
Radware Cloud WAF Service is user-friendly. It provides us with what we need and tells us where to click. Even if we are new to using it, we will not get lost or confused. Once we log in, we can simply click through the steps and understand what is happening. The application is easy to configure and does not require highly technical knowledge.
Radware Cloud WAF Service helped reduce the overhead on one team. In a previous product preview event, only two teams were configuring everything for the project team. However, now even the user developer can develop applications. They develop the application, put their endpoint, and go to Radware to create everything. The system management and network teams are no longer involved. This reduced the dependency on a team by 70 percent. Additionally, any individual team can now configure and use the service.
Radware Cloud WAF Service helped reduce our TCO by ten percent.
We noticed the time to value within two months of using Radware Cloud WAF Service.
What is most valuable?
Radware Cloud WAF Service is user-friendly and easy to deploy. All we need is our domain name, and we can easily configure it. I migrated from old products to new products using Radware Cloud WAF Service. Migration can be a complex process, but Radware makes it easy by providing a step-by-step guide. We can migrate one application at a time, or we can migrate multiple applications at once. Radware also provides an API that we can use to automate the migration process.
What needs improvement?
Radware Cloud WAF Service should provide SSL certificates for its hosting customers. Currently, customers must purchase an external certificate and upload it to their hardware. This is a major inconvenience, and I would like to see Radware offer a certificate solution.
The technical support has room for improvement.
For how long have I used the solution?
I have been using Radware Cloud WAF Service for six months.
What do I think about the stability of the solution?
Radware Cloud WAF Service is stable.
What do I think about the scalability of the solution?
Radware Cloud WAF Service is scalable. We have multiple teams but we are all on one cloud. We have approximately 50 people using Radware Cloud WAF Service.
How are customer service and support?
Overall, the technical support team resolves our issues, but they take some time to understand the issues.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We previously used Imperva Web Application Firewall, but it was too expensive. We switched to the Radware Cloud WAF Service, which is more affordable.
We did not use the automation with Imperva in the same way that we do with Radware Cloud.
How was the initial setup?
The initial setup was straightforward. The deployment took one month because we wanted Radware to learn about our footprint. We started blocking after a month, once they developed an algorithm to understand how the application works and what the major use cases are. Initially, we were not in a blocking mode. We were just configuring everything and learning more about the application. We initially required six people because we were building the policies.
What about the implementation team?
The implementation was completed in-house.
What was our ROI?
We are still in the early stages of using Radware Cloud WAF Service, but we have already seen a 10 percent return on investment due to a reduction in team dependency.
What's my experience with pricing, setup cost, and licensing?
For the current market, the price for Radware Cloud WAF Service is exactly where we want it to be.
We are using two services, WAF and CDN, and we have a three-year contract for these services.
What other advice do I have?
I give Radware Cloud WAF Service an eight out of ten.
I recommend conducting a proof of concept before purchasing Radware Cloud WAF Service.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Manager Cloud Security at a computer software company with 501-1,000 employees
Easy to implement and expands well and is reliable
Pros and Cons
- "The solution offers good protection."
- "The integration part could be better."
What is our primary use case?
We have a couple of AWS customers where we are implementing this solution.
When we are talking about the WAF use case, we just like to save the request. Whatever request you are getting on the WAF side, you can block it according to the filter. If you have any vulnerability inside the request, that will be inspected. If it's not legitimate, then it will be stopped with the help of WAF.
What is most valuable?
The solution offers good protection. It's for the L7, actually. When you are trying to protect the L7, this is a good product.
There are templates you can try which is useful.
It's easy to implement.
The solution scales quite well.
The solution is stable and reliable.
Technical support has been helpful.
What needs improvement?
The integration part could be better. The visibility part could improve as well. In the market, everyone is moving towards the cloud. However, the patience is not good. When we are trying to find out some information, we are not getting what we need on time. They need to arrange some more use cases for their partners, for their customers to showcase their product and show exactly how it is working, how they're capturing the market, et cetera. Right now, they aren't showcasing what can be done, making it hard to sell.
I've found it difficult to find good documentation for cloud deployments.
For how long have I used the solution?
We've been using the solution over the past year. We've used it for ten months.
What do I think about the stability of the solution?
The stability is quite good. I would rate it a four out of five in terms of stability. It is reliable. There are no bugs or glitches.
What do I think about the scalability of the solution?
It is a scalable product. We don't have any issues in that regard. I'd rate it four out of five.
We have a few customers on the solution. We have one with 15,000 POC employees, and they are using it. There are also a couple of other POCs we are working on now.
How are customer service and support?
Their support has been very good. We are quite pleased with their general capabilities. We tend to also handle issues that are at an L2 or L3. If we cannot handle the client requests, we may reach out to Radware for help.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is not overly complex. The entire process is easy to manage.
For deployment, I don't need many people. We do have a team of ten to 15 people who are managing all the security features. I can assign one of them to take care of tasks as necessary. One person who is knowledgeable in WAF can handle the deployment part.
Implementation is a one-time thing. However, the processing of requests is ongoing. Today, a customer has a certain requirement to maintain their compliance, so they can go ahead with the initial set of rules. In the future, if they come across different kinds of compliance, they definitely need to create new rules. Therefore, it's an ongoing process. We cannot say that is a one-time process work for a week, and we've completed it. Basically, the initial implementation can get done in a week. Within a week, we will have to also collect the rule stage information from the customer, including any other requirements. Then, after that, it's ongoing tweaking.
We tend to perform maintenance for clients. If a customer faces any challenges, they create a case with us, and we deal with it.
What about the implementation team?
We can handle the initial setup ourselves.
From my side, there is only one resource deployed on the project. However, there are multiple people required to gather information. From the customer side, it will require them to share what rules should be implemented and we figure out how we will proceed and what requests we will get coming into the application server.
What's my experience with pricing, setup cost, and licensing?
The solution is pretty pricey. It's not a cheap option. I'd rate it a three out of five in terms of affordability.
They do offer different types of licenses, according to your needs.
What other advice do I have?
I'm a Radware partner.
We have the latest version implemented right now.
I'd rate the solution eight out of ten.
I would recommend the solution to people.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Download our free Radware Cloud WAF Service Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Web Application Firewall (WAF)Popular Comparisons
Prisma Cloud by Palo Alto Networks
Azure Front Door
F5 Advanced WAF
Fortinet FortiWeb
Imperva Web Application Firewall
Cloudflare Web Application Firewall
Imperva DDoS
Azure Web Application Firewall
Check Point CloudGuard WAF
Buyer's Guide
Download our free Radware Cloud WAF Service Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which WAF solution would you recommend to cater to 100 to 125 concurrent sessions?
- What do you recommend for a securing Web Application?
- Fortinet vs Sophos? Help choose a NGFW solution that can replace Microsoft TMG.
- Imperva WAF vs. Barracuda: Which One is Better?
- F5 vs. Imperva WAF?
- When should companies use SSL Inspection?
- NGFW with URL Filtering vs Web Proxy
- How does a WAF help to protect against DDoS attacks?
- What's right for me? Fortinet or Citrix?
- When evaluating Web Application Security, what aspect do you think is the most important to look for?
Hi,
Please note that in 2023 our Cloud Application Protection services pricing model has been changed and simplified.
We now offer only three plans to choose from: Standard, Advanced, and Complete
Each plan is designed to cater to different cybersecurity needs and risk exposure, as well as different levels of managed services.
Please feel free to contact us to learn more