Radware Software and Solutions

Opting for a solution like Radware DefensePro is a strategic move for our telecom company, especially considering the critical nature of our subscriber self-care portal and the potential impact on the organization's image and the country as a whole. 

Radware DefensePro is renowned for its advanced DDoS mitigation capabilities and has significantly enhanced the security posture of our infrastructure.  

As a public sector unit, the stakes are high, and DefensePro's ability to handle sophisticated attacks provides an added layer of confidence. Its scalability ensures that our telecom infrastructure can adapt to changing traffic patterns and evolving threat landscapes.

DefensePro offers a multi-layered defense mechanism, combining behavioral analysis, signature detection, and real-time threat intelligence to identify and neutralize DDoS attacks promptly. Its adaptive nature allows it to evolve with emerging threats, ensuring that our self-care portal is shielded against the latest attack vectors.

The solution's granular traffic inspection capabilities enable it to differentiate between legitimate and malicious traffic, preventing service disruptions caused by volumetric, protocol, or application-layer DDoS attacks. This not only safeguards our portal but also contributes to maintaining the promised 100% uptime.

The solution has many valuable features, including a regular signature update. Radware is providing regular signature updates for the DefensePro solution, thus our organization is better equipped to handle any new threat vectors.

The solution's reporting and analytics features are quite useful. It offers valuable insights into ongoing and past attacks, aiding in post-incident analysis and continuous improvement of our cybersecurity strategy. This proactive approach aligns with the need to not only mitigate threats but also to learn from and refine our security posture over time.

They need to provide more granular control over security policies, allowing organizations to tailor configurations based on their specific needs and risk profiles. There is a restriction on the number of policies that can be defined.  That count may be increased further to create more specific policies

They should integrate automated incident response capabilities to streamline the mitigation process and reduce response times during attacks.

It would be ideal if they could expand protocol support to cover emerging communication standards and ensure comprehensive protection against diverse attack vectors.

I've been using the solution for the last 11 years.

It is stable.  

Scalability is an issue. It can be made more scalable by considering the growing DDoS attacks and web services.

We've always received support when needed.

Positive

I did not use a different solution.

It was a straightforward setup. We had no hiccups.

Implementation was through the vendor team. I would rate them nine on a scale of one to ten where one is the worst and ten is best.

It is a good option for those who are looking for on-premises protection against DDoS attacks.

We are a data center and cloud service provider. We are providing this as a service model to our customers. We are taking services and selling them to our customers. We will continue to provide services in consultation with the Radware team.

Security is the most important benefit. In security services, we need to get proactive information. After implementing Radware DefensePro, we have a dashboard, and we can do proactive detection. It helps us to be reactive as well as proactive to protect the customers.

Radware DefensePro provides a single dashboard for our operations team and the admin team. It is very convenient. All the information is available in a single place.

As a service provider, we are using the Radware SecOps dashboard as per our customer's requirements. It is always customized.

The Radware SecOps dashboard is quite useful. It is generally used by my team. I am not using it directly. My team uses it for day-to-day operations.

The Radware SecOps dashboard is easy to use. The interface is very user-friendly. This is the feedback that I am getting from my team.

Radware DefensePro is very useful for protecting our organization against DDoS threats and attacks. We evaluated it against a lot of its competitors and finalized it. It is definitely useful, and it serves the purpose.

We are serving the BFSI customers. There are also a lot of trading companies. We are able to meet the compliance requirements for the Internet traffic given by the Reserve Bank of India and SEBI.

Radware DefensePro is able to detect attacks in real-time. It does the detection and provides alerts in real-time as well. The action is something we need to take. My team has not reported any false negatives given by Radware DefensePro.

The proactive information and the dashboard of Radware DefensePro definitely give us comfort. It also helps me with online reporting for my customers, which is not in real-time, but whenever a customer asks for a report, we share the report with the customer.

Radware DefensePro has not helped us reduce downtime associated with attacks because we did not have any downtime previously. We have been lucky. The downtime was not there at all, but it is helping to maintain our uptime. We are able to maintain that now.

The dashboard is the best part, and there is also the ease of operations.

As a service provider, we are expecting the multi-tenancy feature on the dashboard and reporting side. It will help share reports with customers in real-time. They can directly see them online. We are working with their team on API integration with our portal. We will be able to achieve that, but it will take some time.

I have been using Radware DefensePro for the last 4 years.

There were a few errors that we observed earlier, but their team was very proactive. During a PoC with one of the customers, we faced a lot of challenges, but their team was very proactive. It is a technology, so there will always be some challenges. We understand that, and any technical person will also understand it. How they are reacting to a situation is much more important and the support that they provide is much more important. I would rate it a 9 out of 10 for stability.

We have not faced any challenges with the service availability of Radware DefensePro. There is a 100% availability.

It is scalable. Currently, we are giving it to small and medium organizations, and not to enterprises, because generally, enterprises have their own dedicated solution, and they have their own management team. We act as a reseller with them, not as a service provider. We have plans to increase its usage.

We have a 24/7 shift, and our SOC team comprises 45 people.

We have not had any bad experiences, but there is always scope for improvement. That is the reason I would rate them a nine out of ten.

Positive

In our environment, we are not using any other vendor. Our team and the Radware team work hand in hand. We have got one more big order. We are jointly working, so there is no question of selling any other solutions. We are partners. The CEO of Radware India is also a good friend of our CEO. There is also a personal connection there. We are not seeing anything where any other product will be involved.

It is deployed on-premises in our environment, but we are selling it as a cloud to the customer.

Its deployment was a little bit complex because we did not have in-house expertise. The Radware team and their partner helped us to deploy it. The next deployment will be easy for us because we understand the technology now. The first time deployment was a little bit tedious for us because we did not have the knowledge of the product. In terms of duration, it took a couple of weeks after delivery.

We have not had many problems after the implementation because we had the support of their team.

There is maintenance from the upgrade point of view. Otherwise, there is no maintenance.

Investment in a security product is like an investment in insurance. It always seems costly, but when you face a problem, you see the value of it. Security services are always like that. Cost is one factor, and security is another major factor. You should know what you are protecting. Putting the cheapest solution may or may not put you in trouble, but when you are in trouble, nobody will be able to save you.

It is expensive. I would rate it a 7 out of 10 for pricing.

I would definitely recommend Radware DefensePro. We are a Radware partner, and we work jointly on any government or non-government RFPs.

We use load balancers and some of the other products from Radware. We use Alteon.

I would rate Radware DefensePro a 9 out of 10. We have not faced any challenges as such. It has protected us and our customers.

One of our customers utilizes Radware DefensePro as their DDoS mitigation solution.

Radware DefensePro plays a vital role in safeguarding our network by protecting us from DDoS threats and attacks. It acts as the first line of defense, meticulously tracking incoming traffic to our website. This traffic is then passed to flow detectors within DefensePro's various defense flows, where it's rigorously checked and mitigated if necessary.

It's important for our compliance and privacy requirements that DefensePro doesn't decrypt our traffic or require we share certificates.

I would rate DefensePro's ability to detect DDoS attacks in real-time a nine out of ten.

DefensePro has reduced the number of false positives by 100 percent.

DefensePro has reduced downtime associated with attacks by 100 percent.

Radware DefensePro's most valuable feature lies in its ability to mitigate non-traffic attacks. This allows for clear visibility into natural packet flow and the packet filters are automatically applied to routers whenever suspicious behavior is detected.

We've been encountering a lack of updates in DefensePro. Currently, we're facing numerous bugs within our data solution. These bugs are impacting the failover process, and we're observing repeated crashes of the Elasticsearch container across various workflows.

There's room for improvement in the clarity of the feedback provided by the command service in the CLI. Specifically, the messages it gives when something happens to Docker containers could be more informative. For example, it might simply state that container states have changed, or it might mention the directory paths where container data is saved, but these messages don't provide enough detail. To access the files, users currently need to navigate through a complex directory structure, which isn't very user-friendly.

There is a need for more informative release notes. The current ones lack detail about what's included in the updates and what fixes have been implemented. This makes it difficult for users to understand the changes and how they might affect the experience.

I have been using Radware DefensePro for six months.

I would rate the stability of Radware DefensePro ten out of ten.

I would rate the scalability of Radware DefensePro nine out of ten.

The technical support is great.

Positive

Radware DefensePro is a bit on the expensive side.

While researching DDoS solutions and looking for the most affordable option, I'd recommend considering Radware DefensePro even though it might not be the cheapest because opting for the absolute cheapest solution can come with a lot of drawbacks. These budget options often have security vulnerabilities and hidden weaknesses that could leave networks more exposed during an attack. DefensePro offers additional features and stronger overall network protection, making it a more secure choice in the long run.

I would rate Radware DefensePro ten out of ten.

We have 226 firewalls and around 78 routers that are all protected by DefensePro.

Radware offers a cloud, software, and hardware-based solution. It deals with all three platforms. 

1. They have a hardware device on which their software can be installed. We can manage all the load balancing with it. 

2. Similarly, for the Radware software, we can install the OVA file on our server and configure all the admin backend servers on it to perform services. 

3. In the cloud, we can use their API service to create a virtual platform for clients on which they can deploy and run their applications.

Cloud WAF blocks unknown threats and attacks. We have a monitoring tool, and security patches are released monthly. We can deploy these signatures on the WAF, which identifies threats based on IPs. There are multiple signatures for various attacks, like bot attacks, that we can monitor.

There is a forensic dashboard where we can identify real-time events, hits, and blocks. If there are genuine requests being blocked, we can deploy a custom page with a case number for users to resolve issues. For example, if a user triggers the Web Application Firewall (WAF) due to a misinterpreted service, they will see a blocking page with a case number. There's also an option to refine the WAF settings if it blocks a genuine request.

I also work with the API discovery feature in the Cloud solution. Once the API is enabled and the application vendor provides the API key, we can deploy our application. If the API is correct, it functions properly; otherwise, issues are highlighted on the dashboard. For example, cross-site scripting is blocked at the label level.

API discovery is straightforward to use. There is an option to add the API stream. If the API is correct, it will be processed; otherwise, the API service is blocked.

The dashboard provides multiple features and analytics tools to identify API issues. If there is a cost issue with an API, it can be identified, and we can report it.

It's not difficult to work with the API discovery feature because everything is reflected on the forensic dashboard. There's an option within the dashboard, under the security section, where you define the correct API. You can also identify and exclude specific APIs if needed. There's only one option to add to the API stream. If the API is correct, it will be processed; otherwise, it's blocked.

It's not difficult to identify API issues because when we define the API call, and it is incorrect or not valid, it won't sync with the vendor's application. They identify this and generate a blocking request, which helps us easily identify the issue.

It's mostly for the Alteon service. The Alteon load balancing part, particularly the SSL offloading and WAF offloading, is crucial. Offloading allows us to monitor and identify issues easily. I believe the SSL offloading is the most valuable feature.

It's easy to use, and the configurations are similar across different vendors. Compared to F5 and Citrix, Radware is easier to communicate with and use. The configuration process is simple, involving the creation of groups and pools, much like in F5. The SSL offloading is also very easy. Overall, I think it's a good solution.

The service we use through the cloud is very easy. We have one dashboard to manage everything, which is convenient.

The analytic dashboard could be integrated with other platforms like Splunk. In Splunk, the dashboard shows multiple things, and I think Radware could improve its dashboard in that regard.

In the WAF part, there are multiple things that are initiated, such as updates and patches. There's a global issue right now that we need to monitor on our side. I think the ability to monitor server-level updates and patches should be integrated into the WAF.

I have been using it for three to four years. 

If we raise an issue, they usually identify and resolve it by the end of the day or the next day. There haven't been any escalated cases on the cloud. However, we did encounter one issue regarding the filter and signature. We created a policy to block access from Pakistan, Bangladesh, and other specific locations.

Although the policy was in place and checked, users from those locations were still able to access the application. This was a bug that we reported to the technical team. They identified an issue with their software version and provided us with a new version to update. After the update, the blocking feature worked correctly.

It's scalable. We can customize it as per our requirements. We can customize it in most cases.

In the State Bank of India project, we deployed it, and I believe two or three other banks are using Radware's WAF. Some applications are deployed globally, meaning they're used in Australia, America, and multiple countries. We have multiple deployment options for that. For example, the YONO application is deployed globally and used by many users in different countries. We can easily identify and track that traffic on the dashboard.

In addition, they have also deployed the DDoS service in WAF. So, in case of a DDoS attack or something similar, they can easily identify and monitor it.

It's software-only, so most of the time it works as intended. However, I did raise one request about a filter option in the dashboard not working perfectly. We identified that there was a version issue, and they fixed it in a new patch. They were able to easily identify and resolve the version issue.

They are not globally available but can manage and support us within a range of five to seven. They can usually provide support easily.

Neutral

I have worked on Citrix as well. Both Citrix and Radware are similar, but in Citrix, some things are more lengthy. Radware is better integrated and easier to understand, so anyone can use it.

I haven't directly compared them, but F5 is very popular globally. Both are similar, but Radware lags behind F5 in a few features.

In terms of user experience and management, Radware is easier. However, F5 has better performance. 

Both are cost-effective, but Radware is less expensive because F5 licenses are costly. Technically, Radware is easier to understand.  

We currently use the integrated WAF option on the same device in our application (SBI). There is no dedicated WAF solution. There are two options: license-based and integrated. Using the integrated part helps to identify blocks and other issues effectively.

Integrating with other systems and applications in the environment:

Integration is not difficult. In the dashboard, under the policy section, we can find virtual services and easily enable the API service. Once enabled, WAF monitoring should also be enabled. We can then identify the application's requirements, like JSON ID, cookies, headers, what should be whitelisted, body size, etc. 

We can gather this information from the application owner during deployment to determine what needs to be whitelisted, such as extensions, zip files, XML files, and cookies.

Once we deploy an application, it doesn't take too much time because the application is already deployed. We also use the load balancing feature, so we just need to enable the security web application service. There is an option for this under virtual services where we can also enable it for bot protection. I think anyone can easily manage it if they know about these things.

Radware is signature-based. The patches and signatures are important because we cannot easily monitor them ourselves. They are regularly updated, I think, weekly, so that's helpful. I think this regular update makes it easier for us.

We are a managed service provider (MSP) for Radware. The technical support is handled directly by Radware, but we manage the technical aspects.

We use integrated and cloud solutions because we manage multiple applications for multiple vendors. Some vendors are using the integrated WAF, which is good. The cloud part is also managed by us, not the customer. We deploy everything, including signatures and patches, if needed.

We can deploy it within a month. It's very easy to deploy and work with. If you create load balancing and WAF configurations, both are very simple. The deployment process is easy if you know how to configure it. Anyone who knows the basics of networking and security can easily deploy it. The dashboard and management are also simple. There is no confusion.

If you're creating a virtual service, you can easily create the virtual service port and configure the backend server. It's very simple.

In F5, when creating a group, you need to take one pool service. But in Radware, you can create one group and easily select it. The dashboard and configuration in Radware are very simple.

We mostly deploy in one-arm mode, but there's also a two-arm mode. In one-arm mode, all applications and servers are on the same subnet. We take a single IP from the subnet (e.g., 10.86.11.x). We need three IPs: one for management and two for deployment and virtual services. 

When deploying an application, we can use the same IP range. We deploy all backend servers on the virtual service. We select the backend servers and multiple ports based on the requirements. We then configure the services on the virtual service and review everything. For networking, we need to do NATing if the application is globally accessible, which is also very simple.

The dashboard and conciliation aspects are straightforward in Radware.

Just as in the same domain, we can deploy mainly in one-arm mode, or two-arm mode. There are two different modes. Okay? But typically, we deploy in one-arm mode. In this mode, all applications and services should be on the same subnet. We can take a single IP from the same subnet, for example, if you have a subnet of twenty-three, like 10.86.11.something. We require three IPs in total. One IP for management, and two others for deployment and the virtual service. If we deploy an application, we can use that same IP range. We take it. And on this virtual service, we can deploy to all back-end servers. We can select the back-end server and multiple ports based on the requirements. We can select the ports we need and configure the services on them. On the virtual service, we can configure all the services and review everything. For networking, we need a NATing part if the application is globally accessible so we can NAT through their public IP. It's a very simple deployment process.

For a new project, it might take longer than a month due to approvals and networking configurations. These processes, especially to get approvals for NATing and network paths, can be take time. That's why it takes almost two months. However, if everything is ready, deployment and testing can be completed within five to ten days.

Two resources are enough for the deployment. From a maintenance perspective, not much is needed.

It does bring ROI.

Radware is less expensive because F5 licenses are costly. F5 charges for each and every license. For every virtual service you create, you need to pay additional license fees. The licenses are more COSTLY compared to Radware. 

Radware also has lower annual maintenance costs (AMC) compared to F5. F5 is more expensive than Radware, but it's the leading product globally.

It's not very costly because everything is license-based, all things depend on the license and annual maintenance contract (AMC). If you have an AMC, the cost will be higher. Without an AMC, the cost is less because the product itself is less expensive. But if you have the AMC, the cost will be higher.

If companies provide the signatures and patches perfectly because we can't easily identify new viruses or threats, we rely on the solution company to regularly update their software and devices. Radware is one such company that updates its patches and signatures monthly. They allow us to review all the CVEs and update their patches accordingly. So, I think it's a good option.

Overall, I would rate it a seven out of ten because there are some issues in the cloud part, where it lags.