Radware Bot Manager Reviews

The typical use cases for Radware Bot Manager involve ensuring that web scraping and data exfiltration is not that easy, and also identifying source IP addresses or which users are doing the scraping.

The best features of Radware Bot Manager, as a client, include the reporting because it is easy to understand, easy to read, and easy to get developers or system engineers to understand what they need to implement to secure either a web form or an API, anything similar to that.

Radware Bot Manager has positively impacted our organization because we had masses of scans that took place against certain addresses, allowing us to identify those either good or bad. For instance, when the marketing team contacted a scraping company to get more clicks to the website without informing the technical team, we were able to block the source IP address and the marketing team then started collaborating with the development and operational teams to ensure that the correct information is passed on to engineers to get it.

I don't know how Radware Bot Manager can be improved; when I used it, it fulfilled my requirements. Maybe people who are new to it, or haven't used anything similar before, might say that the configuration is a bit difficult unless you're a technical person who understands the flow or the URL environment. Then the setup is really easy, and you can go live basically.

My experience with the Radware Bot Manager solution is approximately five years, maybe six years.

We used the European node, and while there were talks of getting additional nodes down in South Africa, I don't know if they did or if they now have presence in South Africa, but it was really stable because we also had most of our Cloud environments in Europe.

The scalability of the solution is good.

I would rate the technical support from Radware Bot Manager a nine on a scale of one to ten.

Positive

Before choosing Radware Bot Manager, we evaluated other solutions including Netskope, Palo Alto, and Radware.

The main differences between these solutions are from our side, ease of deployment and not having to reinvent the wheel. We had a lot of pains over the last couple of years with both Palo Alto and Netskope. At that stage, it was easier to make use of Radware Bot Manager than them because they were so mature and had improved their technical onboarding process, simplifying it.

We utilize the customizable rules engine feature.

This feature has helped us significantly; as a client, implementer, or reporter, it made sure that we understood not just what it is but also the context.

We have seen an ROI from Radware Bot Manager. For us as the enterprise, it literally shows the impact on technical resources and also the egress data from Cloud services such as AWS and Azure has come down significantly, which definitely impacts the investment budget. We can see that there's a decline in costs for very specific environments.

My experience with the pricing and setup costs for Radware Bot Manager shows that the setup costs were almost nothing because we made use of the trial manager. I just added our IP addresses and DNS names. Since we live in South Africa, the rand-dollar exchange rate impacts how much we pay—for instance, today it can be 15 Rand to a dollar, and tomorrow it might be 18 Rand to a dollar, which affects how the purchases take place.

The scalability of the solution is good. I would rate Radware Bot Manager an eight out of ten because things have changed and there are other companies now.

We are a company that serves clients like Telmex and Telcel. We use Bot Manager to defend their sites from threats that focus their attack on automated processes that try to achieve denial of service or consume platform resources. Our use case is to protect these sites and ensure the services are continuously working and available to real users.

Bot Manager has made mitigation more efficient. Our services are up longer with much fewer outages. For example, Telmex had serious problems because of automated attacks, and implementing Radware increased uptime by 80 percent. Before we implemented the solution, the servers were often down. When the attacks began, the servers had too many requests to handle, and implementing Radware improved it considerably. Since then, we've had a couple of strong events, but Radware's implementation of D2 web technology improved its ability to contain denial-of-service at layer seven, the request level.

The learning period helped catalog all those false positives. We make good use of this learning period. Radware's analysis is quite good. We put all the events on the table, and together with the end customer, we decided on the tuning and the deduction. False positives reduced. When you take the time to learn, consult with the client, and do the entire process well, false positives are lowered. I believe they’re reduced by approximately 80 percent.

The issue is that many clients do not want to adopt this learning process. They have the vision of a traditional firewall where you install the product and solve the issue. If you follow the process and let the manufacturer analyze all the requests and decide what a false positive is, the tool works much better. We have clients who do not take this learning time, and that is where we have a higher rate of false positives. We have to work together with them and add more policies. 

Bot Manager reduces the downtime associated with attacks, especially targeted attacks. The tool contains well, and that containment allows us to continue the operation without setbacks. We avoided 80 to 90 percent downtime. When the tool is well-tuned and working well, it is quite efficient. The truth is that ever since we activated Radware’s portal, I have had two or three events.

I like how Bot Manager intelligently detects automated tools. It allows some requests through, identifies them quickly, and contains them effectively. It has an advantage over other solutions because it understands much quicker that it is an automated process and begins to mitigate it a little more quickly.

Almost all of our clients use the crypto mitigation algorithm. It is much more efficient because it’s very flat and plain when not encrypted. When we implemented it, the algorithm helped reduce the number of attacks on our clients' applications. With this type of solution, the attacker typically gives up after attempting because it doesn't affect the application. It has reduced the number of attempts by 30 to 40 percent.

While the interface is simple, they could add the ability to upload lists of IPs in an Excel spreadsheet. If there are two or three IPs, it's easy to add them. You have a graphical option to log in and register your IP, but if you want to upload 50 IPs, it becomes more complicated because there are 50 steps. Also, Radware could simplify the implementation of SDK, which is a bit complicated. Radware should work on making the SDK part more efficient.

We have used Bot Manager for approximately two years.

Bot Manager's stability is generally good, but we still have two or three incidents annually. 

Bot Manager's scalability is excellent.

I rate Radware support nine out of 10. I think Radware has the best customer service, especially compared to Incapsula, Akamai, and F5.

Positive

The company also manages an Incapsula product, but I don't remember the name of it. We handle several WAF solutions. Incapsula is the only competitor that is more or less at Radware's level that we manage. I like RadWare better because everything is included in the same solution. Incapsula requires you to buy different modules to add those functionalities, so I don't feel comfortable with Incapsula in that aspect. 

I also like how Radware's learning model is more efficient and generates fewer false positives than Incapsula. Radware's protection is better than Incapsula's. Incapsula can also protect but only if you have all the licensing. I am also unhappy with Incapsula's support. For example, when I have an incident, I can't get support as quickly from Incapsula as I can with Radware. With Radware, I can call them on the phone, and they start assisting me. Incapsula requires a more elaborate process. I have to write an email and do a little more.

The other competitor we handle is Akamai. I haven't had as much experience with them.

I am only in charge of the security event monitoring. I do not administer or manage the implementations. I work on services that are already implemented, and my job is to monitor, detect, and notify. 

After deployment, Bot Manager requires some maintenance. Since they are live applications, you constantly change the applications and adjust the parameters. You need people to update. Because you changed your application, the solution may take it as something invalid. Then you have to change the policies so that the solution learns what you changed within the application. For that, you do need a group of people or a person, depending on the size of your company. We have several monitoring and management staff who do that work.

We see an ROI regarding service uptime. Each failure of service at Telmex or Telcel implies a loss of money, contracts, perception of bad service, etc. However, I could not give you the exact information because it is not my area of ​​expertise.

It depends on the number of attacks the client sees, but the time to value is generally fast with Bot Manager. In three months, the client already realizes the number of events that have been mitigated and sees an improvement in the teams' performance. They receive fewer requests, so I’d say that in three months, the client is already aware of the benefits of implementing Bot Manager.

As service providers, we have several solutions. We put a range of WAF products on the client's table and tell each client that those are the options, and they make decisions based on costs and other information. 

I rate Radware Bot Manager eight out of 10. It's essential to prevent anyone from obtaining information from your company in an automated way. If an attacker creates an automatic engine and you do not contain it, this can allow them to extract information from your site. With that, they can modify your information. Bot Manager covers this very well. At the same time, Bot Manager needs to shorten the time to detect attacks, and the SDK needs to be improved. 

My main advice is to conduct a thorough learning process. This process is critical to making the tool more efficient and maintaining close contact with the development team to find and detect valid requests. 

While using this solution, I've learned that the use of automated processes is increasing and changing. While all of these engines help contain automated processes, they may not have malicious activity in the code injection aspect, as the WAF does. All these automatic processes have a lot of potential to affect your site, and Bot Manager can handle them easily. It is crucial to maintain a tool that has an updated intelligence engine that detects new events and contains them efficiently.

We use Radware Bot Manager for protecting against bot attacks, specifically to distinguish between bot attacks and legitimate traffic.

From speaking with the team, Radware Bot Manager was easy to deploy when we started using it. From my own observation, the solution is effective at detecting bot attacks and has quick learning algorithms that automatically adjust to perform necessary tasks. Since implementing Radware Bot Manager, we've seen fewer attacks and improved the ability to distinguish between bot attacks and legitimate traffic.

When looking at Radware Bot Manager, I noticed instances of false positives where legitimate activities were mistakenly detected as attacks. However, our team has weekly calls with Radware to address and filter out these issues. The reports can be a bit complicated, but Radware assists us in managing the reporting aspect.

I have used it on and off over the last few months.

The stability of Radware Bot Manager is quite good. I would rate it eight out of ten. Downtime, bugs, or glitches are not prominently mentioned as issues.

Radware Bot Manager is highly scalable. It can easily integrate with third-party tools, and I rate its scalability ten out of ten.

The support from Radware is excellent. I rate it ten out of ten because of their prompt availability and assistance whenever issues arise, especially in relation to false positives and other adjustments.

Positive

I wasn't involved in the initial deployment, but I was told it was fairly easy to add Radware Bot Manager into our network.

Radware Bot Manager is invaluable to us, and we have seen around a thirty percent return on investment, particularly in terms of time savings.

Radware's pricing is generally expensive. This could be a deterrent for smaller organizations.

I would recommend Radware Bot Manager because it's a premium product with excellent support from Radware. They are continuously innovating their products. However, the price could be a reason not to recommend it. Overall, I would rate Radware Bot Manager eight out of ten.

We have several web applications, mobile apps, and APIs. Bot Manager helps us protect against automated threats. The solution protects us in a few ways. It uses Collective Bot Intelligence to protect us against critical risks like DDoS attacks, payment fraud, web scraping, etc. Bot Manager is part of a suite of Radware products we use, including DDoS, Layer-7 DDoS, and API protection. 

Radware Bot Manager is effective and comprehensive. Its protection of native iOS and other mobile applications is fast. It provides high-performing protection against any identity-based, tampering, spoofing, or other attacks.

These days, web applications are attacked often, which is why we deployed Radware WAF. The solution gives us a complete set of tools, including Radware Bot Manager. It's a crucial component of our application security. Having this integrated solution has helped our organization significantly.      

Our false positive rate has improved by about 20 to 25 percent since we began using Bot Manager a year ago, and it keeps improving. Bot Manager has helped us to avoid downtime, which can result from various types of attacks. We haven't experienced any downtime since implementing Bot Manager.

Before we implemented Bot Manager, our security teams struggled to keep these applications protected. Once we implemented online protection, we gained peace of mind, and it freed us to work on other things. People can spend more time on something else instead of managing the hardware application protection.

We previously incurred a lot of overhead trying to protect our applications. Implementing Bot Manager helped to reduce the overhead because we have a complete system for protecting the users and ensuring that the application is running fine. 

Bot Manager's behavioral modeling and intelligence help us distinguish between harmless and malicious bots. Bot Manager provides comprehensive coverage of websites, mobile applications, and APIs. It also enables us to automate and customize policies. With Radware, we can deliver a better user experience and drive more ROI from application-specific protection. 

The solution's management portal was a little difficult initially, but I could learn it in a few weeks. It's fine once everything is streamlined and configured. It's effective at detecting and mitigating bots in real time. 

We've used the solution's crypto-mitigation algorithm a few times but not frequently. It has helped us prevent some attacks. The user experience improved significantly since we implemented the solution. Our users are happy with it.

Bot Manager is doing its job, but I think the behavioral modeling could be improved by adding fingerprinting and automation. Remediation should be automated so that it doesn't require any intervention by the user. 

We have used Bot Manager for around a year.

Bot Manager has been stable so far. We haven't experienced any crashes so far. The system is reliable.

The system is scalable because it's a cloud solution. We purchased 1 GB of traffic protection, and we can upgrade at any time. 

I rate Radware support a nine out of ten. I have contacted Radware support a couple of times. We have the highest level of support called Radware Emergency Response Team (ERT), so Radware responds in minutes.

Positive

Before we purchased Radware WAF, we only had WAF, but we didn't have a bot manager, API protection, etc. It used to be risky.

Deploying Bot Manager isn't complex if you follow the process. It took around two months to deploy the solution fully. We deployed the solution with the help of a partner. Our deployment team comprised about six to eight people, including members of our staff and our partner's team. 

After deployment, Bot Manager doesn't require maintenance. Patches and updates are deployed automatically because it's a cloud-based system. 

We started realizing value from the solution about eight to twelve weeks after implementation.

We negotiated a decent price with Radware that fits into our budget. It's a five-year license, so we get a good price and don't need to renew for several years. 

We did some POCs and looked at various vendors, including Akamai, F5, and several others. 

I rate Radware Bot Manager an eight out of ten. I recommend buying the complete Radware suite, which is a one-stop shop for all your application needs. 

Radware Bot Manager helps us detect and manage bot traffic. We also use Radware's AppWall as well as their DDoS and DLP solutions. Bot Manager is deployed at branch offices and our corporate headquarters. The solution covers around 1,000 users. 

We've reduced our false positives with Bot Manager by about 20 percent using custom rules. The solution uses machine learning to help it analyze user behavior and distinguish between humans and bots. It has helped us save time and money.

I like how Bot Manager automatically detects when a suspicious user attempts to download content from your website. The Radware solutions like DLP and AppWall work together effectively to prevent any attempted attack. The response is automated and occurs in real-time. The management and reporting features are easy to use. 

I have used Bot Manager for two or three years. 

Radware Bot Manager is stable. 

Radware Bot Manager is scalable. 

I rate Radware support an eight out of ten. Their professional services are excellent. 

Positive

Implementing and integrating Bot Manager is easy compared to other solutions. It's a cloud-based solution. Deployment took a week to deploy, and I spent about two or three days configuring the policies. You have to do some integration mostly on the client side. One person is enough to install it. 

Bot Manager is affordable, and it's something we need, so it's a good investment. We saw the benefits immediately. We can integrate almost any web application through Radware's API. 

Radware Bot Manager is a little costly but not too expensive. It's in the middle.  

I rate Radware Bot Manager a nine out of ten. 

The purpose is to stop competitors from stealing our content. We use it to protect our application portal, which is for Classified ads. 

Overall, our server load has been decreased because bots have been blocked. In addition, our content is now protected. It's not being copied on competitors' sites. And it's not just our content that is protected but our users' content, the people who post ads, is protected and so is their data. Those were our main focus points and the reason we use the solution. We achieved what we set out to do.

We have been able to reduce false positives in a number of ways. First, if there is a false positive, Bot Manager has features like Captcha so users can respond to that and we push them through to our site. There are also contact forms that are displayed to users so they can contact us and we can unblock them. In addition, we decreased the sensitivity of Bot Manager. We don't have it at 100 percent operational, but more like 90 percent. That way, we can accept some smaller bot scripts used by individuals for their own personal use.

Bot Manager has also helped a lot in freeing up our IT team because previously we had to coordinate several departments and people to analyze and find the scrapers, manually block ranges of IPs, check whether or not they were doing it again, and then again manually block them. That was happening on an almost daily basis and we don't do that anymore. That has been a great relief for all of us. It has freed up about 20 to 30 percent of our time, per person.

The most valuable feature is the bot management itself and the way it has stopped bots from scraping our site, with its AI mechanism.

Its ability to detect and mitigate bots is really good. It reacts pretty fast. We have never actually monitored whether it takes seconds or minutes, but it reacts, when monitoring, and deactivates bots. It takes some time because it has to learn the heuristic to determine whether or not it is a bad bot, but that is very acceptable to us.

Also, the Bot Manager portal is very easy to use. The user experience is good, with everything presented simply and intuitively.

We're missing links to their modules for installation and configuration. They have most of them available already, but there were situations for mobile applications that, when they released a new version, were not stable. We had to ask them to send a link by email, and that could be made accessible in the portal.

I would also like to see them implement exports of the reports.

I have been using Radware Bot Manager for about four years.

It's very stable.

They cover almost everything we need. They're more scalable than some of the competitors we talked to. We did increase our usage of the solution a few months ago with two partners in our sister companies. 

Their support is excellent.

There were several things that we asked them to integrate into the portal, and they did that in a reasonable amount of time. We can see that that portal is expanding and developing.

Positive

This is our first such solution.

It's not installed on our premises completely. It's on their infrastructure. We have integrated with it via a script and the data from our side is being sent to them.

I wasn't involved in the initial deployment, at the time, but I am familiar with it. It's not complex and it's not so simple that I could do it from my own computer. It does take several teams to coordinate things. However, it was pretty easy, with their support, and we got it done in a few days, from testing to production.

It is implemented on servers where we host our application, and the tool protects our users who are visiting our Classifieds area, and their content. Tool usage is handled by one person with assistance from developers and IT, when needed.

Bot Manager does not require any maintenance on our side.

While ROI is not something I take care of, our return on investment is that 20 to 30 percent of our time saved, freeing us up to do something better.

Our time to value with Bot Manager was pretty fast, about two weeks in total.

It is fairly priced.

In terms of additional costs, there is a fixed cost if you add the new dashboard. They have to configure it, but that is a one-time cost. When we were expanding protection to other portals at our sister companies, and those companies needed access, we had to create a new dashboard where they could see their data and not our data.

We did evaluate several other solutions, but I was not part of that project. I know the others were far more expensive, and we picked Radware because it seemed like the best buy, and we still believe that.

What I would say to someone who wants an anti-fraud solution but isn’t considering Bot Manager is that I don't think there is a valuable solution other than Bot Manager available. I would definitely recommend it, and Radware would be the first one I would recommend them to look at.

We have a website that is a loyalty program for several companies in Latin America. This includes retail companies and airlines, and we protect our website with a web application firewall and Radware Bot Manager. This solution has drawn our attention more than the web application firewall, as we usually receive more attacks from bots attempting to brute force an account and gain access to passwords. There are different types of bots, ranging from simple to sophisticated. Therefore, we protect our website from bot attacks with Radware Bot Manager.

Radware Bot Manager's capability to detect and mitigate bots in real time is excellent; we have never experienced a breach or an incident where the Bot Manager was unable to protect the application. We have had a few false positives.

The solution improved our organization by preventing attacks. We have not had an account compromised due to a bot obtaining a user's password, for example. The main benefit is that our customers' accounts are secure and private.

Radware Bot Manager helped reduce the number of false positives. A couple of years ago, we had a lot of false positives coming from a specific region that the Bot Manager was mistakenly identifying as malicious activity, but it was actually legitimate. We contacted Radware customer support and they assisted us in tuning the model-wide list and some of the IPs, eliminating the issue. Occasionally, we did still experience some false positives, but Radware support helped us reduce them. For example, there was a month where we had false positives for 15 consecutive days, but this was eventually reduced to zero. We no longer have any false positives.

The solution saved our IT teams around 30 hours a week because we don't need to manage these solutions ourselves.

Radware Bot Manager reduced our overhead costs.

The time to value was almost instantaneous. We previously had a retail website, which we no longer have. When we deployed Bot Manager for that website, we immediately noticed it was protecting the website from bot attacks.

The solution provides a rating of the sophistication of the bot attack. For example, the solution indicates whether it is a first or second-generation bot, allowing us to assess the level of sophistication of the attack. Additionally, we can view the public IP and region from which the attack originated. These are the most valuable features. I also appreciate the dashboard, which allows me to see how many attacks occur daily, as we are typically attacked daily.

The Bot Manager portal is very user-friendly. I often forget which portal is for the application firewall and which one is for the Bot Manager. It would be beneficial if Radware unified these into one portal or one URL with links to everything. Once we get there, it is easy to use and the graphics are intuitive. We can see the strengths of the attacks and a list of our protected applications. The Bot Manager portal is user-friendly, intuitive, and aesthetically pleasing.

The integration with Radware Cloud WAF is extremely easy.

It would be beneficial to have a link from the WAF to the Bot Manager portal available so we do not have to log in again.

I would like to receive alerts sent to the IT team responsible for website security. I am unsure if we do not use the feature or if the solution does not support it.

I have been using the solution for two and a half years.

We never have any issues, and Radware Bot Manager is 100 percent stable.

The scalability is excellent.

The technical support from Radware was good overall. We got the resolution we needed when we requested a call. Other IT providers usually only offer support through contact, but Radware made the call. Initially, the response time was slow, taking about six to eight hours to get a response. We gave Radware feedback and the response time improved. Now, when we open a case, we get better resolution times. However, the response time could still be improved, especially when dealing with urgent issues such as false positives. Nonetheless, the response time improved significantly.

Positive

Adding new applications to Radware Bot Manager is straightforward. We just need to provide a URL and add the name.

We pay a fair price for each application we wish to protect. However, it is not a speedy process to deploy another application or receive a quote; we must contact someone from Radware and wait for the quote, which usually takes some time.

I give the solution a nine out of ten.

We had an existing relationship with Radware for the web application firewall, and our security team had this requirement, so we began to use Radware Bot Manager.

We are in one location and we receive hundreds of thousands of web traffic daily from Latin America and the United States.

Radware Bot Manager does not require any maintenance.

I suggest researching the other leaders in the market to compare prices and features, but I am personally very satisfied with Radware Bot Manager, so I would not switch.

People should understand the different types of bots and how threats can be mitigated. My advice would be to gain a technical understanding of these threats and how the solution is used to secure our environment work so that we are not overwhelmed by concepts that we do not understand. We should document our cell phones against bot threats to gain a better understanding of how the solution provides value to our organization.

We use Bot Manager to protect our company's core application, website, and mobile app. The company uses Radware Application Protection with Bot Manager. The website uses Bot Manager to authenticate users. You can do manual authentication with the Google Authenticator application. Users can also log in using Facebook, Instagram, or a security ID.

Bot Manager is an excellent tool because bot-based threats are among the most difficult attacks on the Internet. Before Bot Manager, we were concerned about the viability of the website because we received so many attacks. Bot Manager helped us to get this under control and improved the availability of our web application.

Bot Manager reduced our false positive rate by around 80 percent. It significantly reduced downtime associated with attacks. We were getting constant attacks before Bot Manager and our website was timing out. In the Bot Manager portal, you can see the traffic and bots detected. It helps us determine the source of the attacks. 

Our most recent project is an authentication profile. We integrated our website and mobile app with SSL single sign-on. Bot Manager provides the infrastructure needed to support authentication. That is one project in which Bot Manager helped us reduce the security issues.

Bot Manager reduces overhead costs on infrastructure. If your website infrastructure scales automatically with traffic, a bot attack will cause you to add more servers. With Bot Manager, we don't need to modify DevOps to scale up. You don't need to spend money to add more servers. We save around $20,000 a month.

We've saved a lot of time using this tool. I open a case with hardware support, and they analyze the behavior of the traffic I capture. We can establish a rule to allow this traffic in specific cases. I save time because I don't need to spend time configuring the rules.

Bot Manager is an excellent tool for analyzing traffic to detect suspicious patterns. It uses artificial intelligence to identify malicious behavior. 

I would like more ability to configure custom rules. Currently, I need to open a ticket with support to request a specific rule that isn't available in the console. In some cases, I don't have visibility into the logs or they are too complicated to analyze. 

We have used Bot Manager for four or five years. 

Bot Manager is highly stable. 

Bot Manager is scalable. 

Radware support saved us time developing rules for specific behaviors or issues. They have a lot of experience in this.

Positive

Bot Manager is a cloud solution. We use AWS as our cloud provider. Our company has only one location in Europe, and we have one application serving as the front end of all our infrastructure. Only two people have access to the Bot Manager console, but we have a few million end-users. The solution requires no maintenance on our side. 

We didn't see value instantly because we had many false positives in the first two weeks, so we had to adjust the configuration. We contacted support to create some custom rules and allow some types of traffic. 

Bot Manager is expensive, but I think it has better value compared to Akamai. It's worth what we pay. 

I also tried Akamai Bot Manager. Radware is easier to administer and the interface is cleaner. 

I rate Radware Bot Manager an eight out of ten. It's simple to configure, and the support is excellent. You don't need to spend much time configuring the solution. You can typically configure one location in 15 minutes. 

Before we had the Radware services, we used another tool. It was not very good at understanding the bot traffic, and it couldn't really stop it. So, we had to utilize Radware for that.

It can categorize different bots, which is helpful because, initially, we were seeing large spikes in connection attempts. They were bots. Our assumption was they were all bad bots, but that's not necessarily true. There are many different services out there that are like aggregators collecting information on the internet. Understanding that there are good bots versus bad bots out there helps you to make different decisions. You definitely want good bots to come in, but you want them to be able to use only a certain threshold of bandwidth. That's a metric that we can set. So, it has definitely helped us to see what they are and how to limit their utilization against our site and then cut out the bad ones.

Bot Manager has helped reduce the number of false positives that our organization receives in response to attacks. As a part of the project, we did a lot of reporting to show the impact when we turn the services on. It was pretty staggering. There was a pretty big drop in terms of the bandwidth used and attacks on the site. The impact was huge. From about half a million connections a day, we brought them under a hundred thousand at that point. About 80% or higher of that was noise, where bots were just scanning our website and looking for flaws.

Bot Manager didn't reduce downtime associated with attacks, but there was a reduction in CPU, memory, and disk usage. We reduced the CPU, memory, and disk usage for those services because they weren't getting nearly as many connections. So, there are definitely cost savings.

There have definitely been time savings because I now just get alerts instead of having to go in and take action to see what was occurring. I get a few hours back a week instead of actively going out there looking for issues and taking care of them. I don't have to interact with them.

Previously, I was probably spending six to eight hours a week looking at the site trying to determine utilization. I don't have to do that anymore. I'm getting back six to eight hours a week, which comes out to be more than 800 hours for the past two years.

The Bot Manager crypto mitigation algorithm is a capability in there, and we do have it turned on. Essentially, what it does is that if anyone is trying to use bots in a malicious way to attack your service, it will essentially cause them to consume more resources in order to try to attack or do something against your site. It's an interesting concept. It has helped to reduce the number of bot attacks, but I don't have the metrics.

It's very good at categorizing the different types of bots, whether they're malicious or good. Bot is a very generic term. It could be good, it could be bad. Quite a lot of legitimate businesses are using bot-type services to just scrape the internet for information.

The Bot Manager portal is very easy to use now. When we first started, it was a separate portal. It was different. It's all wrapped into one now, so it's easy to use.

Bot Manager’s ability to detect and mitigate bots in real-time is very good. It has been very effective. We definitely see different bot types. It has done a good job of stopping them. We do get alerts that something has occurred, so it's an effective service.

It would be good to have more integrations. It's very hard to get data in and out of their portal. It doesn't have any integrations with any of our tools, such as our SIEM tool. It only depends on emails. Having that tied into the warehouse, SIEM,  and maybe our on-call tools would be very helpful because it would just give us a holistic picture of everything.

The Bot Manager portal sometimes doesn't refresh correctly. There are cosmetic issues that can be improved on. 

I have been using this solution for two years.

It has been great. It has been a very good service. Never had a problem with it. Never had an outage. I'd give it a pretty good rating.

We haven't had any performance issues due to scalability. It has done a good job.

We have contacted them a lot. When tools are new to us, there are a lot of questions. While we were doing the implementation, the bot service used to be a separate portal, and then they rolled it into the Cloud WAF portal. It's a unified portal. During that time frame, there were a lot of issues where something was no longer available in the portal and moved somewhere else. We had questions about their migration to the new portal, and then we just had questions about any issues that we had with the service or the way they implemented the application, such as what was your intent or what am I supposed to do in the situation. They were good. I'd rate them an 8 out of 10.

Positive

Azure has some built-in native capabilities, but they're not great. It's called Azure Application Gateway, but it's not nearly as good as what Radware offers.

The protection capabilities against attacks are very good inside of Radware. It can definitely categorize an attack and determine the attack type. I can easily see what the attack is. It can tell me a little bit about the client that's trying to connect, whereas none of that was available in Azure Application Gateway. It was even hard to get a user agent type. That's a basic capability.

It's straightforward. You have to work with the engineer you are assigned by Radware. It works great when you have someone like a project manager and someone from the technical side to do the implementation. 

Bot Manager is integrated with our WAF. They weren't integrated natively. We had to integrate them. When we first initially launched, we turned on the Cloud WAF, which gave us some visibility, and then the next step was to turn on bot protection. We tried to turn them on piecemeal so that we could understand the impact it caused on the application and what kind of traffic it was modifying.

We had two people involved in its implementation.

Its time-to-value was immediate. Once we enabled those services, it definitely cleared out all of the attacks where the traffic was not customer based or that didn't need to be there and served us no value.

We did demos of the Citrix, Imperva, and Azure products.

To someone who wants an anti-fraud solution but isn’t considering Bot Manager, I'd say that it really comes out of visibility in the tool. In our case, we can show the metrics of our typical website application usage and then the significant decrease in traffic after the Bot Manager service. There was a significant decrease in traffic that was not just bots. That was not related to any type of customer. We filtered it down to just what our core customer usage is, and having that data helps a lot because otherwise, you just make assumptions that all those connections 24/7 are legitimate usage patterns, but they're not. So, it has a lot of value.

I'd definitely recommend utilizing such a service, whether it's Radware or anyone else. It definitely provides a lot of business value. You cut down on all of that noise and traffic and protect your resources from malicious traffic. It's definitely worth the time and effort.

Our experience with Bot Manager has been very good. It served the reason we bought it, and it's doing its job from a scalability, performance, and reliability perspective.

Overall, I'd rate it a 10 out of 10.

We use this solution for bot mitigation. We run a dedicated server to manage a high-traffic website that draws a lot of attention from bots.

Bots have become more prevalent and insidious over the years. We use ShieldSquare as a gateway to filter traffic, letting the good bots and real users in while keeping the bad bots out. There are webmasters who do this manually, but we don't want to spend our time doing that kind of whack-a-mole. The other big upside is in preventing scrappers. We publish a lot of original content, and without this protection, there is a feeding frenzy on it that could result in search engines listing the scrapper sites higher with our own content.

The reporting is excellent, providing a nice overview of what's coming at us. Along with Google analytics, it helps us get an understanding of our traffic. We've also found the whitelist feature handy, which allows us to crawl our own site without being blocked.

This is always evolving, but somehow quarantining bots or sticking them in a honeypot so they can't pound the API would be helpful. The bots, of course, are always evolving.

I have been using this solution for about nine years.

I haven't had a problem with any downtime.

We've had to scale it up, and it was not a problem.

It's been excellent. The recent support was very helpful.

We did this ourselves using firewalls and other tools, but it proved a losing battle.

The initial setup for us was a long time ago. I remember it requiring a bit of effort, but getting the help we needed.

We implemented this solution in-house.

I can't provide a solid number, but for what we save in resources and what we get from listing protection, it is certainly worth it.

We didn't hit any traps. This company has been very honest and helpful. I'd suggest letting them make recommendations.

We evaluated solutions a while ago, but I think we looked into Incapsula and a few others.

They've been great during transitions, like when we've had to move servers. Thye provided excellent support. They're very tenacious about getting problems solved, even when it means digging deep.