IT Central Station is now PeerSpot: Here's why

R&S Web Application Firewall (DenyAll) OverviewUNIXBusinessApplication

Buyer's Guide

Download the Web Application Firewall (WAF) Buyer's Guide including reviews and more. Updated: June 2022

What is R&S Web Application Firewall (DenyAll)?

Beyond the basic capabilities of traditional negative and positive security models, DenyAll’s scoring mechanism, user behavior tracking and advanced detection engines deliver best-of-breed security that won’t let you down. None of our customers have made the headlines with security breaches.

Web Services and automated machine-to-machine communications support business processes, internal and with ecosystem partners that are often critical. DenyAll makes it easy to optimize and secure these XML-based data flows, with capabilities found in no other WAF or SOA Gateway.

R&S Web Application Firewall (DenyAll) was previously known as Rohde & Schwarz Web Application Firewall, R&S WAF, DenyAll Web Application Security.

R&S Web Application Firewall (DenyAll) Video

Archived R&S Web Application Firewall (DenyAll) Reviews (more than two years old)

Filter by:
Filter Reviews
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
Filter Unavailable
Filter Unavailable
Order by:
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Showingreviews based on the current filters. Reset all filters
SeydouSidibe - PeerSpot reviewer
General Manager at 3R Technologie
Real User
Geo-localization and IP reputation help to keep our clients secure and more available
Pros and Cons
  • "The three most valuable features that I noticed are the geo-localization of the user, the IP reputation, and the compartmental analysis."
  • "The area that should be improved is licensing."

What is our primary use case?

One of our customers needed to publish a web application. Since the customer had a platform that included a Hyper-V cluster, we chose the virtual version of the appliance. We have deployed the WAF (web application Firewall) in reverse proxy mode to protect the published web application with the WAM, two-factor authentication module, Advanced API protection, and IP reputation control. The difference between R&S and the other known WAF solutions is the fact that we can set it up as granularly as we want. In the IP reputation setting, we can define the amount of credibility of the reputation of the IP we want. In some other WAF products, we don't have the same degree of choice. We only have a checkbox to include IP reputation.

How has it helped my organization?

By publishing the application without fear, my customer has created new revenue by making the website available anytime and anywhere. We noticed a net growth of the business and strong availability of the application. Compared to the previous solution, the application is more available and we noticed a growth of customer satisfaction. This is made obvious by the fact that some of the visitors come more often and spend more time on the application. Consequently, our customer has decided to deploy more applications on the same server.

What is most valuable?

The three most valuable features that I noticed are the geo-localization of the user, the IP reputation, and the compartmental analysis. When browsing the website, the WAF can follow all of the activities of a user and continuously adjust the rate. If a user is identified as an attacker then the WAF is able to send a captcha or a two-factor authentication key to the user to solve. If answered correctly then the user can continue surfing on the website. Otherwise, they can be temporally or permanently blocked, depending on the granularity setting.

What needs improvement?

The area that should be improved is licensing. When using an active/passive cluster, we have to pay 70% of the master appliance and license for the passive server that does not work. Since we know that only one server works at a time, we should pay only one license for the appliances and for the support as well. In my opinion, this has to be improved. If possible, the client software should be a web application instead of downloading software for the management. This can avoid login problems when they update or patch. 
Buyer's Guide
Web Application Firewall (WAF)
June 2022
Find out what your peers are saying about Rohde & Schwarz, Fortinet, Imperva and others in Web Application Firewall (WAF). Updated: June 2022.
610,518 professionals have used our research since 2012.

For how long have I used the solution?

I have been using the R&S WAF for more than three years.

What was our ROI?

The ROI is very nice.

Which deployment model are you using for this solution?

Disclosure: I am a real user, and this review is based on my own experience and opinions.