Radware Bot Manager Reviews

We use Radware Bot Manager for protecting against bot attacks, specifically to distinguish between bot attacks and legitimate traffic.

From speaking with the team, Radware Bot Manager was easy to deploy when we started using it. From my own observation, the solution is effective at detecting bot attacks and has quick learning algorithms that automatically adjust to perform necessary tasks. Since implementing Radware Bot Manager, we've seen fewer attacks and improved the ability to distinguish between bot attacks and legitimate traffic.

The typical use cases for Radware Bot Manager involve ensuring that web scraping and data exfiltration is not that easy, and also identifying source IP addresses or which users are doing the scraping.

The best features of Radware Bot Manager, as a client, include the reporting because it is easy to understand, easy to read, and easy to get developers or system engineers to understand what they need to implement to secure either a web form or an API, anything similar to that.

Radware Bot Manager has positively impacted our organization because we had masses of scans that took place against certain addresses, allowing us to identify those either good or bad. For instance, when the marketing team contacted a scraping company to get more clicks to the website without informing the technical team, we were able to block the source IP address and the marketing team then started collaborating with the development and operational teams to ensure that the correct information is passed on to engineers to get it.

We are a company that serves clients like Telmex and Telcel. We use Bot Manager to defend their sites from threats that focus their attack on automated processes that try to achieve denial of service or consume platform resources. Our use case is to protect these sites and ensure the services are continuously working and available to real users.

Bot Manager has made mitigation more efficient. Our services are up longer with much fewer outages. For example, Telmex had serious problems because of automated attacks, and implementing Radware increased uptime by 80 percent. Before we implemented the solution, the servers were often down. When the attacks began, the servers had too many requests to handle, and implementing Radware improved it considerably. Since then, we've had a couple of strong events, but Radware's implementation of D2 web technology improved its ability to contain denial-of-service at layer seven, the request level.

The learning period helped catalog all those false positives. We make good use of this learning period. Radware's analysis is quite good. We put all the events on the table, and together with the end customer, we decided on the tuning and the deduction. False positives reduced. When you take the time to learn, consult with the client, and do the entire process well, false positives are lowered. I believe they’re reduced by approximately 80 percent.

The issue is that many clients do not want to adopt this learning process. They have the vision of a traditional firewall where you install the product and solve the issue. If you follow the process and let the manufacturer analyze all the requests and decide what a false positive is, the tool works much better. We have clients who do not take this learning time, and that is where we have a higher rate of false positives. We have to work together with them and add more policies. 

Bot Manager reduces the downtime associated with attacks, especially targeted attacks. The tool contains well, and that containment allows us to continue the operation without setbacks. We avoided 80 to 90 percent downtime. When the tool is well-tuned and working well, it is quite efficient. The truth is that ever since we activated Radware’s portal, I have had two or three events.

We have several web applications, mobile apps, and APIs. Bot Manager helps us protect against automated threats. The solution protects us in a few ways. It uses Collective Bot Intelligence to protect us against critical risks like DDoS attacks, payment fraud, web scraping, etc. Bot Manager is part of a suite of Radware products we use, including DDoS, Layer-7 DDoS, and API protection. 

Radware Bot Manager is effective and comprehensive. Its protection of native iOS and other mobile applications is fast. It provides high-performing protection against any identity-based, tampering, spoofing, or other attacks.

These days, web applications are attacked often, which is why we deployed Radware WAF. The solution gives us a complete set of tools, including Radware Bot Manager. It's a crucial component of our application security. Having this integrated solution has helped our organization significantly.      

Our false positive rate has improved by about 20 to 25 percent since we began using Bot Manager a year ago, and it keeps improving. Bot Manager has helped us to avoid downtime, which can result from various types of attacks. We haven't experienced any downtime since implementing Bot Manager.

Before we implemented Bot Manager, our security teams struggled to keep these applications protected. Once we implemented online protection, we gained peace of mind, and it freed us to work on other things. People can spend more time on something else instead of managing the hardware application protection.

We previously incurred a lot of overhead trying to protect our applications. Implementing Bot Manager helped to reduce the overhead because we have a complete system for protecting the users and ensuring that the application is running fine. 

Radware Bot Manager helps us detect and manage bot traffic. We also use Radware's AppWall as well as their DDoS and DLP solutions. Bot Manager is deployed at branch offices and our corporate headquarters. The solution covers around 1,000 users. 

We've reduced our false positives with Bot Manager by about 20 percent using custom rules. The solution uses machine learning to help it analyze user behavior and distinguish between humans and bots. It has helped us save time and money.

We have a website that is a loyalty program for several companies in Latin America. This includes retail companies and airlines, and we protect our website with a web application firewall and Radware Bot Manager. This solution has drawn our attention more than the web application firewall, as we usually receive more attacks from bots attempting to brute force an account and gain access to passwords. There are different types of bots, ranging from simple to sophisticated. Therefore, we protect our website from bot attacks with Radware Bot Manager.

Radware Bot Manager's capability to detect and mitigate bots in real time is excellent; we have never experienced a breach or an incident where the Bot Manager was unable to protect the application. We have had a few false positives.

The solution improved our organization by preventing attacks. We have not had an account compromised due to a bot obtaining a user's password, for example. The main benefit is that our customers' accounts are secure and private.

Radware Bot Manager helped reduce the number of false positives. A couple of years ago, we had a lot of false positives coming from a specific region that the Bot Manager was mistakenly identifying as malicious activity, but it was actually legitimate. We contacted Radware customer support and they assisted us in tuning the model-wide list and some of the IPs, eliminating the issue. Occasionally, we did still experience some false positives, but Radware support helped us reduce them. For example, there was a month where we had false positives for 15 consecutive days, but this was eventually reduced to zero. We no longer have any false positives.

The solution saved our IT teams around 30 hours a week because we don't need to manage these solutions ourselves.

Radware Bot Manager reduced our overhead costs.

The time to value was almost instantaneous. We previously had a retail website, which we no longer have. When we deployed Bot Manager for that website, we immediately noticed it was protecting the website from bot attacks.

Before we had the Radware services, we used another tool. It was not very good at understanding the bot traffic, and it couldn't really stop it. So, we had to utilize Radware for that.

It can categorize different bots, which is helpful because, initially, we were seeing large spikes in connection attempts. They were bots. Our assumption was they were all bad bots, but that's not necessarily true. There are many different services out there that are like aggregators collecting information on the internet. Understanding that there are good bots versus bad bots out there helps you to make different decisions. You definitely want good bots to come in, but you want them to be able to use only a certain threshold of bandwidth. That's a metric that we can set. So, it has definitely helped us to see what they are and how to limit their utilization against our site and then cut out the bad ones.

Bot Manager has helped reduce the number of false positives that our organization receives in response to attacks. As a part of the project, we did a lot of reporting to show the impact when we turn the services on. It was pretty staggering. There was a pretty big drop in terms of the bandwidth used and attacks on the site. The impact was huge. From about half a million connections a day, we brought them under a hundred thousand at that point. About 80% or higher of that was noise, where bots were just scanning our website and looking for flaws.

Bot Manager didn't reduce downtime associated with attacks, but there was a reduction in CPU, memory, and disk usage. We reduced the CPU, memory, and disk usage for those services because they weren't getting nearly as many connections. So, there are definitely cost savings.

There have definitely been time savings because I now just get alerts instead of having to go in and take action to see what was occurring. I get a few hours back a week instead of actively going out there looking for issues and taking care of them. I don't have to interact with them.

Previously, I was probably spending six to eight hours a week looking at the site trying to determine utilization. I don't have to do that anymore. I'm getting back six to eight hours a week, which comes out to be more than 800 hours for the past two years.

The Bot Manager crypto mitigation algorithm is a capability in there, and we do have it turned on. Essentially, what it does is that if anyone is trying to use bots in a malicious way to attack your service, it will essentially cause them to consume more resources in order to try to attack or do something against your site. It's an interesting concept. It has helped to reduce the number of bot attacks, but I don't have the metrics.

We use Bot Manager to protect our company's core application, website, and mobile app. The company uses Radware Application Protection with Bot Manager. The website uses Bot Manager to authenticate users. You can do manual authentication with the Google Authenticator application. Users can also log in using Facebook, Instagram, or a security ID.

Bot Manager is an excellent tool because bot-based threats are among the most difficult attacks on the Internet. Before Bot Manager, we were concerned about the viability of the website because we received so many attacks. Bot Manager helped us to get this under control and improved the availability of our web application.

Bot Manager reduced our false positive rate by around 80 percent. It significantly reduced downtime associated with attacks. We were getting constant attacks before Bot Manager and our website was timing out. In the Bot Manager portal, you can see the traffic and bots detected. It helps us determine the source of the attacks. 

Our most recent project is an authentication profile. We integrated our website and mobile app with SSL single sign-on. Bot Manager provides the infrastructure needed to support authentication. That is one project in which Bot Manager helped us reduce the security issues.

Bot Manager reduces overhead costs on infrastructure. If your website infrastructure scales automatically with traffic, a bot attack will cause you to add more servers. With Bot Manager, we don't need to modify DevOps to scale up. You don't need to spend money to add more servers. We save around $20,000 a month.

We've saved a lot of time using this tool. I open a case with hardware support, and they analyze the behavior of the traffic I capture. We can establish a rule to allow this traffic in specific cases. I save time because I don't need to spend time configuring the rules.