Radware Cloud WAF Service Reviews

We are using Radware Cloud WAF Service to prevent our applications from attacks, such as DDoS and other attacks.

Using Radware Cloud WAF Service has saved us considerable time. It provides good visualization and traffic information, saving around four to six hours for investigating logs whenever we try to pull logs from any other tools.

Radware Cloud WAF Service is quite effective for blocking unknown threats and attacks. We have 10 to 15 applications onboarded with Radware, and it has proven to be good at blocking threats from external sources. 

Radware Cloud WAF Service is able to protect against zero-day attacks. They are committed to preventing any potential attacks. It has the capability to analyze behavioral patterns, which allows them to implement preventive measures. I have received notifications from Radware confirming that they are fully optimized to address zero-day vulnerabilities at this time.

Radware Cloud WAF Service allow us to directly filter the data from whatever attack was performed, so we can directly filter the attack details from the event viewer section, which is very helpful to us. Another module that I appreciate about Radware Cloud WAF Service is that it provides custom port security. The other tools are not providing the custom port feature where Radware Cloud WAF Service is providing, and it will be very helpful to us.

The automated analytics for looking at events in Radware Cloud WAF Service are working for us; the automatic event correlation is very beneficial to analyze how the alerts and events occur and visualize the patterns of network traffic and other traffic going in and out from the application via Radware Cloud WAF Service. 

The combination of negative and behavioral-based positive security models is important for our security strategy; since most of our applications work internally, behavioral-based analytics helps us address issues where methods such as POST and GET are not functioning, so we raise concerns with our internal team to whitelist applications, thus helping reduce blocking of traffic in our environment.

Radware Cloud WAF Service is effective, particularly in the custom service it provides and its capabilities in DDoS protection and bot manager facilities, making it effective for validating the correlation part of incidents.

Regarding areas in Radware Cloud WAF Service that have room for improvement, one thing we observed was that we received a notification where Radware Cloud WAF Service stopped working properly in our cloud environment without any prior notification. We got the alert around one and a half hours after the event occurred, so I would suggest that they should notify customers in such scenarios.

I have been using Radware Cloud WAF Service for three to four years.

The stability of the Radware Cloud WAF Service rates around nine out of ten.

The scalability of the Radware Cloud WAF Service deserves a full ten, as it is definitely scalable.

Organization-wise, we have more than 100 users using the service currently.

The technical support for Radware Cloud WAF Service rates 10 out of 10; whenever we require support, it is perfectly timely.

Positive

The deployment method of the Radware Cloud WAF Service is very easy; since most of our applications operate on custom ports, it helps us integrate and onboard them securely.

The solution does not require any maintenance from our side.

I am not directly looking into the integration aspect of the Radware Cloud WAF Service, but I have discussed it with other team members who might be using the integration part to collect logs from Radware Cloud WAF Service to get correlation and alert triggers for incident management tools such as ServiceNow and Sentinel, but they are not using it frequently or fully optimized currently.

We have discovered bot traffic involving attacks such as SQL injection. Radware's Bot Manager is working to prevent such attacks, especially with SQL injection and XSS attempts from outside entities. Regarding compliance with PCI DSS, we don't have any issues currently; we are also compliant with ISO 27001, and our applications onboarded on the Radware Cloud WAF Service operate without compliance issues.

We are using the web DDoS protection such as HTTP, L7 in the Radware Cloud WAF Service, and it is effective for us; we experienced an attack from the external side last month, which Radware Cloud WAF Service effectively prevented. 

Overall, I would rate the Radware Cloud WAF Service a nine out of ten.

My use case for Radware Cloud WAF Service is to block all IPs and geo-locations that are not required in the organization.

Blocking based on geolocation is very helpful.

The automated analytics for analyzing events are beneficial for automation and make it easier for analysts working in the SOC. It is useful for analytical purposes as it helps us understand how we can perform various activities that Radware Cloud WAF Service belongs to.

Radware Cloud WAF Service has reduced our false positive rate by more than 50%. Regarding the blocking feature, Radware Cloud WAF Service is one of the best tools as we can easily block and reduce our alerts through IP blocking. We utilize CDN services with Radware Cloud WAF Service, and although it was initially challenging to understand, once we grasped it, it became easy for us.

I am using web DDoS protection with Radware Cloud WAF Service, and it is a very good product for protecting our businesses. The WAF protection is excellent and does not require any improvements as it is already working effectively and is executable. Radware Cloud WAF Service is really good for protecting against zero-day attacks as it protects our organization and businesses effectively. For patching purposes, once a zero-day attack has been exploited, we can block some geo-locations to prevent other attackers from targeting us.

Compared to other Cloud WAFs, Radware Cloud WAF Service is one of the best since it blocks for protection purposes within 15 to 20 minutes when we raise an incident, while it takes longer for others to implement geo-fencing and related protections.

The area that can improve with Radware Cloud WAF Service is the speed at which they block geo-fencing and IP for P1 cases, which currently takes about an hour. If they could reduce that to ten to 15 minutes, it would be easier for us.

I have been using Radware Cloud WAF Service for one and a half years.

I rate the stability of Radware Cloud WAF Service as ten out of ten, as there are no glitches, and when they occasionally happen, they notify us, making it easier than other services.

More than 500 users are using Radware Cloud WAF Service.

I would rate the technical support as ten out of ten.

Positive

I find the solution easy to deploy.

The pricing is moderate, making it affordable for any business and not overly costly.

I definitely recommend Radware Cloud WAF Service products to other users as it is comparatively good, not very costly, and the service they provide is among the best. 

I rate this solution ten out of ten.

My use case for the Radware Cloud WAF Service involves monitoring it as I am on a Security Operations Center team, and we have to monitor the traffic for any potential threats. We just monitor that for the onboarded sites.

The combination of negative and behavioral-based positive security models is very important for the security strategy of every organization, making it important to adopt this strategy.

We are using the automated source blocking feature as it blocks whenever high-volume traffic is detected on any attack side. The proactive and holistic approach based on cross-module correlation has been effective in protecting applications. We have integrated Radware with many applications, and Radware is more positively effective compared to others.

In terms of threat management, the real-time BLA detection and mitigation from Radware Cloud WAF Service effectively detects bot traffic and mitigates it by recognizing the traffic patterns from bots. For customers using the PCI DSS 4 extension compliance, Radware Cloud WAF Service helps to remediate vulnerabilities by providing scores based on the application's vulnerability scans conducted periodically, thereby assisting in reducing vulnerabilities and achieving higher scores.

The best features of Radware Cloud WAF Service are the auto-mitigation and detecting web application vulnerabilities from the OWASP Top 10 and the DDoS protection. The AI feature is newly introduced. What makes the Radware Cloud WAF Service effective is the auto-mitigation features, and it balances the load of the website. Due to the WAF, the applications won't be getting any impact from threats or attacks.

Radware Cloud WAF Service has saved a lot of time. Before integrating any applications, there was no security, maybe just local website firewalls which were not very effective, but once we onboarded the Cloud WAF, it became a lot easier to manage threats. It saves approximately 60% of my time.

For areas of improvement in Radware Cloud WAF Service, support and analytics need to improve in a way that first-time users can easily navigate through every detail. Regarding the automated analytics for looking at events in the Radware Cloud WAF Service, analytics could be easier. While we are used to Radware Cloud WAF and find it easy to navigate through the analytics and analyze traffic, for any new person, it could be more complex to understand.

I have been using the Radware Cloud WAF Service for more than three years.

I would rate the stability of Radware Cloud WAF Service as an eight out of ten.

I would rate the scalability of Radware Cloud WAF Service as a seven out of ten.

I would rate the support from Radware Cloud WAF Service a seven out of ten.

Positive

It saves about 60% of time.

Regarding pricing, Radware Cloud WAF Service is cheaper than other products. It is affordable and positioned at an average cost, not too high or too low.

When comparing Radware Cloud WAF Service with other WAF software such as Akamai, there are limitations, as Akamai runs on an edge-based model, while Radware offers cloud, on-premise, and hybrid options.

We are using web protection, which is a part of the Radware Cloud WAF Service. Regarding web protection, we are onboarding applications specifically for website protection. 

Regarding zero-day attacks, the Cloud WAF is actually quite effective. According to Radware's documentation and guides, it learns from every piece of traffic received by an application. This means it can analyze the traffic from each application and related traffic, allowing it to identify and block potentially harmful traffic. Overall, it’s a good solution.

Radware Cloud WAF Service is easy in terms of auto-mitigation, though some features are complex for first-time users, but once you get used to it, it becomes easy.

I would rate Radware Cloud WAF Service an eight out of ten.

We are choosing Radware Cloud WAF Service over traditional WAF because it has API first behavioral protection, advanced bot defense, and layer 7 web DDoS capability. It was chosen because of the hybrid and Cloud native app environment. For internal and external customers, we have approximately 1300 plus customers in our data center colocation, and all of them are using Radware Cloud WAF Service.

There are various use cases for Radware Cloud WAF Service. One is about securing public-facing portals, internal applications, and APIs, including REST API and GraphQL API. The deployed assess provides services to internal IT customers and external customers. This WAF is configured in reverse proxy mode plus API security module, and it is integrated with CI/CD pipeline for secure application development.

We have been using Radware Cloud WAF Service as it supports integration with CDN services such as Akamai, Cloudflare, and AWS CloudFront. Radware has CDN nodes for optimized delivery and protection. However, we have been using AWS CloudFront currently, but I'm in discussion with the Radware team about acquiring more Cloud WAF licenses, along with Cloud DDoS, to enhance Cloud DDoS protection capability. They have recently launched Cyber Controller Plus, so I'm going to procure Cyber Controller Plus.;

Automatic API discovery and schema validation is something we have appreciated about Radware Cloud WAF Service. It has automatic API discovery, protection against injection, abuse, and credential stuffing. It also has token-based authentication and enforcement, along with rate limiting. Bot and threat protection is another excellent feature.

It eliminates manual API inventory and documents and streamlines the security policy creation. It reduced the work for developers and the SOC workload because with a large SOC team, it helped to offload and eliminate overhead costs, providing SOC people with better resources.

Automatic threat detection in blocking and detecting without manual intervention is essential. Scalability is another benefit because it has Cloud native architecture. Cloud native architecture is readily scalable, requiring no hardware maintenance.

I see areas in Radware Cloud WAF Service for improvement, specifically in its initial tuning period, because the machine learning model takes two to three weeks for baseline behavior establishment. Closely monitoring alerts during this period is essential to avoid false positives. 

There's an alert noise issue; during the early stages, we received a high volume of alerts for minor issues, requiring collaboration with the SOC team to fine-tune thresholds and concentrate on genuine threats. 

The documentation is not up to par, as while the platform's system is robust, the documentation, particularly for API integration, could be more developer-friendly with real-world use cases.

We have been working with Radware Cloud WAF Service for almost four and half to five years now.

My experience with the technical support of Radware Cloud WAF Service is that they are excellent, and I have established a strong relationship with the executive leadership up to Roy, the CEO. They provide excellent support.

My experience with the pricing, setup costs, and licensing of Radware Cloud WAF Service is positive because I'm a Radware shop. I have all the Radware products, so my feedback is purely positive.

I have seen a return on investment with Radware Cloud WAF Service since I have been providing support and selling it as a service to customers.

When looking into Radware Cloud WAF Service, I evaluated F5 and Fortinet as other options.

We have been using many products provided by Radware. API discovery in Radware Cloud WAF Service was straightforward. Although initially, our people were new to Radware, and we had some challenges in the initial phase with false positives and early learning phases, especially with custom applications. Over time, with its intuitive UI, we were able to implement it quickly; my team learned and started working on it.

Radware Cloud WAF Service is integrated with SIEM and our SOC team of 75 people. Initially, during the early phase, false positives were common because SIEM was learning the traffic pattern, monitoring the logs, and adjusting the sensitivity. We accomplished policy tuning efficiently by manually fine-tuning the security parameters after analyzing the pattern and adjusting the threshold to reduce noise.

Radware Cloud WAF Service has been doing excellent work in protecting against zero-day attacks. We are using the automated source blocking feature. It has significantly helped our compliance efforts and helps maintain business continuity with its DDoS protection capabilities, which we utilize through real-time behavior-based detection using machine learning.

I rate Radware Cloud WAF Service eight out of ten.

My use case for Radware Cloud WAF Service is for blocking malicious IP addresses.

Radware Cloud WAF Service blocks threats effectively, providing a comprehensive report that shows the traffic and denied traffic from malicious IPs or specific countries, so I am satisfied. 

Radware Cloud WAF Service has reduced the false positive rate, and it's beneficial for our organization. By using Radware Cloud WAF Service, 30% to 40% of false positives are reduced.

For zero-day attacks, Radware Cloud WAF Service integrates threat intel, which detects anomalous traffic and blocks it automatically, preventing attackers from entering our organization or attacking our domains. Source blocking is effective because it has good capability to handle things automatically without human intervention, as a human cannot handle all the alerts and traffic.

The real-time BLA detection and mitigation of Radware Cloud WAF Service strongly performs to mitigate and take action against contamination. Radware Cloud WAF Service is quite effective and handles all traffic to HTTP or HTTPS effectively.

My organization is quite large, so we have to monitor activities promptly. Since it's not possible for a human to detect and address every threat, we implemented Radware Cloud WAF Service, which automatically detects and prevents DDoS threats and traffic without human intervention, making it better for us and protecting our organization.

With the automated analytics of Radware Cloud WAF Service, if multiple logins occur from the same malicious IP in the same pattern, the AI automatically recognizes it and takes the appropriate action, such as blocking or allowing, which is beneficial for us.

Improvement areas could be some of the AI capabilities related to false positives. The required IP addresses sometimes get blocked, so that needs to be enhanced. The AI recognizing features can be improved. Recognition aspects could be refined; it's performing at almost 99%, so there's a small margin for improvement.

I have been using Radware Cloud WAF Service for three years in my organization.

It is stable. I would rate it a ten out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

We have about 35 users working with this solution.

I would rate their customer support a ten out of ten.

Positive

It is easy. It takes 10 to 15 days.

The pricing for Radware Cloud WAF Service is moderate; it's not expensive. We can't say it's low and we can't say high; it's moderate, and I got that perfect point.

It is easier to use with a moderate cost than others.

To assess Radware Cloud WAF Service for blocking unknown threats and attacks, we have found that if an IP is identified as malicious, we can block it, and we utilize the graph chart provided. Using the CDN with Radware Cloud WAF Service is easy to implement and use; it's not a headache for us.

I would rate Radware Cloud WAF Service a nine out of ten.

I am using Radware Cloud WAF and have been using it for the last five years. Recently, I considered deploying Radware Discovery API. I have taken a proof of concept of Radware Discovery and plan to onboard it in the next one or two months. 

Additionally, it is essential for reducing DDoS attacks within my organization.

We have had a very good experience with Radware Cloud. It has significantly reduced attacks on our applications. All our critical applications are onboarded to Radware, which uses AI to automatically learn behavior patterns and refine security policies. 

It also provides comprehensive protection against the top ten web application security risks. Importantly, we have not experienced any zero-day attacks because Radware Cloud offers protection against emerging threats. The Emergency Response Team is very active, and I consistently receive excellent responses from them.

It's a very comprehensive and user-friendly solution. It's easy to implement and integrate. We also have found it's easy to reach support if we need help.

The solution has helped us enhance our cyber security posture. It's good for data protection. We've been able to protect our public-facing infrastructure.

We haven't had any incidents or compromises in the entire three years we've used Radware.

The Cloud WAF Service blocks unknown threats and attacks effectively.

The analytics are very good.

The API discovery feature is very helpful, and end-to-end API protection is useful. Everything is encrypted to ensure effective protection. We get Layer 7 protection from it.

The API discovery is a very useful feature. It is easy to use. A few months before, I did a demo to learn more. We can see which APIs are being used or not. It helps us discover and remove unused APIs. In our case, we found 20 APIs that were not used by the team.

We use the CDN features. It's pretty easy to use the combination of CDN and Cloud WAF. It helps your Radware Cloud connect with the nearest server or the Redware server. We have multiple servers worldwide, so this is useful for us.

Integration is very easy. Sometimes, we have 10 to 15 applications hosted on the cloud. It's very easy to add applications. It's not complicated.

From the Radware cloud, it's integrated with our SOC. All the logs are received by the SOC.

An area of improvement is the visibility at the attack level. Management often asks for detailed reporting on attacks such as botnet and zero-day attacks, including the number of attacks within a month, week, or day. Improving dashboard capabilities to provide this information clearly for management is crucial.

They need to improve their reporting. We need to present our management with reports and we need better options for reporting. They don't want lengthy reports. They need something that is one to two pages and includes everything - a more high-level document with the most important information.

I have been using Radware Cloud WAF for the last five years.

I give the stability a score of 9.5 out of ten. I have never encountered downtime, maintenance-related issues, or latency. As a network and cybersecurity specialist, this provides me with peace of mind.

The scalability is fine. We haven't faced any issues.

The support provided by Radware's Emergency Response Team is excellent. They respond promptly to any queries or concerns raised via the hardware portal according to SLA expectations. The responses are satisfactory. Although I have not required much support in the past five years, whenever I did, I received answers to my queries.

Positive

I did not use a different solution previously.

The initial setup was straightforward. We onboarded critical applications in a prioritized manner, starting with the most critical and gradually moving to the others. The setup process was smooth, and we were able to get visibility from the applications post-onboarding.

I am not involved in purchasing or negotiating pricing, as this is done by our material team. My role is to recommend the products we need. The material team discusses with partners and determines the appropriate pricing.

I rate the overall solution a nine out of ten. By not giving a perfect score, I recognize that there is room for improvement, which is crucial for fostering development. It is essential for Radware to continue improving and researching advancements needed to enhance customer experience.

We are a Data Center company with a lot of internal applications and customers. Our primary use case is to protect all internal applications hosted on Public Cloud with Radware Cloud WAF. This protection is crucial for safeguarding our customers' applications from external threats and ensuring high availability and security.

The most important aspect of Radware Cloud WAF is that it is over the cloud, offering a comprehensive solution that includes WAF, API protection, bots, and Layer 7 DDoS. This combination efficiently blocks a large number of unknown threats and ensures high security and uptime for our internal applications as well as our customers' applications, making it a revenue-generating tool. Cloud WAF provides excellent analytical dashboards that allow us to report, track, and resolve many issues quickly.

The reporting features could be more intuitive with more real-time monitoring, which would help make faster decisions. While false positives have reduced by 35%, more granular control can simplify it for new users. The initial complexity should be reduced to make it simpler for new customers. Furthermore, support staff needs to be more proactive so that issues can be resolved at lower levels without escalation.

I have been using Radware Cloud WAF for four years.

There has been downtime only once in the last year. Otherwise, the product has been stable.

Since it's a Cloud WAF, it is always scalable. We can subscribe to more applications and protections as needed.

We have ERT premium support with a five-minute SLA, and the service has been reliable. We have additional support from Radware management. The quality of support is excellent, and we haven't faced any major issues.

Positive

Previously, I used to work with F5 WAF in my earlier company, not the current one.

The initial setup was complex and took a long time to complete.

We used a dedicated team for deployment as we wanted to train our team thoroughly.

Radware Cloud WAF has helped reduce false positives and efforts, which in turn, improved the total cost of ownership by freeing up time to focus on other projects.

Pricing could be more competitive, especially for smaller customers. However, the technical excellence of the product balances out the pricing aspect.

Earlier, I used F5 WAF in a different company.

Overall, I would rate Cloud WAF nine out of ten. 

Despite its initial complexity, the product is a one-stop shop for our cloud security needs. It integrates well with applications, simplifying protection and operations. 

I recommend Radware can make further improvements in pricing and simplifying initial use for new customers.

The core use cases for Radware Cloud WAF Service are web application firewall functionality, DDoS protection, and protection against zero-day vulnerability and emerging threats.

The most valuable aspect of Radware Cloud WAF Service is that it supports mode detection and provides email alerts on sudden alert spikes and early warnings. The most advanced feature is the DDoS protection and the way this web handles DDoS attacks, as I am currently working in the SOC team and managing the Radware administration part.

Regarding zero-day attacks, Radware Cloud WAF Service helps us actively receive early warnings, and we raise those to the relevant teams. The services related to zero-day attacks and threat intelligence are very effective.

The dashboard of Radware Cloud WAF Service could be more interactive and user-friendly. While implementing it for the first time, it requires core technical knowledge, and without that knowledge, implementation can be quite challenging. However, the support from Radware is excellent when support cases are raised.

I have been using Radware Cloud WAF Service for three and a half years in my career after joining my current organization.

Regarding stability, I have not experienced any lagging, crashing, or downtime in my experience with Radware Cloud WAF Service.

Radware Cloud WAF Service is scalable; once we set up the entire service and it is up to date, we can onboard as many applications as our license allows.

I have contacted Radware's technical support many times, and their quality is very good as we receive timely support according to the case priority. Their engineers are skilled and capable enough to resolve issues quickly.

Positive

I have used alternatives to Radware Cloud WAF Service, specifically Akamai Web Service, which is a very popular service. One of its disadvantages is that it does not support custom ports like Radware does.

The entire process of onboarding the application for the first time with Radware Cloud WAF Service requires core technical knowledge, but with the support of Radware, it becomes much easier.

The pricing of Radware Cloud WAF Service is lower compared to Akamai, and while the price in the industry is acceptable, it is not too expensive.

The combination of negative and behavioral-based positive security models provided by Radware Cloud WAF Service is very important for my organization's security strategy, as the main purpose of Radware WAF is security.

Regarding maintenance, we receive quarterly reports, which are sufficient.

On a scale of 1-10, I rate Radware Cloud WAF Service an 8.