Radware Cloud WAF Service Reviews

For all of our Israel posts, Radware Cloud WAF Service is the Web Application Firewall we replaced F5 with. We were searching for something with good service and cloud-based support, as I have a lot of websites in the cloud. It gives me more than I expected.

I really like the services. When I have attacks, Radware contacts me before I'm even aware there's a problem. They recognize if there's an attack from a certain country and ask if I want to block it. They provide all the necessary information, and there's always someone to talk to. They block every attack, and the team has the perfect protection for me. The solution helps reduce false positives by 30%, thanks to good implementation and exclusions. It gives me a lot of time because I don't need to manage it; Radware manages everything for me. I am very satisfied with the prevention from zero-day attacks, and Radware Bot Manager helps with bot traffic detection. They provide excellent compliance support. I highly recommend this product to others because I'm satisfied with the mitigation and proactive protection.

I would like to see an improvement in the twenty-four-seven support service.

More than seven years.

The stability is excellent, and I would rate it ten out of ten.

Scalability is also excellent, with a rating of ten out of ten.

The customer service and support are very good, and I would rate them ten out of ten.

Positive

I replaced F5 with Radware Cloud WAF Service because I needed something with good service on the cloud. The previous solution was not meeting my expectations.

The onboarding with the Radware team was good. They handled implementation and set up exclusions well to reduce false positives.

Radware Cloud WAF Service saves a lot of time for my employees since they no longer need to manage it directly. The solution manages everything, allowing my employees to focus on other applications.

The pricing is not cheap; it is expensive, but it is effective.

I highly recommend Radware Cloud WAF Service to others. I have recommended it to my colleagues in other companies, and they have also been satisfied with it. It's a very good product with excellent support and minimal false positives. Overall, it delivers everything required for protection. I would rate the overall solution ten out of ten.

Public Cloud

Other

We mainly use Radware Cloud WAF Service for DDoS protection. This includes protecting against DDoS attacks. We know if there is an issue, we can quickly set up a call with the Radware team.

Radware Cloud WAF Service has significantly improved our organization's time of protection and detection capabilities. The support provided by Radware is quick and efficient. We have updated our solution on many occasions, and the design of our network has changed, largely due to Radware providing us with solutions.

The most valuable feature is Radware's ability to quickly detect attacks, even though it doesn't always meet the quicker threshold. We can set up a call with the Radware team if needed. Another crucial aspect is the support we receive from Radware, which is very quick and efficient.

Some of the tools are a bit difficult to navigate, and the user interface could be more user-friendly. It is not the cheapest solution, so cost is something to consider.

I started using Radware Cloud WAF Service when I joined the company about a year and a half ago.

I have never come across downtime, bugs, or glitches when working with Radware Cloud WAF Service. From that point of view, it maintains a very stable operation.

Anytime we've had any issues, Radware has provided us a solution, indicating its high scalability.

I would rate Radware support a nine out of ten. They are always available to help us, which is invaluable in our line of work.

Positive

I wouldn't be able to give a number, but Radware Cloud WAF does save time for our staff due to the automation and excellent detection, which is invaluable.

I would rate the cost around seven out of ten. Radware provides many different options, but it may not be affordable for companies that aren't large.

The automatic detection from Radware Cloud WAF is invaluable, and the support is outstanding. I would rate the overall solution a nine out of ten, with the only issue being the user interface. The overall product rating is nine out of ten.

Hybrid Cloud

Other

We use Radware Cloud WAF Service primarily for monitoring purposes within our organization.

I like the security features when looking at the dashboard where I can see a lot of attacks that are rejected and blocked. It's one of the best features, and I approve of this solution. Radware Cloud WAF Service ensures our systems are stable, running smoothly, and blocking all attacks effectively.

There should be more customization options for the dashboard, as it is currently fixed and cannot be modified. Additionally, the API is limited to data retrieval and does not support programmatic modifications. It would be beneficial if we could perform POST requests and integrate our applications more effectively.

I have been using Radware Cloud WAF Service for five months.

I rate the stability of Radware Cloud WAF Service as nine out of ten. There have been no issues with downtime, bugs, or glitches.

The scalability of Radware Cloud WAF Service is very good, and I would rate it nine out of ten in terms of handling the capacity and volume.

I would rate the technical support from Radware as a nine out of ten.

Positive

We previously used Imperva but switched to Radware Cloud WAF Service primarily due to pricing. Both products are top-ranking solutions, but Radware is cheaper.

The initial setup of Radware Cloud WAF Service was easy.

We received support from Radware, which made the implementation process easy.

The ROI for Radware Cloud WAF Service is prominent as it is twenty percent more cost-effective compared to Imperva.

When comparing the pricing of Radware Cloud WAF Service, I would rate it as seven out of ten, with one being cheap and ten being expensive.

Yes, we switched from Imperva to Radware Cloud WAF Service.

Overall, I would rate Radware Cloud WAF Service as eight out of ten. The areas for improvement include customization and API functionality. I would recommend Radware Cloud WAF Service because it is a good solution, and we are satisfied with the benefits it offers.

Public Cloud

Other

We use Radware Cloud WAF Service for cloud web application firewall (WAF) functionality. It serves as our platform for overseeing 17 applications currently. Additionally, we use the API Discovery feature for applications with exposed endpoints, integrating protection and maintaining security. We also utilize Radware's Bot Manager for managing incoming bot traffic.

Radware Cloud WAF Service effectively blocks unknown threats and attacks, providing strong security with a low false-positive rate. With the Radware Cloud WAF Service, we have not faced any incidents in six years. The automated analytics module is quite effective in tracking events related to attacks, IP addresses, and countries. API Discovery is also highly valuable, enabling us to protect our applications with end-to-end API protection, while also reducing overhead costs.

Radware could improve technical support by resolving cases in fewer days. This would enhance the overall experience with the product.

We have been using Radware Cloud WAF Service for approximately six years.

The stability of Radware Cloud WAF Service is excellent, and I would rate it as a ten.

For scalability, I would rate Radware Cloud WAF Service as a ten, showing it is highly scalable.

The customer service is exceptional and would be rated as a ten, although there is room for improvement in response times.

Positive

We compared Radware to F5 and Cloud Flare. Ultimately, we chose Radware for its pricing, technology, skills, and features that align well with our institution.

We have seen a return on investment of about thirty percent, allowing us to save time, money, and resources.

The pricing is average in terms of cost efficiency.

We compared Radware with F5 and Cloud Flare.

I recommend Radware Cloud WAF Service to others. The overall rating I give the solution is ten.

Public Cloud

Other

The bank uses different channels, such as mobile banking, Internet banking, and Creditnet, and we adopted Cloud WAF to prevent blockages and attacks. We have passed the policy review stage and are ready to begin blocking. Right now, we are in reporting mode and heading to the blocking stage.

The bank has benefited from improved security and visibility. Two months ago, there was scouting at a national level in Bolivia from Brazil, and it was difficult to find. Cloud WAF gave us that visibility, and as soon as we had a bit of suspicion, we started to block things, mostly traffic. That has benefited us a lot, especially in having more peace of mind and visibility of events and possible attacks.

The network team started with RadWare Alteon, and after that, they began to consider WAF and Cloud WaF.  After a month of putting together infrastructure and having clarity, we have already begun to notice the benefit of visibility.

We do have greater visibility of false positives, but we understand that RadWare cannot make the change. It depends more on internal processes to validate false positives. It does provide support by detecting them, and then we need to coordinate internally. For example, we noticed many false positives in SQL injection—around 60 to 70 percent of the false positives were there—so we already have a basis for mitigating them in other channels. 

Cloud WAF has freed up our IT staff's time, saving us around 40 percent. For example, because we have visibility on the network level, we do not have to figure things out. If an event occurs in some SIEM or an attack occurs, we can act quickly to prevent the attack and loss of information or economic impact. 

From my side, it is a little easier to automatically see these events, show the teams, and coordinate this whole issue rather than spending time investigating, checking logs, and seeing those types of elements on servers, in the DMZ, or in the same application. 

I like that Cloud WAF provides me with lots of information. All the events and all the possible attacks appear in front of you, and false positives appear through different channels. The solution's automated analytics are excellent. I have several events that appear automatically.

The blocking part seems good. Since I'm just starting on the team, I don't know much about the tool. I'm discovering all its features right now, and they showed me some video tutorials.

We haven't seen any issues with integrating Cloud WAF at the same level of product. For example, we haven't had any problems integrating it with Alteon. I don't have direct experience integrating it with firewalls or other tools, but based on what others are saying, there haven't been any compatibility issues with other applications the bank uses. 

Cloud WAF's management portal lacks many indicators, and the interface could be more user-friendly. It should provide more detailed information on events, possible solutions, and what each event means. While it does give you the event and block part, it doesn't give you a solution. Let's say, for example, someone wants to go into an SQL injection and find a possible solution other than the blocking part, there are no details. It would be good to have possible solutions or the ability to create an automated report to send to the developers in the portal.

Also, they should offer more Spanish-language tutorial videos. There is only one tutorial in Spanish, which is difficult for us as Latin American customers. 

I've been using RadWare Cloud WAF for about two to three months.

Cloud WAF is very stable. We haven’t had any problems at the portal, tool, or service levels. 

We are just starting to figure out Cloud WAF's potential, but we already want to increase the usage in our company.

I rate Radware support eight out of 10. I have seen a lot of willingness from their side to help us, but you need to open the ticket and look for the details in English, and most support is in English, so explaining issues to them is challenging.

Positive

The biggest return on investment comes from improved security and avoiding information losses or DDoS attacks. We gain security and the certainty that we will always be operational. The number of attacks has been reduced, and there is a contingency area here that measures the indicators, including the TCO. It's hard to tell, but it looks like approximately 30 to 40 percent.

I rate Radware Cloud WAF eight out of 10. The interface could be a little more detailed. It would be great if Cloud WAF could provide us with alternative solutions to pass along to the developers, infrastructure, security, and all the teams involved in critical events. For example, you have no alternatives if you have a crisis that can be attended to this week or in the next two weeks. You can only block it or not, making things a bit more complicated.

I don't know the tool well yet, but from what I have seen it could be improved by simplifying the team coordination. Also, the categorization could be better because there are only four or five categories: injection, vulnerabilities, etc. If we had more details and options it would benefit us a lot. 

I recommend future users learn a little about the tool before using it and have training. It is extensive, so it's critical to know about the events. This tool opened my eyes. We were not covered through all the protocols, we weren’t really safe, this tool gave me a much-needed security.

Foreign Language: (Spanish)

Nos beneficiamos de una mayor seguridad y visibilidad.

¿Cuánto tiempo lleva usando esta solución?

He estado usando RadWare Cloud WAF durante aproximadamente dos o tres meses.

¿Cuál es su principal caso de uso de esta solución? (Incluya detalles sobre su entorno).

El banco utiliza diferentes canales, como banca móvil, banca por Internet y Credinet, adoptamos Cloud WAF para evitar bloqueos y ataques. Hemos pasado la etapa de revisión de políticas y estamos listos para comenzar a bloquear. En este momento, estamos en modo de informe y nos dirigimos a la etapa de bloqueo.

Comparta cómo Radware Cloud WAF Service ha mejorado su organización. Si no fue así, explique por qué.

El banco se ha beneficiado de una mayor seguridad y visibilidad. Hace dos meses hubo scouting a nivel nacional en Bolivia desde Brasil y fue difícil de encontrar. Cloud WAF nos dio esa visibilidad y tan pronto como tuvimos un poco de sospecha, comenzamos a bloquear cosas, principalmente tráfico. Eso nos ha beneficiado mucho, sobre todo en tener más tranquilidad y visibilidad de eventos y posibles ataques.

El equipo de redes comenzó con RadWare Alteon y después de eso, comenzaron a considerar WAF y Cloud WaF. Después de un mes de armar la infraestructura y tener claridad, comenzamos a notar el beneficio de la visibilidad.

Tenemos una mayor visibilidad de los falsos positivos, pero entendemos que el cambio no depende de RadWare. Depende más de procesos internos para validar los falsos positivos. Brinda apoyo al detectarlos y luego necesitamos coordinarnos internamente. Por ejemplo, notamos muchos falsos positivos en la inyección SQL (alrededor del 60 al 70 por ciento de los falsos positivos estaban allí), por lo que ya tenemos una base para mitigarlos en otros canales.

Cloud WAF ha liberado tiempo de nuestro personal de TI, ahorrándonos alrededor del 40 por ciento. Por ejemplo, como tenemos visibilidad a nivel de red, no tenemos que resolver las cosas desde cero. Si ocurre algún evento en algún SIEM o se produce un ataque, podemos actuar rápidamente para evitar el ataque y la pérdida de información o impacto económico.

Por mi parte, es un poco más fácil ver estos eventos de manera automatizada, mostrarselos a los equipos y coordinar todo este asunto en lugar de perder tiempo investigando, revisando registros y buscando ese tipo de elementos en los servidores, en la DMZ o en la misma aplicación.

¿Qué características le han parecido más valiosas y por qué?

Me gusta que Cloud WAF me proporciona mucha información. Todos los eventos y todos los posibles ataques aparecen frente a ti, y aparecen falsos positivos a través de diferentes canales. Los análisis automatizados de la solución son excelentes. Tengo varios eventos que aparecen automáticamente.

La parte del bloqueo me parece buena. Como recién estoy comenzando en el equipo, no sé mucho sobre la herramienta. Estoy descubriendo todas sus características ahora mismo y me mostraron algunos videotutoriales.

No hemos visto ningún problema con la integración de Cloud WAF con otras soluciones de RadWare. Por ejemplo, no hemos tenido ningún problema para integrarlo con Alteon. No tengo experiencia directa en su integración con firewalls u otras herramientas, pero según lo que dicen otros, no ha habido ningún problema de compatibilidad con otras aplicaciones que utiliza el banco.

¿En qué áreas se podría mejorar el producto o servicio?

¿Qué características adicionales deberían incluirse en la próxima versión?

El portal de gestión de Cloud WAF carece de muchos indicadores y la interfaz podría ser más fácil de usar. Debería proporcionar información más detallada sobre los eventos, las posibles soluciones y lo que significa cada evento. Si te brinda la parte de evento y bloqueo, pero no te brinda una solución. Por ejemplo, si alguien quiere realizar una inyección SQL y encontrar una posible solución distinta a la parte de bloqueo, no puede ya que no existen detalles. Sería bueno tener posibles soluciones o la capacidad de crear un informe automatizado para enviarlo a los desarrolladores en el portal.

Además, deberían ofrecer más videos tutoriales en español. Sólo hay un tutorial en español, lo cual es difícil para nosotros como clientes latinoamericanos.

Alternativas y consejos:

¿Utilizó anteriormente una solución diferente? De ser así, ¿por qué la cambió?

Antes de elegir, ¿evaluaste otras opciones? ¿De ser asi, cuales?

¿Tiene algún comentario o consejo adicional sobre esta solución?

Califico a Radware Cloud WAF con ocho sobre 10. La interfaz podría ser un poco más detallada. Sería fantástico si Cloud WAF pudiera brindarnos soluciones alternativas para transmitirlas a los desarrolladores, la infraestructura, la seguridad y todos los equipos involucrados en eventos críticos. Por ejemplo, no tienes alternativas si tienes una crisis que puede ser atendida esta semana o en las próximas dos semanas. Sólo tienes dos opciones: bloquear o no bloquear, lo que complica un poco las cosas.

Aún no conozco bien la herramienta, pero por lo que he visto se podría mejorar simplificando la coordinación del equipo. Además la categorización podría ser mejor porque solo hay cuatro o cinco categorías: inyección, vulnerabilidades, etc. Si tuviéramos más detalles y opciones nos beneficiaría mucho.

Recomiendo a futuros usuarios conocer un poco la herramienta antes de utilizarla y capacitarse. Es extensa, por lo que es fundamental conocer los eventos. Esta herramienta me abrió los ojos. No estábamos cubiertos ante todos los protocolos, no estábamos realmente seguros, esta herramienta nos brindó una seguridad muy necesaria.

Rendimiento

¿Cuáles son sus impresiones sobre la escalabilidad de esta solución?

Apenas estamos empezando a descubrir el potencial de Cloud WAF, pero ya queremos aumentar su uso en nuestra empresa.

¿Cuáles son sus impresiones sobre la estabilidad de esta solución?

Cloud WAF es muy estable. No hemos tenido ningún problema a nivel de portal, herramienta o servicio.

¿Cuál es su retorno de la inversión?

El mayor retorno de la inversión es la mejora en seguridad y el poder evitar pérdidas de información o ataques DDoS. Ganamos seguridad y la certeza de que siempre estaremos operativos. Se ha reducido el número de ataques, aquí existe un área de contingencia que mide los indicadores, incluyendo el TCO. Es difícil saberlo, pero parece que se ha reducido aproximadamente entre el 30 y el 40 por ciento.

Configuración y soporte

¿Lo implementó a través de un equipo de proveedores o uno interno? Si se trata de un equipo de proveedores, ¿cómo calificaría su nivel de experiencia?

Cuéntanos tu experiencia con el servicio de soporte al cliente.

Califico el soporte de Radware con ocho de 10. He visto mucha disposición de su parte para ayudarnos, pero es necesario abrir el ticket y buscar los detalles en inglés, y la mayor parte del soporte es en inglés, a veces explicar el problema es un reto.

¿Cómo calificaría esta solución en una escala del 1 al 10 en cuanto al servicio de soporte?

8.

The primary use case for Radware Cloud WAF Service is DDoS protection and web application firewalls. My clients use it for these purposes as they want to be protected by a web application firewall against attacks on their websites.

The most valuable features of Radware Cloud WAF Service include its automation and learning capabilities for protection, as well as its superior bot mitigation. The precise negative security on the web application firewall is also noteworthy. Additionally, the onboarding process is smooth, allowing customers the unique ability to use the web application firewall on the cloud.

Radware needs to improve the certificate renewal process for customers who want to be secured with HTTPS. Some other web application firewalls have a mechanism that allows automatic certificate uploads, which Radware could adopt. 

Also, improvements could be made to be more precise on the negative security perspective.

I have been using Radware Cloud WAF Service for about two years.

Radware Cloud WAF Service is very stable, with no experienced downtime on Radware's part. I give it a stability rating of eight out of ten.

Radware Cloud WAF Service is quite scalable, with a rating of eight out of ten.

The technical support for Radware Cloud WAF Service is excellent. They are knowledgeable, speak the technical language, respond quickly, and work collaboratively to overcome challenges. I rate the customer service nine out of ten.

Positive

The initial setup is straightforward, involving adding an A record in the customer's infrastructure and ensuring the right certificate is in place.

Radware Cloud WAF Service pricing falls on the pricier side with a rating of seven out of ten. It may not have helped reduce the total cost of ownership.

I evaluated other solutions like Incapsula, Impreva, and F5 before choosing Radware.

I advise conducting a POC to ensure that Radware Cloud WAF Service meets specific needs in terms of maintenance and understanding. It takes complex tasks, like web application firewall functions, and simplifies them for customer ease. 

I rate the overall solution eight to eight and a half out of ten.

We use Radware Cloud WAF Service to monitor and protect against data packet applications from websites and web applications.

Radware Cloud WAF Service excels at blocking unknown threats and attacks. It achieves this by providing real-time threat monitoring and reporting across all devices and platforms within our network regardless of the system we're using.

Cloud WAF's automated analytics simplify the process of identifying anomalies in network traffic. This is achieved by analyzing events and correlating them with captured data packets. The WAF can capture data at all seven layers of the OSI model, ensuring comprehensive network flow analysis.

Cloud WAF provides effective end-to-end protection for APIs.

Using the API discovery feature is easy.

The CDN Service works together with its Cloud WAF to secure our applications. Since most threats target the application layer, we leverage the Radware API to monitor activity and receive reports for further analysis and protection. Using Radware CDN Service, and Cloud WAF together is easy.

It offers a comprehensive range of benefits. It provides detailed reporting on network security, allowing us to monitor traffic across all routes. The WAF can then identify and block malicious activity within shared traffic, forwarding only clean traffic to our organization. This proactive approach effectively defines and protects our systems from harmful attacks.

Cloud WAF has helped reduce the number of false positives we receive through fine-tuning by 90 percent.

Radware Cloud WAF is a Cloud platform, so it allows for easy integration with other systems in our environment.

It has helped free up around 60 percent of the time for our IT team to focus on other projects and has helped reduce our total cost of ownership.

The benefits of Radware Cloud WAF Service became readily apparent soon after implementation. We experienced this firsthand through the prompt support we received and the solutions provided to address our most critical security threats.

The most valuable feature is the monitoring dashboard that we access through the portal.

The Cloud Portal has room for improvement.

I have been using Radware Cloud WAF Service for around five years.

I would rate the stability of Radware Cloud WAF Service ten out of ten.

I would rate the scalability of Radware Cloud WAF Service nine out of ten.

Our experience with Radware support has been positive. Our partnership with them grants us access to privileged customer tools and the customer community. This allows us to utilize valuable resources such as blogs and troubleshooting guides, ensuring we can effectively address any issues that may arise.

Positive

The implementation took three years to complete and we had three people involved.

We have seen around a 60 percent return on investment from Radware Cloud WAF Service.

Radware Cloud WAF Service falls within a mid-range price bracket compared to other web application firewall solutions.

I would rate Radware Cloud WAF Service ten out of ten.

We have around 500 customers utilizing the Radware Cloud WAF Service.

Radware provides a sufficient product that doesn't require maintenance from our end.

For comprehensive cloud and load balancing protection, I highly recommend Radware Cloud WAF Service to all organizations.

Hybrid Cloud

We provide our clients with Cloud WAF Service, which enables us to detect and report web shell attacks against their servers. 

The main benefit is that all traffic is shifted by the cloud service, which exists outside the customer's infrastructure. It's highly efficient. Many customers have problems inside the infrastructure that must be efficiently detected. With Cloud WAF we can notify our client when an attack is outside and detect when a web shell script is already running on the server. This information helps the client understand what's happening with the web shell.

We've reduced many false positives using Cloud WAF Service. The learning period is helpful. Radware sends a policy with a lot of information that helps the customer observe and design their policies to eliminate false positives.

Cloud WAF saves us a lot of time because we face many strong attacks. It helps us modify the back end and implement some policies to prevent more attacks.

The best feature is the SQL injection signatures, and another is the DDoS protection. Radware is more efficient than other solutions. It handles unknown threats very well. We face many bad requests with malware that are expensive to remedy. Radware's service center in the cloud helps a lot. 

Radware's bot manager can be improved because it's very complicated to implement for apps. Radware could also add alerts by WhatsApp or Telegram. It only sends notifications via email or SMS.

We have had issues with Cloud WAF one or two times, but the service works fine most of the time.

Cloud WAF scales very well. 

I rate Radware support nine out of 10. They have a simple platform for opening tickets, and they respond quickly. 

Our previous solution was hard to install, but Cloud WAF is straightforward because it's cloud-based. You add the certificate for the business and point it to the IP. Deployment is very fast. It takes 30 minutes to an hour.  Cloud WAF requires some maintenance when a customer changes their website or programs. We need to adjust the policies.

I rate Radware Cloud WAF Service eight out of 10. It is the best solution for stopping DDoS attacks.