Radware Cloud WAF Service Reviews

I am using Radware Cloud WAF and have been using it for the last five years. Recently, I considered deploying Radware Discovery API. I have taken a proof of concept of Radware Discovery and plan to onboard it in the next one or two months. 

Additionally, it is essential for reducing DDoS attacks within my organization.

We have had a very good experience with Radware Cloud. It has significantly reduced attacks on our applications. All our critical applications are onboarded to Radware, which uses AI to automatically learn behavior patterns and refine security policies. 

It also provides comprehensive protection against the top ten web application security risks. Importantly, we have not experienced any zero-day attacks because Radware Cloud offers protection against emerging threats. The Emergency Response Team is very active, and I consistently receive excellent responses from them.

It's a very comprehensive and user-friendly solution. It's easy to implement and integrate. We also have found it's easy to reach support if we need help.

The solution has helped us enhance our cyber security posture. It's good for data protection. We've been able to protect our public-facing infrastructure.

We haven't had any incidents or compromises in the entire three years we've used Radware.

The Cloud WAF Service blocks unknown threats and attacks effectively.

The analytics are very good.

The API discovery feature is very helpful, and end-to-end API protection is useful. Everything is encrypted to ensure effective protection. We get Layer 7 protection from it.

The API discovery is a very useful feature. It is easy to use. A few months before, I did a demo to learn more. We can see which APIs are being used or not. It helps us discover and remove unused APIs. In our case, we found 20 APIs that were not used by the team.

We use the CDN features. It's pretty easy to use the combination of CDN and Cloud WAF. It helps your Radware Cloud connect with the nearest server or the Redware server. We have multiple servers worldwide, so this is useful for us.

Integration is very easy. Sometimes, we have 10 to 15 applications hosted on the cloud. It's very easy to add applications. It's not complicated.

From the Radware cloud, it's integrated with our SOC. All the logs are received by the SOC.

An area of improvement is the visibility at the attack level. Management often asks for detailed reporting on attacks such as botnet and zero-day attacks, including the number of attacks within a month, week, or day. Improving dashboard capabilities to provide this information clearly for management is crucial.

They need to improve their reporting. We need to present our management with reports and we need better options for reporting. They don't want lengthy reports. They need something that is one to two pages and includes everything - a more high-level document with the most important information.

I have been using Radware Cloud WAF for the last five years.

I give the stability a score of 9.5 out of ten. I have never encountered downtime, maintenance-related issues, or latency. As a network and cybersecurity specialist, this provides me with peace of mind.

The scalability is fine. We haven't faced any issues.

The support provided by Radware's Emergency Response Team is excellent. They respond promptly to any queries or concerns raised via the hardware portal according to SLA expectations. The responses are satisfactory. Although I have not required much support in the past five years, whenever I did, I received answers to my queries.

I did not use a different solution previously.

The initial setup was straightforward. We onboarded critical applications in a prioritized manner, starting with the most critical and gradually moving to the others. The setup process was smooth, and we were able to get visibility from the applications post-onboarding.

I am not involved in purchasing or negotiating pricing, as this is done by our material team. My role is to recommend the products we need. The material team discusses with partners and determines the appropriate pricing.

I rate the overall solution a nine out of ten. By not giving a perfect score, I recognize that there is room for improvement, which is crucial for fostering development. It is essential for Radware to continue improving and researching advancements needed to enhance customer experience.

Radware offers a cloud, software, and hardware-based solution. It deals with all three platforms. 

1. They have a hardware device on which their software can be installed. We can manage all the load balancing with it. 

2. Similarly, for the Radware software, we can install the OVA file on our server and configure all the admin backend servers on it to perform services. 

3. In the cloud, we can use their API service to create a virtual platform for clients on which they can deploy and run their applications.

Cloud WAF blocks unknown threats and attacks. We have a monitoring tool, and security patches are released monthly. We can deploy these signatures on the WAF, which identifies threats based on IPs. There are multiple signatures for various attacks, like bot attacks, that we can monitor.

There is a forensic dashboard where we can identify real-time events, hits, and blocks. If there are genuine requests being blocked, we can deploy a custom page with a case number for users to resolve issues. For example, if a user triggers the Web Application Firewall (WAF) due to a misinterpreted service, they will see a blocking page with a case number. There's also an option to refine the WAF settings if it blocks a genuine request.

I also work with the API discovery feature in the Cloud solution. Once the API is enabled and the application vendor provides the API key, we can deploy our application. If the API is correct, it functions properly; otherwise, issues are highlighted on the dashboard. For example, cross-site scripting is blocked at the label level.

API discovery is straightforward to use. There is an option to add the API stream. If the API is correct, it will be processed; otherwise, the API service is blocked.

The dashboard provides multiple features and analytics tools to identify API issues. If there is a cost issue with an API, it can be identified, and we can report it.

It's not difficult to work with the API discovery feature because everything is reflected on the forensic dashboard. There's an option within the dashboard, under the security section, where you define the correct API. You can also identify and exclude specific APIs if needed. There's only one option to add to the API stream. If the API is correct, it will be processed; otherwise, it's blocked.

It's not difficult to identify API issues because when we define the API call, and it is incorrect or not valid, it won't sync with the vendor's application. They identify this and generate a blocking request, which helps us easily identify the issue.

It's mostly for the Alteon service. The Alteon load balancing part, particularly the SSL offloading and WAF offloading, is crucial. Offloading allows us to monitor and identify issues easily. I believe the SSL offloading is the most valuable feature.

It's easy to use, and the configurations are similar across different vendors. Compared to F5 and Citrix, Radware is easier to communicate with and use. The configuration process is simple, involving the creation of groups and pools, much like in F5. The SSL offloading is also very easy. Overall, I think it's a good solution.

The service we use through the cloud is very easy. We have one dashboard to manage everything, which is convenient.

The analytic dashboard could be integrated with other platforms like Splunk. In Splunk, the dashboard shows multiple things, and I think Radware could improve its dashboard in that regard.

In the WAF part, there are multiple things that are initiated, such as updates and patches. There's a global issue right now that we need to monitor on our side. I think the ability to monitor server-level updates and patches should be integrated into the WAF.

I have been using it for three to four years. 

If we raise an issue, they usually identify and resolve it by the end of the day or the next day. There haven't been any escalated cases on the cloud. However, we did encounter one issue regarding the filter and signature. We created a policy to block access from Pakistan, Bangladesh, and other specific locations.

Although the policy was in place and checked, users from those locations were still able to access the application. This was a bug that we reported to the technical team. They identified an issue with their software version and provided us with a new version to update. After the update, the blocking feature worked correctly.

It's scalable. We can customize it as per our requirements. We can customize it in most cases.

In the State Bank of India project, we deployed it, and I believe two or three other banks are using Radware's WAF. Some applications are deployed globally, meaning they're used in Australia, America, and multiple countries. We have multiple deployment options for that. For example, the YONO application is deployed globally and used by many users in different countries. We can easily identify and track that traffic on the dashboard.

In addition, they have also deployed the DDoS service in WAF. So, in case of a DDoS attack or something similar, they can easily identify and monitor it.

It's software-only, so most of the time it works as intended. However, I did raise one request about a filter option in the dashboard not working perfectly. We identified that there was a version issue, and they fixed it in a new patch. They were able to easily identify and resolve the version issue.

They are not globally available but can manage and support us within a range of five to seven. They can usually provide support easily.

Neutral

I have worked on Citrix as well. Both Citrix and Radware are similar, but in Citrix, some things are more lengthy. Radware is better integrated and easier to understand, so anyone can use it.

I haven't directly compared them, but F5 is very popular globally. Both are similar, but Radware lags behind F5 in a few features.

In terms of user experience and management, Radware is easier. However, F5 has better performance. 

Both are cost-effective, but Radware is less expensive because F5 licenses are costly. Technically, Radware is easier to understand.  

We currently use the integrated WAF option on the same device in our application (SBI). There is no dedicated WAF solution. There are two options: license-based and integrated. Using the integrated part helps to identify blocks and other issues effectively.

Integrating with other systems and applications in the environment:

Integration is not difficult. In the dashboard, under the policy section, we can find virtual services and easily enable the API service. Once enabled, WAF monitoring should also be enabled. We can then identify the application's requirements, like JSON ID, cookies, headers, what should be whitelisted, body size, etc. 

We can gather this information from the application owner during deployment to determine what needs to be whitelisted, such as extensions, zip files, XML files, and cookies.

Once we deploy an application, it doesn't take too much time because the application is already deployed. We also use the load balancing feature, so we just need to enable the security web application service. There is an option for this under virtual services where we can also enable it for bot protection. I think anyone can easily manage it if they know about these things.

Radware is signature-based. The patches and signatures are important because we cannot easily monitor them ourselves. They are regularly updated, I think, weekly, so that's helpful. I think this regular update makes it easier for us.

We are a managed service provider (MSP) for Radware. The technical support is handled directly by Radware, but we manage the technical aspects.

We use integrated and cloud solutions because we manage multiple applications for multiple vendors. Some vendors are using the integrated WAF, which is good. The cloud part is also managed by us, not the customer. We deploy everything, including signatures and patches, if needed.

We can deploy it within a month. It's very easy to deploy and work with. If you create load balancing and WAF configurations, both are very simple. The deployment process is easy if you know how to configure it. Anyone who knows the basics of networking and security can easily deploy it. The dashboard and management are also simple. There is no confusion.

If you're creating a virtual service, you can easily create the virtual service port and configure the backend server. It's very simple.

In F5, when creating a group, you need to take one pool service. But in Radware, you can create one group and easily select it. The dashboard and configuration in Radware are very simple.

We mostly deploy in one-arm mode, but there's also a two-arm mode. In one-arm mode, all applications and servers are on the same subnet. We take a single IP from the subnet (e.g., 10.86.11.x). We need three IPs: one for management and two for deployment and virtual services. 

When deploying an application, we can use the same IP range. We deploy all backend servers on the virtual service. We select the backend servers and multiple ports based on the requirements. We then configure the services on the virtual service and review everything. For networking, we need to do NATing if the application is globally accessible, which is also very simple.

The dashboard and conciliation aspects are straightforward in Radware.

Just as in the same domain, we can deploy mainly in one-arm mode, or two-arm mode. There are two different modes. Okay? But typically, we deploy in one-arm mode. In this mode, all applications and services should be on the same subnet. We can take a single IP from the same subnet, for example, if you have a subnet of twenty-three, like 10.86.11.something. We require three IPs in total. One IP for management, and two others for deployment and the virtual service. If we deploy an application, we can use that same IP range. We take it. And on this virtual service, we can deploy to all back-end servers. We can select the back-end server and multiple ports based on the requirements. We can select the ports we need and configure the services on them. On the virtual service, we can configure all the services and review everything. For networking, we need a NATing part if the application is globally accessible so we can NAT through their public IP. It's a very simple deployment process.

For a new project, it might take longer than a month due to approvals and networking configurations. These processes, especially to get approvals for NATing and network paths, can be take time. That's why it takes almost two months. However, if everything is ready, deployment and testing can be completed within five to ten days.

Two resources are enough for the deployment. From a maintenance perspective, not much is needed.

It does bring ROI.

Radware is less expensive because F5 licenses are costly. F5 charges for each and every license. For every virtual service you create, you need to pay additional license fees. The licenses are more COSTLY compared to Radware. 

Radware also has lower annual maintenance costs (AMC) compared to F5. F5 is more expensive than Radware, but it's the leading product globally.

It's not very costly because everything is license-based, all things depend on the license and annual maintenance contract (AMC). If you have an AMC, the cost will be higher. Without an AMC, the cost is less because the product itself is less expensive. But if you have the AMC, the cost will be higher.

If companies provide the signatures and patches perfectly because we can't easily identify new viruses or threats, we rely on the solution company to regularly update their software and devices. Radware is one such company that updates its patches and signatures monthly. They allow us to review all the CVEs and update their patches accordingly. So, I think it's a good option.

Overall, I would rate it a seven out of ten because there are some issues in the cloud part, where it lags. 

Our primary use case is defense against DDoS. We are using Radware Cloud WAF and load balancer solutions. We use it for our cloud infrastructure and various applications focusing on various security aspects.

It integrates seamlessly with our infrastructure, allowing us to manage DDoS attacks and load balancing efficiently.

The ability to easily handle configurations and the user-friendly nature of the solution make it accessible for various team members, including L1 and L2 users.

The load balancer is very good for DR purposes. Previously, our client had issues with DR, but it is no longer an issue. We can directly move from primary to secondary.

Radware Bot Manager has been very useful. If any user tries to save a password on a mobile or a browser, it blocks that. We can see all the details about the traffic and port requests.

API integration and documentation need to be improved. There should be more detailed documentation for API usage, rate limiting, CNAME, and DDoS functions. A lot of articles need to be added to their portal.

Additionally, enhancing the capabilities for bypass functions where users can manage URLs more flexibly, including the use of wildcard characters, would be beneficial.

We have been working with Radware Cloud WAF Service for a minimum of 18 months.

There have generally been no stability issues.

Radware Cloud WAF is scalable and accommodates our growing needs effectively.

We get proper solutions from them. The salesperson and other support resources have been good at providing solutions. I would rate their technical support an eight out of ten. 

Positive

I have used F5 which is a physical WAF solution. We switched to Radware Cloud WAF for its cloud-oriented capabilities and user-friendly interface, although the F5 solution was effective too.

Radware provides only three URLs for whitelisting, whereas F5 supports multiple URLs for whitelisting. Radware is also more complicated for customers when it comes to bypassing.

The initial setup of Radware Cloud WAF is straightforward, allowing for easy configuration and integration within our existing infrastructure.

It does not require maintenance from our side. We just have to ensure that we have the correct licenses. They inform us of any maintenance window in advance.

We get good direct support from Pankaj at Radware. He has helped us with the implementation and understanding of Radware solutions. In case of any issues, I can ping him and get more information or resolution.

It has saved us time and money.

I am not directly involved in pricing and setup cost discussions, but it seems that Radware offers a more cost-effective solution compared to F5. It is considered a good value for our budget.

Overall, I would rate Radware Cloud WAF as nine out of ten. It is a reliable solution with effective security features, though there are areas for improvement, particularly in API integration and documentation.