Radware Cloud WAF Service Reviews

We are a data center company that hosts a variety of applications for our customers. We use these applications for two purposes: internal protection and external customer protection. Currently, all of our internal applications are hosted on the cloud and are safeguarded by the Cloud WAF service. Our customers also use the Cloud WAF service to protect their applications from external threats. 

We aim to provide our customers with 99.99 percent infrastructure availability and 99.95 percent service uptime. When we guarantee availability and security, we must ensure we have the strongest security measures in your environment. That is the highest priority for the company.

We've deployed Radware for various applications in our environment. We have also successfully used it in heterogeneous customer environments without any issues. We have some internet-facing applications like SAP and Oracle. Our company has custom Java-based and .NET-based applications. The clients' ERP environments may also be vulnerable because they are the company's heart. We deploy and host many ERP environments and protect them against external attacks.

Radware Cloud WAF Service's ability to block unknown threats and attacks is useful. Radware Cloud WAF Service's best feature is its ability to protect against and log a wide range of unknown threats as part of its offerings.

I can confidently say that Radware Cloud WAF Service serves as a comprehensive solution for both our current and prospective customers, generating revenue for us. This service guarantees high uptime and availability of all our business applications while reducing overall operational complexity.

Automated event analytics are effective. We have automated event monitoring, which provides us with excellent analytical dashboards that help us identify any issues. These dashboards report, track, monitor, and ultimately resolve the issues. Therefore, the mitigation process is highly effective when utilizing these analytical dashboards.

We implemented API protection as a security measure, which includes an API discovery feature. This feature helps protect APIs from attacks, making it a valuable aspect of Radware Cloud WAF Service.

The API discovery feature provides outstanding end-to-end API protection. APIs play a crucial role in applications, often requiring extensive investigation. Having automated discovery and protection against external threats makes this feature even more exceptional.

API discovery is a user-friendly feature that comes with an automated algorithm. The algorithm detects APIs and generates tailored security policies to identify and log any real-time API FOCA attacks. This makes it an outstanding feature. Additionally, Radware repair protection can access the automated algorithm to discover APIs and create personalized security policies that can detect and prevent API worker attacks in real-time.

The API discovery aided in the reduction of our overhead costs by around 20 percent. The APIs are protected in real-time, which enabled us to decrease operational complexity and costs significantly.

We provide data center services and offer both public and private cloud options to our customers. Our Radware Cloud WAF Service provides comprehensive protection against bots and APIs, safeguarding all the Internet-facing applications hosted on our platform. As a result of implementing this service, our organization has greatly benefited.

The Radware Cloud WAF Service has been instrumental in reducing our false positives by nearly 25 percent. This is due to its comprehensive API protection and bot offerings, which have reduced operational complexity. 

The cost of managing the overall solution decreased because we now require fewer personnel. With the tool's significant automation and numerous analytic dashboards, customers now feel more comfortable and have greater peace of mind than before.

I would rate the integration of Radware Cloud WAF Service a nine out of ten. This solution has user-friendly integration algorithms and features that make it easy to integrate with other applications. Once we become familiar with the product, the interfaces are straightforward to use. The software has an API, which enables different applications to communicate with each other, making it the best part of the solution. Therefore, API protection is included in the software, allowing applications to interact with each other seamlessly. Consequently, customers can feel more confident when using Radware Cloud WAF Service.

Radware Cloud WAF Service reduced the effort of our IT team, therefore, freeing up their time for other projects.

Radware Cloud WAF Service helped reduce our TCO because we can now offer this service to our customers. This has resulted in generating additional revenue, contributing to the overall cost savings.

After three months of implementing the Radware Cloud WAF Service and selecting the product, we began to see time to value.

We have recently upgraded our cloud WAF to Radware Cloud WAF Service to include WAF and ADA protection, as well as watch management and Layer 7. What makes this a comprehensive offering from Radware is that it combines WAF, ADA, bot management, and API protection, which is not currently available from any other provider in the market. The most valuable aspect of our service is its ability to safeguard applications from external threats, including the API. This sets the solution apart from other web operators in the market.

The lower-level technical team at Radware could improve their approach to problem-solving as they are sometimes very slow. While the higher management is highly active and supportive, the lower management and staff may take longer to provide support, leading to delays. Proactively improving their response time could enhance their overall performance. Otherwise, customers may need to escalate issues to the higher-ups, which could be avoided.

I have been using Radware Cloud WAF Service for over three years.

Radware Cloud WAF Service is stable. We have not had any performance issues.

I give Radware Cloud WAF Service a nine out of ten for scalability.

Radware Cloud WAF is a cloud-based solution, so it's scalable. We have a 5GB contract and can always increase. If it had been on-premises, Radware would be a less-scalable solution. We can easily add capacity if needed.

We have Radware's ERT premium support which is great.

We signed the highest-level SLA with Radware called ERT Premium Services, which guarantees a five-minute response from Radware 24/7. Radware India also provides support. We call management if we have an issue, and they take care of it. Radware also has an excellent knowledge base and community forums.

A few months ago, we had an attack at night and needed immediate support. I called the director of Radware India, and he immediately lined up the entire support team within a few minutes. They resolved the issue as soon as the ticket entered their system. In five minutes, we got support from the most senior employee of Radware India. When we were implementing the Radware DDoS, the management maintained communication with us and helped us get started fast.

It was the same with the Radware load balancer. We subscribed to the new load balancers, which we needed to provide additional capacity for our company over the next five years, and management was there to guide us in the right direction.

Compared to previous solutions, Radware Cloud WAF Service is a reliable product, especially when combined with senior management support. If we obtain both, such as contacting the senior manager, the Managing Director of Redwood in India, we can expect a response in a matter of minutes. This is the service's greatest advantage.

The initial setup was straightforward because we had the help of the Radware specialists. The implementation strategy involved conducting a brief proof of concept for a few applications within the entire solution. Once the POC was successful, we proceeded to deploy it in the test environment. After testing, we moved it to production within three months.

Our L1, L2, and L3 support, with the assistance of Radware, completed the deployment in five weeks on the back end.

Radware Cloud WAF Service is deployed in the cloud for internal applications hosted on Yotta, as well as for customers who chose to use this service.

The entire deployment took around six weeks, from the planning stage to the final rollout. We deployed the architecture, created the MSSP, configured the links, and created the domain names. We developed the implementation strategy with Radware and its partner. We first deployed the solution for approximately 20 or so internal applications. In phase two, we opened the solution up to customers.

After deployment, Radware WAF doesn't require much maintenance aside from updates and periodic maintenance windows on the vendor side.

Radware's partner helped with the implementation.

We experienced a positive return on investment of up to 50 percent, due to our ability to reduce false positives. This led to a significant decrease in the effort required to manage the solution and a reduction in the overall cost of ownership. Additionally, the solution generated revenue from customers as we can now identify and address external threats to their environment. As a result, we also receive renewals. This is the most significant benefit of the solution.

When compared to Akamai and F5, Radware's pricing and licensing are highly competitive. In fact, Radware offers the best price along with excellent licensing pricing. Moreover, we received ERP premium support as a part of the package, which would otherwise be a service that incurs a high cost.

We conducted an evaluation of F5 Advanced WAF and Akamai Web Application Protector, both of which performed well. However, the standout feature was Radware's five-minute SLA on their premium ERT support. This evaluation considers three factors: the product, the SLA, and the management support. Radware offers the highest level of ERP payment support with a response time of five minutes. Additionally, if any issues arise, we have the option to escalate to Radware's senior management, and we can expect a response from Radware's MD within a few minutes. When considering the product, SLA, and management support as a whole, we believe that Radware Cloud WAF Service is the best option.

I give Radware Cloud WAF Service a nine out of ten.

As of now, we have not had to maintain the solution.

I recommend Radware Cloud WAF Service for any organization which wants to be free from external threats.

A year ago, people were only talking about the WAF application firewall. Today, we refer to WAAP, which provides increased protection against threats and vulnerabilities. Radware came out with this innovative offering called WAAP, including, WAF, API and bot protection, and DDoS. This is an innovative solution. If you want peace of mind, Cloud WAF is a one-stop shop for your security needs. Radware WAAP is a comprehensive security solution.

Public Cloud

After a security breach on one of our web applications, we transitioned to a cloud-based web application firewall solution. We chose Radware Cloud WAF Service to protect our critical web applications.

I would rate Radware Cloud WAF Service's ability to block unknown threats and attacks as nine out of ten.

Radware Cloud WAF Service initially operated in a learning mode for the first week after deployment, gathering data. Once it switched to action mode, we began to experience the service's full benefits.

Cloud WAF has helped reduce our false positives by 20 percent.

We have implemented Cloud WAF in conjunction with Alteon, and we are currently integrating a bot manager and web application DDoS protection. The integration was easy because we were accompanied by Radware.

Cloud WAF has helped free up our IT team for other projects.

The most valuable feature of Radware Cloud WAF Service is the visibility into attacks that are being cut off instantly.

It would be ideal if Radware could offer a bundled package that includes Cloud WAF, web DDoS protection, bot manager, and Alteon for a more comprehensive security solution.

I have been using Radware Cloud WAF Service for two and a half years.

Radware Cloud WAF Service is scalable.

Radware Cloud WAF Service met our scaling requirements.

The technical support is great. I have nothing bad to say about them.

Positive

The initial deployment process went smoothly and was completed in three weeks by a five-person team consisting of two representatives from our organization and three from Radware.

The pricing is fair. We pay for what we need.

After evaluating Radware Cloud WAF Service against other options and confirming its leading position in Gartner's Magic Quadrant for Web Application Firewalls, we chose it for our web security needs.

I would rate Radware Cloud WAF Service nine out of ten.

No maintenance is required on our end.

Radware Cloud WAF Service does what is expected and reduces the number of attacks on our web applications.

Public Cloud

We use Radware Cloud WAF Service primarily for monitoring purposes within our organization.

I like the security features when looking at the dashboard where I can see a lot of attacks that are rejected and blocked. It's one of the best features, and I approve of this solution. Radware Cloud WAF Service ensures our systems are stable, running smoothly, and blocking all attacks effectively.

There should be more customization options for the dashboard, as it is currently fixed and cannot be modified. Additionally, the API is limited to data retrieval and does not support programmatic modifications. It would be beneficial if we could perform POST requests and integrate our applications more effectively.

I have been using Radware Cloud WAF Service for five months.

I rate the stability of Radware Cloud WAF Service as nine out of ten. There have been no issues with downtime, bugs, or glitches.

The scalability of Radware Cloud WAF Service is very good, and I would rate it nine out of ten in terms of handling the capacity and volume.

I would rate the technical support from Radware as a nine out of ten.

Positive

We previously used Imperva but switched to Radware Cloud WAF Service primarily due to pricing. Both products are top-ranking solutions, but Radware is cheaper.

The initial setup of Radware Cloud WAF Service was easy.

We received support from Radware, which made the implementation process easy.

The ROI for Radware Cloud WAF Service is prominent as it is twenty percent more cost-effective compared to Imperva.

When comparing the pricing of Radware Cloud WAF Service, I would rate it as seven out of ten, with one being cheap and ten being expensive.

Yes, we switched from Imperva to Radware Cloud WAF Service.

Overall, I would rate Radware Cloud WAF Service as eight out of ten. The areas for improvement include customization and API functionality. I would recommend Radware Cloud WAF Service because it is a good solution, and we are satisfied with the benefits it offers.

Public Cloud

Other

We use Radware Cloud WAF Service for cloud web application firewall (WAF) functionality. It serves as our platform for overseeing 17 applications currently. Additionally, we use the API Discovery feature for applications with exposed endpoints, integrating protection and maintaining security. We also utilize Radware's Bot Manager for managing incoming bot traffic.

Radware Cloud WAF Service effectively blocks unknown threats and attacks, providing strong security with a low false-positive rate. With the Radware Cloud WAF Service, we have not faced any incidents in six years. The automated analytics module is quite effective in tracking events related to attacks, IP addresses, and countries. API Discovery is also highly valuable, enabling us to protect our applications with end-to-end API protection, while also reducing overhead costs.

Radware could improve technical support by resolving cases in fewer days. This would enhance the overall experience with the product.

We have been using Radware Cloud WAF Service for approximately six years.

The stability of Radware Cloud WAF Service is excellent, and I would rate it as a ten.

For scalability, I would rate Radware Cloud WAF Service as a ten, showing it is highly scalable.

The customer service is exceptional and would be rated as a ten, although there is room for improvement in response times.

Positive

We compared Radware to F5 and Cloud Flare. Ultimately, we chose Radware for its pricing, technology, skills, and features that align well with our institution.

We have seen a return on investment of about thirty percent, allowing us to save time, money, and resources.

The pricing is average in terms of cost efficiency.

We compared Radware with F5 and Cloud Flare.

I recommend Radware Cloud WAF Service to others. The overall rating I give the solution is ten.

Public Cloud

Other

Initially, all our services were on-premises, but we decided to move many of them to the Azure cloud to make them accessible to our customers. However, we discovered that certain attacks were going undetected and the native tools in Azure cloud were inadequate for protecting against them. As a result, our expenses were increasing due to resource exhaustion. To address this issue, we consulted with our vendors and found a Cloud WAF hardware solution. Once we implemented Radware Cloud WAF Service and combined it with application controls, bot protection, and DDoS services, our expenses were reduced by 80 percent. This was a remarkable achievement.

I report every month on any incidents involving our public assets. One particular use case that I focus on is geo attacks, which help identify who is attempting to access these resources from locations outside of our Southeast US customer base. This helps reduce unnecessary noise. We also have private APIs that are only accessible to specific vendors, and it's important to secure them with an access list. Although it is a basic measure, it allows me to monitor who is attempting to access those resources. The unknown threat aspect of it is not a frequent occurrence.

Radware Cloud WAF Service provides excellent automated analytics for event analysis. Its visibility feature alone is a selling point for the product. When we initially invest in cloud services, it can be difficult to monitor activity. We only receive a bill indicating increased CPU and RAM usage. The analytics provided by Radware Cloud WAF Service has been extremely helpful in this regard.

Radware Cloud WAF Service has significantly reduced our Azure bill by filtering out unnecessary CPU, compute, and bandwidth usage on the front end. Previously, we experienced a lot of errors and serious issues due to APIs being exposed, and our developers could not always understand why these errors occurred. However, once we implemented Radware Cloud WAF Service, it significantly reduced the noise and eliminated malicious data. As a result, our developer logs now look good, and we can identify who is targeting us and their intentions through the provided metrics. It has been incredibly helpful from a management perspective as we can present them with dashboard metrics showing how the tool is blocking and protecting us. They appreciate this information.

Radware Cloud WAF Service has helped reduce our false positives by 90 percent.

We quickly recognized the value of the Radware Cloud WAF Service upon deployment. However, we needed to ensure that the business owners understood the changes being made. Upon activating the spot protection and geolocation service, we noticed a significant decrease in illegitimate traffic. Prior to the implementation, we were receiving an overwhelming amount of hits, averaging between 150,000 to 160,000 per hour on certain pages. Once the services were activated, this number decreased to only 2,000 to 3,000 hits per hour, indicating that a majority of the previous traffic was not legitimate. This allowed us to reduce our footprint in Azure and do so immediately. It is evident that the internet is filled with a vast amount of illegitimate traffic, with many individuals scanning for open services. The implementation of Radware Cloud WAF Service helped eliminate this issue within a day.

Before the introduction of Azure cloud-native tools, monitoring visibility was inadequate, making it difficult to identify the cause of resource attacks. With the current visibility dashboard, we can now obtain insight into the nature of attacks, identify attackers, and detect top IP or threat regions. This dashboard has proven to be helpful in improving our ability to identify and respond to attacks.

Radware Cloud WAF Service has significantly reduced the number of attacks and improved our visibility. However, there are some areas where it could improve its maturity. Previously, the interface, Bot manager, and Cloud WAF were separate interfaces, but they have now been merged into one dashboard. However, the current setup is somewhat cumbersome, and there is room for improvement in this area.

Radware Cloud WAF Service has limited integrations, and I would like to see it integrate with our use of Azure DevOps. Specifically, I would like it to be able to automatically detect and protect new APIs and changes made to existing ones, utilizing the API discovery and protection features. Currently, there is no integration for this. If we use a SIM, we can receive email alerts or check the dashboard for information on the types of attacks, but this is not an ideal or modern approach to alerting. It would be beneficial for the service to integrate with top enterprise tools like SIEM, allowing for more efficient and effective alerting and logging. Unfortunately, there are currently no native tie-ins for some of the products we use, requiring us to set up email notifications to our SIM. Therefore, integrating with enterprise tools for alerting and SIM purposes would be greatly appreciated.

I wish to have improved integrations with larger vendor tools, such as alerting systems or SIMs, to enable us to pull and query performance metrics for analysis. As a fairly large organization, we require a tool that can consolidate data from multiple applications into a single location for better visibility and decision-making. Unfortunately, we are currently unable to extract this data into any of our existing systems.

I have been using Radware Cloud WAF Service for two years.

I have only experienced one outage with Radware Cloud WAF Service in the past two years, so I would say that it is very reliable and stable.

The interfaces have significantly improved, but we had numerous queries about their functionalities and how to enable specific capabilities for monitoring purposes. We had to spend a considerable amount of time trying to understand the process, such as what we needed to turn on and how to turn it on, as well as interpreting the log entries. As a result, we had to contact support multiple times, which involved a lot of back and forth. Additionally, during certain periods, our services were targeted by heavy DDoS attacks, and we had to rely on support heavily to mitigate them. There were a few instances where we had to request significant assistance from support.

Positive

Previously, we utilized Azure Application Gateway, which included a built-in WAF capability. However, due to its cumbersome nature and limited capabilities, approximately 10 percent of Radware Cloud WAF Service, we switched to Radware. Azure CloudApp lacked reporting functionality, making it difficult for us to identify attack sources, methods, and user agents.

In comparison to Azure Application Gateway, Radware Cloud WAF Service has the ability to detect all types of attacks. While using Azure, there were a few attacks that utilized a unique combination of user agent strengths which Azure Cloud WAF was unable to detect. Due to limitations in the user registry and signature attack type, it could not comprehend how to prevent these attacks. Therefore, we opted to switch to Radware Cloud WAF Service, which was better suited to meet our security needs.

Setting up Cloud WAF was straightforward, but the bot protection was a bit of a mess initially. When the product was first launched, separate dashboards were provided for both services, giving the impression that they had separate support from the company. However, over the last two years, they have been consolidated into a single dashboard, making deployment and management much easier. Despite the initial difficulty with bot protection, Cloud WAF was ultimately easy to deploy. We required two people for the deployment.

The implementation was completed in-house.

Radware provides same features and coverage as competitors for a significant discount.

We assessed Citrix Web App and Imperva DDoS, and Microsoft urged us to test their latest version of Cloud WAF. However, we declined their offer and instead opted for Radware Cloud WAF Service because it was effortless to implement. We were able to turn it on and have it working on the same day without requiring extensive integration, which was necessary for the other options we considered. We preferred a plug-and-play solution with a minimal learning curve. Radware Cloud WAF Service met these requirements and has been functioning well.

I give Radware Cloud WAF Service a nine out of ten.

We are interested in utilizing the API discovery feature, but since we frequently make changes to our APIs using a DevOps pipeline, our APIs change on a regular basis, almost every two weeks. Our company's current goal is automation, and all changes to the environments must be done through a coded pipeline with variables. Unfortunately, the API discovery feature may slow down our automation capabilities, making it difficult to push changes every two weeks unless the interface is improved. While we would like to take advantage of the API mapping and different attack techniques, we cannot use the feature until it becomes more mature and integrated with our automated pipeline.

We deploy the solution across one location.

The ability to log in and review data and logs is a crucial feature for me when choosing a Cloud WAF. While most services have similar capabilities, the differentiator lies in how well they can parse and present the data. I had trouble with Citrix as it was difficult to obtain and interpret the data to prevent attacks. However, Imperva has an excellent interface for pulling data, which helps us make informed decisions. Radware stood out as the best in both areas, with their dashboard being user-friendly and responsive. The implementation was also straightforward as all the necessary information was readily available. It only took a few hours to set up a new site, making it easy to go live quickly.

Public Cloud

Amazon Web Services (AWS)

The primary use case for Radware Cloud WAF Service is DDoS protection and web application firewalls. My clients use it for these purposes as they want to be protected by a web application firewall against attacks on their websites.

The most valuable features of Radware Cloud WAF Service include its automation and learning capabilities for protection, as well as its superior bot mitigation. The precise negative security on the web application firewall is also noteworthy. Additionally, the onboarding process is smooth, allowing customers the unique ability to use the web application firewall on the cloud.

Radware needs to improve the certificate renewal process for customers who want to be secured with HTTPS. Some other web application firewalls have a mechanism that allows automatic certificate uploads, which Radware could adopt. 

Also, improvements could be made to be more precise on the negative security perspective.

I have been using Radware Cloud WAF Service for about two years.

Radware Cloud WAF Service is very stable, with no experienced downtime on Radware's part. I give it a stability rating of eight out of ten.

Radware Cloud WAF Service is quite scalable, with a rating of eight out of ten.

The technical support for Radware Cloud WAF Service is excellent. They are knowledgeable, speak the technical language, respond quickly, and work collaboratively to overcome challenges. I rate the customer service nine out of ten.

Positive

The initial setup is straightforward, involving adding an A record in the customer's infrastructure and ensuring the right certificate is in place.

Radware Cloud WAF Service pricing falls on the pricier side with a rating of seven out of ten. It may not have helped reduce the total cost of ownership.

I evaluated other solutions like Incapsula, Impreva, and F5 before choosing Radware.

I advise conducting a POC to ensure that Radware Cloud WAF Service meets specific needs in terms of maintenance and understanding. It takes complex tasks, like web application firewall functions, and simplifies them for customer ease. 

I rate the overall solution eight to eight and a half out of ten.

We utilize it as a front end for all external connections to our public-facing websites, allowing us to manage traffic and redirect it accordingly. This enables us to store data in the cloud and other remote locations, while also protecting our internal servers from potential security threats by preventing malicious traffic from reaching them.

The solution is deployed on Azure and AWS cloud.

Cloud WAF appears to effectively block unknown threats and attacks. We had been using the on-prem version for a long time with Radware in our applications, which is why we switched to the cloud version. Overall, it seems to perform its job very well.

The automated analytics are great.

The main benefit that I believe we receive is that if our data is in the cloud and connects back to us, we don't have to worry about any traffic hitting our edge. This seems to be the most advantageous aspect. Additionally, Radware Cloud WAF Service is very effective in stopping any exploits or patterns used in SQL injections for our homebuilt applications that are public-facing. Therefore, based on our experience and needs, it appears that Radware Cloud WAF Service is doing a good job and we haven't encountered any problems.

The solution has been effective in decreasing the number of false positives. Additionally, with the on-prem solution, I was uncertain about how to use it initially. Generally, Cloud WAF is superior because it provides monitoring and assistance with modifications. This is particularly helpful in situations where new code is added to the website and it results in incorrect blocking. However, in the event of a false block, it's straightforward for us to submit a ticket, and the response time for remediation is prompt.

When it comes to deploying and integrating Radware Cloud WAF Service into our app for new purposes, it functions exceptionally well. Its learning mode is particularly impressive, as leaving it in this mode for a while allows it to identify trends and perform auto-tuning, saving us time. While we have not yet integrated any APIs, it works seamlessly when incorporated directly into our applications. Radware Cloud WAF Service learning analytics and autonomous adaptation to the environment are both top-notch.

Radware Cloud WAF Service helped our IT team to free up time, allowing us to concentrate on other projects. As we gradually shift our on-premises systems to the cloud, it has become much less labor-intensive. Instead of spending time trying to figure out a false positive, I simply submit it to them, and they take care of it for us. It's reassuring to have a team managing those policies.

We quickly realized that there were significant deficiencies in some of our applications when using on-premises technology. As we started to migrate data to the cloud and other locations, we recognized that cloud technology was the only option. We understood that it was a crucial tool to have from the very beginning, and we saw its value immediately. Although we are still in the process of migrating data to Cloud WAF from on-premises, it is evident that managing data through Cloud WAF is much simpler. In fact, managing the five applications we have running through it is considerably easier than with on-premises technology. Additionally, the reporting capabilities are better through Cloud WAF, and this is essential for sharing information with our leadership. Overall, we noticed the benefits of Cloud WAF immediately.

DDoS protection is a valuable feature that works efficiently. Currently, we have both DDoS protection and a regular package. Although we are in the process of piloting the bot, we haven't yet implemented it or purchased it. However, it seems that the bot is successfully blocking a significant amount of traffic. This feature could be helpful in the future, but we have only been testing it for a month or so.

The reporting has room for improvement.

We've had some issues with putting certificates in.

We considered using Radware Cloud WAF Service to protect our API gateway with a WAF. However, we encountered issues with licensing since we had to obtain a license for each individual connection, which was not suitable for our API. To deploy one API Gateway, we would need to purchase 30 licenses, which was expensive. Additionally, we experienced difficulties with obtaining support and resolving the issue, which went on for several weeks. Eventually, we decided to explore other options due to the lack of time to address the problem.

The scaling is not cost-effective and has room for improvement.

I have been using the solution for four years.

The solution is stable. We haven't had any major issues in the past four years. There was one incident where our sites were down for around thirty minutes while the team was working on it. Although it was a challenging situation at that time, I cannot recall any other significant problems that caused any major impact or caused our sites to go down for such a duration.

Our deployment is relatively small, but I believe the solution has great scalability potential. All we need to do is purchase extra licenses. However, the API gateways have been causing issues for us.

The level of support provided by the team is inconsistent but generally good. However, we have noticed that the ERT team may take a day or two to respond to low-priority tickets, but they are prompt in responding to high-priority tickets and resolving the issue quickly. One area where we faced challenges was with the new API gateway deployment, as we did not receive the required level of support. Additionally, there were restrictions on using Logstash in Amazon SQS, which limited our logging capabilities, and this could be improved. Although we did face issues with the CERT page and had to reach out to support to obtain intermediate CERTs, it took a long time to resolve the issue, but it has since been resolved.

Neutral

We previously used Radware WAF Service on-prem before switching to the cloud.

The initial setup is simple, but there are some issues with the logging sources and how we import the logs into SIM. This aspect could be improved, but overall everything else went smoothly. We were able to easily configure the search function, assign an IP address to the back end, create the tunnel, and get the system up and running within a matter of days.

The deployment required two people.

The implementation was completed in-house with the vendor support team.

It's difficult to quantify the value of security, but implementing a solution can give us a sense of comfort. Based on my experience, I believe we see a positive return on investment, especially considering the amount of time and manual effort required for on-premises security compared to using a Cloud WAF. Therefore, I'm confident that our investment is paying off.

We are paying $20,000 annually for six licenses that provide basic WAF functionality. However, the cost of API gateways is exorbitant.

To utilize extra WAF bandwidth, an additional fee is applicable, and the same goes for the bot.

We are also evaluating AWS WAF and Pulse vWAF.

I give the solution a seven out of ten.

I am not sure if there is a TCO. We could disable the solution immediately, and the affected websites would function normally. However, in the event of a security breach, exploitation of a site, or unauthorized data access, what would be the potential cost? While it may be difficult to quantify security costs, I do not believe that using Radware Cloud WAF Service has reduced overall expenses because we could operate without it. Nonetheless, in terms of the time invested in on-premises versus cloud WAFs, I would say that it is roughly equal to other WAFs. Ultimately, security is something that we cannot put a price on, and it is a necessary investment regardless of the expenses incurred.

This solution is publicly available, and we have numerous customers throughout the United States and Canada. While it's difficult to provide an exact figure, we typically have around a thousand active connections to the website per minute, adding up to several thousand users across the US.

Refreshing certificates are probably the most important part of maintenance. If new code is deployed and it doesn't integrate well, we need to ensure that our refinements are done correctly or seek support. We often identify these issues while working with our internal team to correct them, and Cloud WAF has helped to identify many of them. When we encounter issues, we contact the team who will confirm the issues. We then retrieve a portion of the code and realize that something was not deployed correctly on the website.

Radware Cloud WAF Service can be integrated with various systems, such as firewalls, endpoints, and clouds. This solution is highly flexible and efficient. Its implementation is straightforward and not complex. No additional service fees are required when working with Radware. As long as there is a skilled networking professional in charge, the integration process should run smoothly.

Public Cloud

Microsoft Azure

We have multiple use cases for Radware Cloud WAF Service. We use it to protect our voice domain, our banking solution, and any other applications that are open to the Internet. We use the same Radware WAF for our applications on AWS.

The effectiveness of Radware Cloud WAF Service in blocking unknown threats and attacks depends on the situation. Usually, when we deploy applications, we have everything planned in advance. In this case, we can simply log in to the portal and configure the WAF. However, if we are dealing with a repeated case or if we need to update a certificate, we can use automation to make the changes. In most cases, we do not need to make any changes to the WAF configuration. For example, if we need to block a specific IP address, we can create a template and apply it to all of our web applications. This allows us to use WAF for both web applications and API code.

Radware Cloud WAF Service's automated analytics for looking at events is good. We actually had something similar before, but this service gives us a better understanding of how we use WAF for different products. For example, DDoS protection is also included. This allows me to analyze which users are coming from which locations, what my status is, and if I have a SQL injection or something similar. There are a lot of features, so I definitely know my application better and can identify any security events that are happening on my web or application.

The end-to-end API protection offered by Radware Cloud WAF Service's API discovery feature is a good tool. However, it can only be effective if we understand the WAF portal concept and know what the tool does. Before we use the tool, we should read its documentation. Radware also has a universal university where we can learn more about how Radware works in a web application. This is helpful because different vendors have different ways of using the same application. I have been part of this learning experience and found it to be very helpful.

API Discovery is easy to use for those who are familiar with WAFs and APIs. However, we need to use a document to configure it, which is not a big deal.

Using Radware CDN services and Cloud WAF together is easy. However, it requires coordination between two different teams. The security team is responsible for CDN, while the development team is responsible for the application. If these teams communicate effectively, it is very easy to use the combined services. Even if the development team does not have experience with CDN, it is not difficult to learn. I have been part of both teams, and I can confirm that using Radware CDN services and Cloud WAF together is easy.

Radware Cloud WAF Service is user-friendly. It provides us with what we need and tells us where to click. Even if we are new to using it, we will not get lost or confused. Once we log in, we can simply click through the steps and understand what is happening. The application is easy to configure and does not require highly technical knowledge.

Radware Cloud WAF Service helped reduce the overhead on one team. In a previous product preview event, only two teams were configuring everything for the project team. However, now even the user developer can develop applications. They develop the application, put their endpoint, and go to Radware to create everything. The system management and network teams are no longer involved. This reduced the dependency on a team by 70 percent. Additionally, any individual team can now configure and use the service.

Radware Cloud WAF Service helped reduce our TCO by ten percent.

We noticed the time to value within two months of using Radware Cloud WAF Service.

Radware Cloud WAF Service is user-friendly and easy to deploy. All we need is our domain name, and we can easily configure it. I migrated from old products to new products using Radware Cloud WAF Service. Migration can be a complex process, but Radware makes it easy by providing a step-by-step guide. We can migrate one application at a time, or we can migrate multiple applications at once. Radware also provides an API that we can use to automate the migration process.

Radware Cloud WAF Service should provide SSL certificates for its hosting customers. Currently, customers must purchase an external certificate and upload it to their hardware. This is a major inconvenience, and I would like to see Radware offer a certificate solution.

The technical support has room for improvement.

I have been using Radware Cloud WAF Service for six months.

Radware Cloud WAF Service is stable.

Radware Cloud WAF Service is scalable. We have multiple teams but we are all on one cloud. We have approximately 50 people using Radware Cloud WAF Service.

Overall, the technical support team resolves our issues, but they take some time to understand the issues.

Neutral

We previously used Imperva Web Application Firewall, but it was too expensive. We switched to the Radware Cloud WAF Service, which is more affordable.

We did not use the automation with Imperva in the same way that we do with Radware Cloud.

The initial setup was straightforward. The deployment took one month because we wanted Radware to learn about our footprint. We started blocking after a month, once they developed an algorithm to understand how the application works and what the major use cases are. Initially, we were not in a blocking mode. We were just configuring everything and learning more about the application. We initially required six people because we were building the policies.

The implementation was completed in-house.

We are still in the early stages of using Radware Cloud WAF Service, but we have already seen a 10 percent return on investment due to a reduction in team dependency.

For the current market, the price for Radware Cloud WAF Service is exactly where we want it to be.

We are using two services, WAF and CDN, and we have a three-year contract for these services.

I give Radware Cloud WAF Service an eight out of ten.

I recommend conducting a proof of concept before purchasing Radware Cloud WAF Service.

Public Cloud