Name: Radware Cloud WAF Service
Brand: Radware
Rating: 4.4 (60 reviews)

Wilmer Beltran

Engineer at a transportation company with 51-200 employees

May 1, 2023

Download

Features geo-blocking, protection against unknown threats, automated analytics, and excellent support

Pros and Cons

"Geo-blocking is one of the most valuable features we use the most; most of our users are in North, Central, and South America, so we use geo-blocking to block access from other countries."

"We receive many reports from our security team of IPs flagged by our security tools, such as Palo Alto. I cannot add the file containing the IPs to get them blocked; instead, I have to contact Radware support and open a ticket for them to do it. I need to be able to block flagged IPs myself, as it currently takes more time to open a ticket, contact the support team, and wait four to six hours for a response. I want to be able to upload a file with 2,000-3,000 IPs in the console and then apply and save the configuration."

What is our primary use case?

Our company infrastructure is supported in AWS, and we use Cloud WAF to protect most of our applications, including mobile apps, our main website, and other business-related apps.

We have many applications in the AWS cloud, including API gateways and balancers, so the backend is made up of all our apps and network load balancer. We use the solution as a frontend protection tool, and the integration is simple, uncomplicated, and works fine.

How has it helped my organization?

The most significant benefit of using Cloud WAF is the robust protection it provides, particularly against Layer 7 attacks. We've been protected against attacks on our website, and in the case of one DDoS attack, Radware supported us in detecting the attack behavior and blocking the threat. The block took five to ten minutes, we configured the solution to account for the specific behavior of the attack, and we re-established our website.

The product significantly reduced our false positives, as we previously had many. We had more false positives just after the implementation, but following some reconfiguration and changing some features with the help of Radware's implementation team, the tool works fine. We only have a few false positives; we've seen a reduction of around 80%.

Cloud WAF helps to free up our IT staff for other projects and saves us significant time. I manage the solution and log into the console around once a week; it takes very little time to configure. The tool doesn't require continuous supervision, just infrequent configuration changes, five times a month.

What is most valuable?

Geo-blocking is one of the most valuable features we use the most; most of our users are in North, Central, and South America, so we use geo-blocking to block access from other countries.

In our experience, Cloud WAF effectively prevents unknown threats and attacks. We have received reports of attacks in the past, but the product successfully blocked them. In a few instances, we contacted Radware support for assistance in blocking specific attacks. Despite experiencing around three incidents over the past four years, we are satisfied with the solution's performance and have not encountered any further issues.

The solution's automated analytics for looking at events works great, as it has a model that can analyze the traffic and respond to an attack. We can also configure the tool to block or allow specific traffic based on the analytics.

What needs improvement?

We receive many reports from our security team of IPs flagged by our security tools, such as Palo Alto. I cannot add the file containing the IPs to get them blocked; instead, I have to contact Radware support and open a ticket for them to do it. I need to be able to block flagged IPs myself, as it currently takes more time to open a ticket, contact the support team, and wait four to six hours for a response. I want to be able to upload a file with 2,000-3,000 IPs in the console and then apply and save the configuration.

Buyer's Guide

Radware Cloud WAF Service

March 2026

Free Report: Radware Cloud WAF Service Reviews and More

Learn what your peers think about Radware Cloud WAF Service. Get advice and tips from experienced pros sharing their opinions. Updated: March 2026.

DOWNLOAD NOW

886,426 professionals have used our research since 2012.

For how long have I used the solution?

We've been using the solution for four to five years.

What do I think about the stability of the solution?

The solution is highly stable; we never had a direct issue with the tool in four years, so it's very solid.

What do I think about the scalability of the solution?

The solution is highly scalable; we can apply multiple servers and add applications to Radware almost immediately.

How are customer service and support?

We have contacted support on multiple occasions, and they are excellent, though it depends upon the case. If we have a P1 issue, we can contact support by calling them directly, which takes up to 15 minutes. For non-critical regular tickets, these can take between four and six hours, which is good. If we have multiple issues, we can enter a Zoom call with support, and they will help us to block malicious traffic, for example. I rate them nine out of ten.

How was the initial setup?

The initial setup was very straightforward, and we implemented with a team of three or four staff. The product doesn't require any maintenance on our side; we sometimes receive emails informing us Radware will carry out maintenance, but it never affects the company.

What's my experience with pricing, setup cost, and licensing?

We are based in El Salvador and don't have a direct license with Radware; we purchase the license through resellers. The pricing is reasonable, as I managed an Akamai product in a previous position, and Cloud WAF is competitively priced.

What other advice do I have?

I rate the solution nine out of ten.

Radware is very valuable to our business, the deployment is simple, and it only took a couple of weeks to see that value.

My advice to others considering the solution is that it's a good tool. Regarding security, it's an excellent and feature-rich product that can protect your website, is easy to configure, and has strong support. The Radware technical support staff are very experienced and knowledgeable about their product. We can also generate periodic reports, and Cloud WAF is a great solution that will help improve your work.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)

Yolanda Estrada

Consultor with 501-1,000 employees

Apr 24, 2023

Download

Simple to use and reduces risks of attack and information leakage

Pros and Cons

"The API Discovery is also very good because the application is outsourced, which means that we don't have the code. API Discovery allowed me to discover precisely how to orchestrate the API so that I could see the results."

"They have a portal for webinar training but because we are in a Spanish-speaking country, it is difficult for us to watch them. Not all of us are fluent in English, but most of the courses and webinars are in English. That part could be improved..."

What is our primary use case?

We have been using this solution for a number of use cases. For example, we use it for SQL inspection, cross-site scripting. We also have load sharing and we create our own custom rules for our situation, based on our business. For instance, products, articles, and other parameters that we manage in our applications are packaged in Radware.

We also tested the Bot Manager for a month and it seemed quite useful, but due to a matter of project priorities, we could not implement it.

How has it helped my organization?

Radware Cloud WAF visibly improves our security posture and reduces the risks of an attack. It also helps us a lot in avoiding information leakage. These advantages are particularly true for us because the applications that we have protected are outsourced developments, they are not in-house. Radware helps us guarantee a level of security for our infrastructure such as our databases.

The API Discovery is also very good because the application is outsourced, which means that we don't have the code. API Discovery allowed me to discover precisely how to orchestrate the API so that I could see the results. Based on them, we were able to raise new cases. It's nice not to have that limitation. We are using API Discovery on a trial basis for one month, but I believe that if we enable it next year we will see a decrease in traffic and consumption.

In addition, it has helped reduce false positives by 30 percent. In the second year, the change hasn't been very noticeable because the cases that we started with in the previous year have already been configured and saved. In other words, we are increasing the system's capacity, fixing the rules, but we are not erasing the previous ones.

It has also helped free up the IT team because several risk points are automatically covered. For example, we have a SIEM to which we send the Radware logs and the integration with the SIEM, as well as sending these logs, was simple, a matter of five minutes. The logs that Radware sends are complete and we can create use cases based on our needs. I estimate it has saved 50 percent of my time.

What is most valuable?

Among the most valuable features is the ease of managing the platform. It is user-friendly.

The platform has also worked quite well when it comes to blocking unknown threats and attacks. A great example over the last year was a new threat that our system perceived. Radware responded very well for the use cases that we created, as well as to the SQL injection-type of threat. When we received Cloud WAF we enabled the automated rules. That's good because basic rules are already built-in and can't be modified, so if an analyst doesn't have abundant knowledge or experience and couldn't manage such a threat, he would find a lot of help from Cloud WAF itself. The platform has a great security system and is well-managed.

The automated analytics for looking at events are also good. The support that we can generate every week is also good. And the API Discovery feature is extremely easy to use. You simply click on it to activate it.

We also use the CDN services offered by Radware and it hasn't really been complicated because it's quite user-friendly and, when I've had any questions, support has always been there to help me resolve them immediately.

I rate it well for integrating with other systems and applications and I would recommend it to other companies. We have integrated it with various solutions. We have AWS and private clouds as well, so the DNS redirection was obviously more on our side. But setting up and provisioning Radware itself is extremely simple. It didn't take us more than 10 minutes, and even less to load certificates. It's extremely easy. Other solutions take longer.

What needs improvement?

They have a portal for webinar training but because we are in a Spanish-speaking country, it is difficult for us to watch them. Not all of us are fluent in English, but most of the courses and webinars are in English. That part could be improved, with more options for people for whom English is not their native language.

For how long have I used the solution?

I have been using Radware Cloud WAF Service for two years.

What do I think about the stability of the solution?

It is very stable. We have not had a cut or suffered from unavailability of the service.

What do I think about the scalability of the solution?

The scalability of the solution is also good. It has allowed us to build sites in different clouds and to integrate with other security tools.

How are customer service and support?

One aspect that has drawn my attention the most is the support. It is very successful and the response to something I want to modify is very fast. They are excellent.

For example, if a rule has been blocked or I need to delete an expired certificate and, for some reason, it has prevented me from doing so, the customer service response has always been fast and assertive.

Which solution did I use previously and why did I switch?

The solution we had before was from Trustware. We changed to Radware because of its cost and because the support for our old solution was not optimal in response time. Also, the configuration wasn't as flexible. Setting up the rules took a long time.

How was the initial setup?

The initial setup was super simple, uploading the certificates was super fast, and redirecting to the DNSs was extremely simple. It was a matter of five or 10 minutes. Entering the blocking stage only took a few seconds.

We started with a platform that had fewer clients and did so at times with fewer transactions. We then did functionality testing before provisioning. After that, we entered a learning stage of 10 to 15 days so that Radware could learn the patterns that are handled in the applications, such as input and output parameters. Once those parameters were validated with the development area, the next thing was the blocking.

For the technical administration, we have four users who manage it, but I am the main manager. There isn't any maintenance. There are updates made by Radware, but for us, it has been practically transparent. The one thing we do is refine the rules due to new attacks and malicious threats.

What about the implementation team?

We did it with the supplier. There were two people involved: me, representing our company, and a Radware consultant who was running the project.

What was our ROI?

Obviously, the ROI is the security it provides. It keeps our services available and complete. And a good reputation for our brand is much more than a return on investment.

I do not see it from the point of view of reducing our TCO, since it is a service that has to be available 24/7 in our retail services. This guarantees that customers will be able to carry out their purchases at any time of the day.

There was no delay in time to value, from before provisioning to after.

What's my experience with pricing, setup cost, and licensing?

The pricing has been quite manageable for our line of business. The license letter was done once and we no longer have to reload the annual renewal. That has been handled quite well during these two years.

Which other solutions did I evaluate?

I have worked previously with other solutions. I started working with Radware two years ago and I really like this solution because it is very user-friendly. Another advantage is that there is one portal/dashboard. I don't need two portals to manage the Bot Manager and other aspects. I can view, configure, and do everything through just one, which makes administration easier.

We evaluated other options and, if I remember correctly, one of them was Fortinet, but they didn't seem as effective as Radware. But the price was the biggest difference. Radware had the best price for our type of network and level of scaling.

What other advice do I have?

When we tried the Bot Manager in one of our applications it did not have an effect because its work style didn't fit the application. But in the second application, it did work and it has been striking. It was useful for us to create new blocking rules in certain cases that we had not mapped from the time the project was launched.

My advice is to try the API. It's actually very simple and it helps a lot when identifying new risks that can be mapped with various rules.

The most important thing is the response time. It also benefits the tools a lot because slower solutions mean several minutes of service unavailability.

In the two years since we started using Radware, it has responded very well and we have not had any incidents of code indexing or denial of service. We have not had a single incident that has compromised our service availability, which is pretty good.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.

Buyer's Guide

Radware Cloud WAF Service

March 2026

Free Report: Radware Cloud WAF Service Reviews and More

Learn what your peers think about Radware Cloud WAF Service. Get advice and tips from experienced pros sharing their opinions. Updated: March 2026.

DOWNLOAD NOW

886,426 professionals have used our research since 2012.

Werner Lunow

CISO at a financial services firm with 1,001-5,000 employees

Mar 2, 2026

Download

The interface is easy to use, and the solution protects us from OWASP Top Ten threats

Pros and Cons

"Cloud WAF's interface is easy to use and protects us from OWASP Top Ten threats. Our dev team do QA checks on applications before they go live, but Cloud WAF creates an additional security layer on our website."

"They've changed their process for call logging. I suppose it's fine, but I used to be able to send emails in. They could also build up more local resiliency here in South Africa. They're working on that, so it isn't much of an issue now."

What is our primary use case?

We have several web applications in various environments. Some are hosted on-prem or Azure and others are hosted at different locations or by business partners. Cloud WAF provides centralized control over the security of those web applications.

How has it helped my organization?

Cloud WAF protects us against all DDoS attacks, improving our resiliency and security. It has multiple security feature sets we use, such as OWASP Top Ten Protection. Radware lets us switch assets quite quickly. It fronts web applications, so we can redirect the traffic to a different page if the backend web application goes down. For instance, if we have an outage in our web form, we can redirect that from the Radware side to an Azure website instead of giving the user a "Page cannot be displayed."

Cloud WAF gives us greater visibility. We sometimes get calls from clients who say they're getting an error. We can use Cloud WAF to discover the error generated and troubleshoot any bad behavior. Radware flagged some attacks from China where an attacker attempted to capture traffic. If you go look at the raw code coming in, you can see some suspicious characters being injected into legitimate traffic.

I can't say if our false positives decreased because we previously had no WAF protection. Information was stored in the IPS signatures or IAS logs, but we weren't ingesting those to look for anything interesting. Cloud WAF has given us more visibility than we had before.

Our only integration is pulling the telemetry out into our scene. We use the API to pull the data in. The only other integration piece, if you want to call it that, is using the generic error that they present to a client to troubleshoot client experience problems. We don't integrate much aside from those two.

I can't say that we saved time because we weren't using anything before Radware, but we don't spend much time configuring the solution. They're doing a lot of analytics in the background. We followed a process before we onboarded Radware where we put the solution in Learning Mode to see if there was anything interesting or any default conflict changes we needed to make. We mostly left it alone after that.

It would likely take us around 15 to 20 percent more time to support the infrastructure ourselves. We would need a human to install updates and patches, but Radware manages all of that.

What is most valuable?

DDoS protection was the critical feature we wanted when we decided to go with Radware. The company faced many DDoS attacks at the time, and we didn't have a solution. It's not the only reason we chose Cloud WAF. We do use it for other use cases.

Cloud WAF's interface is easy to use and protects us from OWASP Top Ten threats. Our dev team do QA checks on applications before they go live, but Cloud WAF creates an additional security layer on our website.

The solution protects against multiple threat types. We see SQL injection attacks and DDoS probes constantly. Attackers attempt multiple queries and enumeration attacks against our applications. We previously had a basic firewall with an IPS feature set, but it wasn't providing the same level of protection we get from the WAF.

CloudWAF matches things automatically and identifies any threats. It seems to be doing its job. We sometimes have strange code-related behavior. When our developers write some poorly written code, it generates events in Cloud WAF. It's generally effective at detecting. We had an issue with a misconfigured rule where it blocked legitimate traffic. Overall, we haven't had many issues with it in the last three years. We leave it alone.

For how long have I used the solution?

We have used Cloud WAF for about three years.

What do I think about the stability of the solution?

Cloud WAF is a highly stable product. We have only had two outages in four years. One was an update that they pushed out, and the other was a problem with the DDoS mitigation.

What do I think about the scalability of the solution?

We only have about 15 websites, but Radware can scale because it's a cloud service. We've probably seen around 100,000 to 200,000 simultaneous users, and we're pushing more and more people through to it. Our clients vary in size, but the bulk of our business consists of small and medium-sized retailers.

How are customer service and support?

I rate Radware support an eight out of ten. I recommend buying the extended support, which we didn't purchase when we first signed up. We see a noticeable benefit from extended support in terms of response times.

How would you rate customer service and support?

Positive

How was the initial setup?

Setting up Cloud WAF was straightforward, and Radware helped us when needed. Deploying everything took around a week, but we're a risk-averse company. We took our time before sending all the traffic through. We started with a few low-hanging fruit websites because we didn't know the tech, so it took us two months. The business stakeholders said we needed to test it with the less-critical websites for two months to ensure we had no issues. After that, we onboarded the main website.

My team deployed it. Cloud WAF is a hosted environment in two POPs in South Africa, and we buy the service. The service flows from there through to websites that sit on-premises or in other locations. After deployment, we don't need to do much on there. We only need to investigate events if we see something. Maintenance includes adding and removing users from the console due to company turnover. We also change certificates when they expire.

What was our ROI?

Calculating the return on investment is hard, but we've reduced our risks. When we implemented Radware, South Africa was facing a wave of DDoS attacks that primarily targeted financial services, but we weren't concerned because we had DDoS protection.

We don't need a dedicated person to manage it. It's a hands-off service that alerts us if they pick up something. They do lots of additional monitoring for us, like if there is trouble on the back end and any of our sites go down. That frees us up a lot.

Our company started with nothing, so we realized instant value from the service. It starts providing protection immediately, and the assets that Cloud WAF protects need 100 percent uptime. We lose money if our sites go down because clients can't complete transactions.

What's my experience with pricing, setup cost, and licensing?

I think Cloud WAF is fairly priced, but the pricing model is a bit weird. It's modular. You buy Radware WAF, but DDoS and bot protection are bolt-on features. I would prefer to buy it as one complete package because bundles are usually cheaper than three standalone products.

Which other solutions did I evaluate?

We also looked at Cloudflare. Radware stood out because we are in South Africa, and the rest of the world is far away. The latency is too high if we host anything in Europe, so we needed something based in our country.

Otherwise, we would need our own infrastructure. We would have to buy three devices and support that. Radware was the only vendor with a presence in our country, which made the decision easy.

What other advice do I have?

I rate Radware Cloud WAF Service a nine out of ten. We're pleased with the solution. If you plan to implement Cloud WAF, my advice for Radware and any cloud service is to know your SLA. Radware offers many extra services in its SLA on top of standard services. The SLA is an insurance policy if you need to call someone to check on things. Radware support has been incredibly responsive. Their monitoring team has gone above and beyond. They notify us when our websites fail, but they don't need to.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other

Last updated: Mar 2, 2026

Sharon-LevinCustomer Marketing Manager at a tech vendor with 1,001-5,000 employees

Report as inappropriate

Jul 19, 2023

Hi, As to the comment regarding the pricing model - in 2023 our Cloud Application Protection services pricing model has been changed and simplified.

We now offer only three plans to choose from: Standard, Advanced, and Complete

Each plan is designed to cater to different cybersecurity needs and risk exposure, as well as different levels of managed services.

Please feel free to contact us to learn more

ARMANDO CARRETO CASTRO

Monitoring specialist at SCitum

Jun 10, 2024

Download

It's a highly efficient solution for dealing with web shell attacks

Pros and Cons

"The best feature is the SQL injection signatures, and another is the DDoS protection. Radware is more efficient than other solutions."

"Radware's bot manager can be improved because it's very complicated to implement for apps. Radware could also add alerts by WhatsApp or Telegram. It only sends notifications via email or SMS."

What is our primary use case?

We provide our clients with Cloud WAF Service, which enables us to detect and report web shell attacks against their servers.

How has it helped my organization?

The main benefit is that all traffic is shifted by the cloud service, which exists outside the customer's infrastructure. It's highly efficient. Many customers have problems inside the infrastructure that must be efficiently detected. With Cloud WAF we can notify our client when an attack is outside and detect when a web shell script is already running on the server. This information helps the client understand what's happening with the web shell.

We've reduced many false positives using Cloud WAF Service. The learning period is helpful. Radware sends a policy with a lot of information that helps the customer observe and design their policies to eliminate false positives.

Cloud WAF saves us a lot of time because we face many strong attacks. It helps us modify the back end and implement some policies to prevent more attacks.

What is most valuable?

The best feature is the SQL injection signatures, and another is the DDoS protection. Radware is more efficient than other solutions. It handles unknown threats very well. We face many bad requests with malware that are expensive to remedy. Radware's service center in the cloud helps a lot.

What needs improvement?

Radware's bot manager can be improved because it's very complicated to implement for apps. Radware could also add alerts by WhatsApp or Telegram. It only sends notifications via email or SMS.

What do I think about the stability of the solution?

We have had issues with Cloud WAF one or two times, but the service works fine most of the time.

What do I think about the scalability of the solution?

Cloud WAF scales very well.

How are customer service and support?

I rate Radware support nine out of 10. They have a simple platform for opening tickets, and they respond quickly.

How was the initial setup?

Our previous solution was hard to install, but Cloud WAF is straightforward because it's cloud-based. You add the certificate for the business and point it to the IP. Deployment is very fast. It takes 30 minutes to an hour. Cloud WAF requires some maintenance when a customer changes their website or programs. We need to adjust the policies.

What other advice do I have?

I rate Radware Cloud WAF Service eight out of 10. It is the best solution for stopping DDoS attacks.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner

Leonardo Gonzales

Jefe de Infraestructura y Seguridad at a comms service provider with 51-200 employees

May 12, 2023

Download

Detects and blocks threat behavior patterns, giving us automatic protection

Pros and Cons

"One of the most valuable features we have found in the solution is protection against attacks from botnet networks and the requests that these remote networks can generate that are blocked from our servers. That frees us from having to deal with that traffic."

"If we want to publish services to a limited number of providers and we only want those providers to connect, we need to forward those requests to the Radware support team and they apply them, but it takes some time."

What is our primary use case?

We use Radware to protect our applications and the portals that we share with our clients and business partners.

How has it helped my organization?

Among the improvements to our organization is that we are calmer regarding the use of the applications that we publish. Radware gives us a level of confidence that assures us that, if there is an attack, we have a tool that will protect us and that will block suspicious behavior.

Cloud WAF Service has also helped us reduce false positives. I don't have the exact data on how much they have decreased, but once we enter the portal we can see network connections that have an unknown IP and we can scan and block applications automatically from countries in which we do not have clients.

It has also helped save time for our IT team. We don't dedicate so much time to the threats, but we directly review the reports. We have saved about 30 percent in time invested.

What is most valuable?

One of the most valuable features we have found in the solution is protection against attacks from botnet networks and the requests that these remote networks can generate that are blocked from our servers. That frees us from having to deal with that traffic.

Cloud WAF Service has also been useful for us in terms of blocking threats because it automatically detects them, detects behavior patterns that have a threat pattern, and directly blocks them. Without making any changes or decisions, we automatically have protection.

Also, regarding the classification of events, the solution does productive work in detecting the logs where there could be threats to our applications, and that is quite useful.

What needs improvement?

We have had difficulties with the configuration of rules when it comes to allowing connections and having a list of IPs that are authorized to use a specific service. We have not been able to make a whitelist work.

For example, if we want to publish services to a limited number of providers and we only want those providers to connect, we need to forward those requests to the Radware support team and they apply them, but it takes some time. It seems to me that this long process would be faster if the configuration could exist directly in the portal. That would make things easier.

For how long have I used the solution?

We are in our third year of use of Radware Cloud WAF Service.

What do I think about the stability of the solution?

We have only had one network outage which happened a while ago. Fortunately, it was short and we were quickly back in business.

What do I think about the scalability of the solution?

We have plans to increase the use of Radware in our enterprise. There are a couple of applications that are going to be added.

How are customer service and support?

The technical support is very good.

Which solution did I use previously and why did I switch?

We did not have a previous solution. It was a fairly quick decision to go with Radware. It was chosen because Cisco offered a package of security solutions in which Radware was included.

How was the initial setup?

The initial setup was pretty easy. An engineer from Radware helped us. We scheduled a meeting, discussed the changes that we had to make internally at the DNS level, and that's it. The engineer who helped us was assigned by Radware and we had a pretty good experience with him. On our side it required two people, our system administrator and security analyst.

The programming process and our first use of the solution were quite successful. It was deployed with a set of default rules and policies in a short amount of time, and these gave a certain level of protection for our applications. When we started using it, we understood its features and potential.

In terms of maintenance, there are changes and revisions that need to be made from time to time, mainly to check for false positives. Generally, only one person participates in that process.

What was our ROI?

We have seen return on investment through the level of reliability of the application and the optimal stability that it gives to our users.

In terms of TCO, it has not been an expense. More than anything, it has been a beneficial service that has reduced TCO by approximately 70 percent.

What other advice do I have?

Radware Cloud WAF Service is a good option. It is a good tool that will definitely give you the protection you are looking for.

The most important lesson that Radware has taught me is that, as a service, it can relieve you of many application security tasks.

Stefan Spasic

Cyber Security Expert at NLB DigIT

Mar 26, 2023

Download

Has advanced rules that can be useful for reconfiguring complex applications

Pros and Cons

"Radware Cloud WAF Service has several valuable features, with good support and a user-friendly GUI."

"The connection between the front and back ends could be improved."

What is our primary use case?

We use the solution to protect our environment against attacks.

How has it helped my organization?

I am satisfied with its ability to block unknown threats and attacks.

The Radware Cloud WAF Service is beneficial to our organization because it allows us to unify protection across cloud-based locations and have centralized control over it. Additionally, implementation of the solution is relatively straightforward if the web application is not overly complex.

I think we still need to analyze exactly how much the solution has helped reduce false positives. However, the estimate doesn't have as many false positives. The solution provides accurate signatures for most of the operating systems, and protections. I believe it is quite effective in reducing false positives as we can filter, we have detailed security reviews with the policy security reviews from the previous year and prior day implementation with the experts from Radware. The policies that are set are quite good and there are not as many false positives. We have seen around a 20 percent reduction in the number of false positives.

When the solution works flawlessly it frees up around ten percent of our IT people's time to work on other areas.

Compared to other solutions, the protection against the tax provided by Radware Cloud WAF Service is the same except we now have fewer false positives.

What is most valuable?

Radware Cloud WAF Service has several valuable features, with good support and a user-friendly GUI. There are some advanced rules that can be useful for reconfiguring complex applications, though not always. Advanced tools are also available.

The automated analytics of the solution is beneficial for examining events. We can traverse security events, extract the necessary information, and search for specific ones.

If the applications are not too complex, integrating the solution with other systems and applications in our environment is easy. However, if they have custom services ports and other components beyond the HCT protocols, then we may have a problem.

What needs improvement?

The connection between the front and back ends could be improved. The connection is not always accurate, and there are occasional bugs. Radware should consider introducing more advanced tools than the larger ones, as well as providing use cases within the documentation for more advanced rules such as client certificate authentication.

For how long have I used the solution?

I have been using the solution for seven months.

What do I think about the stability of the solution?

The solution is stable.

How are customer service and support?

The technical support is responsive.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We previously used on-prem solutions and switched to Radware Cloud WAF Service because of the cloud capabilities.

How was the initial setup?

The initial setup is straightforward as long as the applications do not have any custom ports and more services or applications are relatively basic and exposed on the outside without additional services.

A full deployment with security policies and complete implementation requires around three weeks.

I am the one who can operate everything on the cloud, but we need to obtain signatures from a number of people in order to change the IP addresses. The deployment requires one person from the IT security team and five or more people from the business side.

What was our ROI?

The return on investment is satisfactory and has stabilized at this point.

What's my experience with pricing, setup cost, and licensing?

The price is a bulk average.

What other advice do I have?

I give the solution an eight out of ten.

The solution's time to value is average. Sometimes bugs arise and take longer than expected, and sometimes everything goes smoothly. I would say the ratio is 50/50. When everything goes smoothly with the integration the value is seen immediately.

The solution has been deployed across multiple locations in six different countries.

It has required some maintenance a few times but not much.

We have 30 people using the solution.

I would recommend the solution; however, it is always beneficial to have a proof of concept first. You should go through the demo to ensure the solution fits their environment.

Which deployment model are you using for this solution?

Public Cloud

Eddy Ramirez

IT Security Director at a financial services firm with 1,001-5,000 employees

Mar 2, 2023

Download

Helps protect against low and slow DDoS attacks and enabled us to reduce our security headcount

Pros and Cons

"The isolation feature is the most important one because everything is going directly to Radware first and then it goes into our system. What we get is the filtered version of everything that would otherwise come directly to us."

"The implementation was hit or miss for the first few months. They did some tweaking and, since then, there have been no problems."

What is our primary use case?

Our company does collections of debt and we have a number of public websites. We usually send emails or snail mail to the clients and they reach us through any of our three of our main sites. Because those sites are exposed to the internet, we use the web application firewall from Radware to protect them. It protects us from attacks like denial service, SQL injections, et cetera. It is an application-oriented firewall for everything that is exposed over the internet.

How has it helped my organization?

On the InfoSec side, it helps us to know who is trying to access our site but is not legitimate. The protection against low and slow DDoS attacks is helpful because they are another way that malicious actors try to get into our system.

Also, with Radware Cloud WAF, we have reduced our security headcount. Before we had it, we had to have at least one person going over all the elements of our firewall and fine-tune it against whatever attacks and elements were there. Now, that position is no longer needed because we can receive reports. We went from having almost daily conversations about elements that we were seeing in our firewall, to just presenting monthly reports of what we were protected against to senior management. We go in through Radware to the dashboard and get the information.

They do have an API for getting reports and we are in the middle of trying to get those reports automated. But, for the time being, everything is on the really nice and well-organized dashboard that we use for those executive reports. By the end of the month, we will actually have executive reports that go to our senior level.

Also, if Radware finds some sort of a legitimate attack, they actually call us, like a SOC would, and report it to us.

Another benefit is that it has reduced our false positives. Usually, we would have five to eight in a week. We're down to almost one a month. That's impressive. We were doing reactive fine-tuning, whereas this is more of an AI and machine-learning implementation, which is way better. Each of those false positives we used to have required between 10 minutes and almost an hour from us. In the worst-case scenario, we were putting in one hour daily on false positives, or 20 hours monthly.

What is most valuable?

The isolation feature is the most important one because everything is going directly to Radware first and then it goes into our system. What we get is the filtered version of everything that would otherwise come directly to us.

For blocking unknown threats and attacks, it uses machine learning. It actually learns what is normal traffic from clients. Once we got the solution, they asked us to open all requests to do some type of machine learning to understand what normal traffic is. With other elements that Radware has in its arsenal, it can differentiate between normal, human traffic and bots or even DDoS attacks.

And we haven't had any false positives so far from the solution's automated analytics. On top of that, it's a very good tool because we can actually see the locations that traffic is coming from, and we can prohibit it from very specific areas of the world. One thing we have learned is how to optimize some of our code to make the application faster. The solution can react to attacks from different parts of the world and block them from entering our servers.

We also use the API Discovery feature and the analysis of the contents of the API is very good. Because we are PCI-certified, we usually use external penetration tests and obfuscation of malicious code through API, and what is discovered by Radware, and blocked, is very impressive. It won't allow any callbacks unless they are from our IP. It also offers VPN connectivity that we are testing, to provide end-to-end protection. What it comes down to is that no one reaches out to our server that is publicly exposed; that exposure is only to Radware. We like that.

It's easy to use the API Discovery, but you must know what you're doing. You just enable it but there are some elements that you need to provide to Radware. The only downside there is the learning process on the Radware side. You need to run it without any filters so it can actually see what normal traffic is and then it can apply the protection.

In terms of integrating Radware Cloud WAF Service with the other systems and applications, everything is API-connected so it was really easy. There is a testing period and, in one case, it took us 90 days, but in another, it was only two weeks. But it integrates really well with our systems.

What needs improvement?

There is a learning curve for the API for reporting. It is not as easy as other APIs.

Also, the implementation was hit or miss for the first few months. They did some tweaking and, since then, there have been no problems.

Another issue is that they don't go back into information beyond 90 days. We have to pull the information so we can have, let's say, a year of threats, attacks, and data to help us make decisions about providing more or fewer resources, depending on the year-long data.

For how long have I used the solution?

I have been using Radware Cloud WAF Service since 2019.

What do I think about the stability of the solution?

The stability is good. There was one instance of downtime but it was basically our systems.

What do I think about the scalability of the solution?

We haven't needed to scale, for the moment. But I know on their side that they have a huge number of denial-of-service attacks and we haven't had any feedback from our clients about not being able to reach our website. So the solution is working. I don't know how they scale it because, with a DDoS attack, if you don't know how to treat it, you will need to scale it so you can actually allow safe users into your system.

Our number of users is more than 5,000 with two locations. The number of people involved in the Cloud WAF project, on our team plus the networking team, is about 10.

How are customer service and support?

Tech support is ticket-based. We have a 24-hour SLA that they have committed to, but we are more into having communication directly with them. Even though they have the ticket system and ask us to create tickets, we usually reach out to our contacts and try to expedite support requests.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We were using Cisco Firepower as our main firewall, but that is not a web application firewall. We switched to Radware Cloud WAF because we evaluate our InfoSec roadmap every year. Based on the capabilities that Radware offered, and on recommendations from each year's pen test, and because we are trying to evolve our security to make it more mature, it was the decision that we took. It was a good one.

How was the initial setup?

The deployment is hybrid. There are elements that go to AWS and elements that go to our co-location services in Jacksonville. Eventually, everything is going to be exclusively cloud-based.

We are currently migrating everything to AWS. Setting things up, at that moment in time, was kind of hectic, but that was more because of our side. What Radware asked us to do was to redirect everything into our DNS, so it was fairly in terms of what their side needed. It was more an issue of understanding how we could tweak the solution on our side. With the planning included, it took less than a month.

In terms of maintenance, it mostly just works. But from time to time, based on the changes that we make to our web application code, we need to tweak some of the settings of the web application firewall.

What about the implementation team?

Everything was in-house and we had four people involved.

What was our ROI?

Imagine those 20 hours we used to spend on false positives multiplied by the employees' salaries and you have an ROI. I can't tell you if the ROI takes less than a year or two years, but this solution is one of our main layers of defense and it is a requirement for everything we do.

What's my experience with pricing, setup cost, and licensing?

The pricing is fair. We compared Radware to others using industry reviews and Radware is at the top right now.

Which other solutions did I evaluate?

Radware Cloud WAF is way better than what we had. It's more self-sufficient. When we used the regular firewall, we were the ones trying to build up the different signatures and create some sort of access control list based on location. And there was no API filtering. It is a night and day change.

What other advice do I have?

My main advice would be to include the development team, because the adoption of really good API-based protection is going to happen by having really good communication with your development team. They actually consume some of the rules that we use to create those APIs, and they pass that to their machine-learning processes. That's what is going to customize the web application firewall for your environment.

Joaquim Colome

IT Unit Chief at ATM - AUTORITAT DEL TRANSPORT METROPOLITA

Feb 21, 2023

Download

A reliable, lightweight, and secure solution with excellent technical support

Pros and Cons

"The solution requires very little maintenance; we install it, it works without any problems, is reliable, and we can almost forget about it."

"The primary area for improvement is in issue detection and understanding whether a log is a false positive. It can sometimes be a challenge to take the data of a given security event and determine if it's a genuine threat using a Wiki etc."

What is our primary use case?

We use the solution to protect our main public application for transportation tickets. We have the product in the cloud set up before our infrastructure, so there is no need to integrate it as if it were an appliance etc.

How has it helped my organization?

Most importantly, the solution put our security team at ease. We previously had some other infrastructure to protect our servers, but having Radware in the cloud gives us confidence.

The tool helped free up our IT team for other projects and saved us significant time. It eased our workload, allowing us to work in other areas. Overall, the time savings are in the region of 10-15%.

Cloud WAF helped to reduce our false positives; we initially had a lot, but once we learned, we had very few. The solution reduced our false positives by about 80%.

What is most valuable?

The solution requires very little maintenance; we install it, it works without any problems, is reliable, and we can almost forget about it.

Radware Cloud WAF works very well to block unknown threats and attacks; we set up some products and infrastructure beyond the solution, and they aren't detecting any threats.

The tool's automated analytics work fine for looking at events; the fact is, we're preparing to renew our license for another three years.

What needs improvement?

The primary area for improvement is in issue detection and understanding whether a log is a false positive. It can sometimes be a challenge to take the data of a given security event and determine if it's a genuine threat using a Wiki etc.

Navigating to find specific options can sometimes be challenging, but we only do this occasionally; we primarily control the logs, so it's not particularly significant for us.

We had some issues with the initial implementation, especially around tuning the solution to avoid false positives.

For how long have I used the solution?

I've been using the solution for three to four years.

What do I think about the stability of the solution?

The solution was relatively unstable during the first year, and we encountered issues, but after that, it was very stable.

How are customer service and support?

The technical support is excellent; they ask questions, and on rare occasions, they haven't been able to help us. However, they looked into the issues on these occasions and provided a solution a few months later.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Radware Cloud WAF is the first WAF solution we've used.

How was the initial setup?

The initial setup was relatively complex; we had some DNS certificate issues, and the deployment took much longer than we expected. However, the second implementation was straightforward and much faster. We experienced DNS issues again, but we had the benefit of experience.

The initial deployment took a few weeks and was carried out by two staff members. We outsourced the solution's management to a civil security team of around ten members.

What was our ROI?

The product is excellent in terms of ROI because it has saved us a lot of time.

What's my experience with pricing, setup cost, and licensing?

The pricing is fair; it's neither particularly cheap nor expensive.

What other advice do I have?

I rate the solution eight out of ten, and I recommend it.

We have seen time to value with Cloud WAF, and we saw this value after around three months. Once we tuned the application to avoid false positives, we started to see a return on our investment.

We don't currently use the API Discovery feature but plan to implement it soon.