From the features perspective and functionality-wise, there are areas of Radware DDoS that I would like to see improved or enhanced in the future. Version upgrades are being provided, but they should communicate with clients about these new features being available so clients can test them and deploy them on the disaster recovery system before moving to the live segment. There should be a test report that will provide confidence that the version is stable and everything will work properly. Last time we faced an issue with a version upgrade, and we faced extensive troubleshooting with littile bit more time in the troubleshooting process. It turned out to be a small issue that was resolved by the engineering team.

I would like to see improved support from Radware DDoS. Sometimes in support, we have to log the call with their support partners rather than Radware. After ten years of experience, we know exactly what the issue is, and we understand that it cannot be handled by their support channel or partner level. Radware team always asks us to go through the partners, but sometimes we have found that the issue cannot be handled by the partners. After the partners fail to resolve the issue, it goes to the Radware team. At that time, one to two days of required timeline gets increased by one to two days. If Radware came into immediate action and resolved the issue rather than relying on their service partners, it would be better. After ten years, we have the knowledge of troubleshooting, and we understand that the issues we are facing with Radware can only be resolved by their team. However, due to their policy, they insist we move through the partner first, and only after the partner fails do they escalate to Radware. During that troubleshooting period of twenty-four to forty-eight hours, we remain in an unresolved state with the reported issue.

There should be some extra layer of security and a method of advanced rate limiting. We can limit the number of IPs or URLs per session and per country. There should be improved bot management integration that mitigates bot-based DDoS attacks completely.

In Radware DDoS, everything is good as it is, but I think it can improve with more automation linked to the system. We have good real-time monitoring, and documentation is also helpful, but any integration with platforms such as Splunk would enhance it further.

In terms of specific features missing in Radware DDoS, I would appreciate seeing an API Protector or similar capabilities that Akamai has. These allow for record creation on Akamai that Radware DDoS currently lacks.

Their Cyber Security Controller portal, including its GUI and dashboard, could be more intuitive so CXOs can easily understand them. 

Improvements in visualization for reporting also need consideration. This feedback has already been provided directly to Radware DDoS Protection Service.

There is always room for improvement as nothing is perfect.

The additional features or improvements I would like to see in the next release of Radware DDoS include better algorithm tweaking and enhanced analytics for finding unique possible attacks. There are many people on the dark side that use spray and pray tactics, yet there are companies making use of very light tests and getting small but consistent replies. If that can be automated better, then that will help. This is also known as a low and slow attack.

Radware can improve in several specific areas. The downside is the marketing. Radware does not have the same presence as others, such as Cloudflare or Akamai. This is a key factor because many types of customers prefer other solutions due to marketing. In my experience, the cloud solution needs improvement. For example, Cloudflare is better in this aspect. This is the downside for Radware, but this is my opinion only.

Marketing for the presence of different types of solutions is one area. Another is the cost. The different solutions for Radware DDoS are expensive. Better pricing is needed. The solution is very expensive, and a less expensive solution would be very beneficial because many people could acquire this solution and these products.

I want to improve the blocking time; it should be within 10 seconds because 18 seconds allows multiple transactions in the financial industry. I want the blocking time to be better than 18 seconds.

One downside of Radware DDoS is that the GUI should be more user-friendly. I have experience in other platforms as well, and what I see with Radware is that it is not as user-friendly as the other ones, so that is definitely one thing that needs improvement. Additionally, I do not have an option to open a new tab within the existing GUI. If I want to open something in a new tab and try to compare it with what I have on the previous page, I cannot do it. I also note that as far as I know, Radware DDoS does not have any authentication countermeasures to mitigate any attacks, which needs to be addressed. I know it has protections for SYN floods and all, but that should be changed. It should be more transparent where proper authentication should happen with the source.

In my opinion, Radware DDoS's response times after an attack need to be improved. The response time is pretty bad sometimes.

The SecOps dashboards for monitoring and reporting the metrics are pretty bad. That is where the comparison with NetScout is more applicable because the NetScout reporting is really good. I am referring to the mitigation reports or the forensic reports. It is very hard to get a scaled report in Radware, and even after a mitigation, putting out a report for that specific mitigation is a hard process. That definitely needs improvement.

The aforementioned SecOps dashboards provide historical information on protected objects, networks, and so on, but when it is a sample report, it is not that accurate. As the scale goes bigger, the accuracy of the report also degrades.

Radware has not helped me reduce the number of false positives I receive in response to an attack because, as I mentioned, I do not use Radware DDoS as a detection mechanism. I have other detection mechanisms, so I do not work with Radware regarding false positive reductions. That is handled on a separate platform itself, so it is not needed here.

There are areas where Radware DDoS could improve, specifically regarding centralized visibility. If someone is allowed access to one payment server but attempts to access the backend database and application servers from that source, we need to analyze the level of propagation. If they are performing suspicious activities such as random logins, it would be beneficial to have a centralized console that shows which IP is attempting which actions for greater visibility, enabling better analysis.

To sum it up, we suggest that clear visibility within a management console could significantly enhance Radware DDoS's usability. We use Radware DDoS and Check Point for our public site because understanding the origin and pattern of public hits is crucial. If the console could segregate packets by type—such as HTTPS, logger, database-related queries, or other behavioral data—and generate reports accordingly, it would better aid our analysis.

On the appliance, maybe the hardware could be improved. Most of Radware DDoS appliances are physical, so they could improve that aspect.

In terms of the system and the functionality, Radware DDoS is constantly upgrading.

I believe Radware DDoS could be improved for cloud deployments with more granular controls that could provide valuable gains for the company, especially by verifying whether the client is genuine or not with additional metrics.

While I think the support is quite good and the user interface is acceptable, it does require a more friendly interface, although I cannot recall the exact improvements needed.

I suggest improvements to the user interface to make it easier to use and to find the necessary data for analysis. Although the data is present, accessing it for analysis could be more simplified.

I think Radware DDoS Protection Service could be improved by enhancing the network analytics features.

Radware's management is very proactive, but Radware's lower-level staff is not proactive. You need to do a lot of follow-ups. This is one point that they need to improve. If they improve this, they will be world-class because everything else is so good. 

The time it takes to upload a site to the cloud is critical when under attack. If a site is down, a quick response to migrate the site to the cloud is essential. It currently takes about 15 to 20 minutes for the process to complete, which should be minimized.

The product is good, but the company could improve its services by appointing customer success managers. This would ensure better interaction with customers and help resolve issues on both customer and supplier ends. Most other security product companies such as Palo Alto and Forcepoint appoint customer success managers to interact with customers and ensure that the product they have purchased is used perfectly. If we are facing any kind of issues in using the product or service, the customer success manager should get things right.

To improve my ability to monitor security events, I would like Radware to strengthen its integration with SIEM for better logging capabilities.

The rise of generative AI and machine learning in cyberattacks demands more advanced defense strategies. In this context, I'm interested in how Radware plans to leverage these same technologies to improve its detection and response capabilities.

We've been encountering a lack of updates in DefensePro. Currently, we're facing numerous bugs within our data solution. These bugs are impacting the failover process, and we're observing repeated crashes of the Elasticsearch container across various workflows.

There's room for improvement in the clarity of the feedback provided by the command service in the CLI. Specifically, the messages it gives when something happens to Docker containers could be more informative. For example, it might simply state that container states have changed, or it might mention the directory paths where container data is saved, but these messages don't provide enough detail. To access the files, users currently need to navigate through a complex directory structure, which isn't very user-friendly.

There is a need for more informative release notes. The current ones lack detail about what's included in the updates and what fixes have been implemented. This makes it difficult for users to understand the changes and how they might affect the experience.

As a service provider, we are expecting the multi-tenancy feature on the dashboard and reporting side. It will help share reports with customers in real-time. They can directly see them online. We are working with their team on API integration with our portal. We will be able to achieve that, but it will take some time.

There's room for improvement in customization and integration. It would be better if routers and external firewalls could integrate with the solution. Additionally, when bugs are detected in a version during upgrades, there should be better communication about these bugs. They need to focus more on providing process documents highlighting bugs and their solutions.

Sometimes there is leakage in the network. Attacks go through without getting detected. It's a deployment issue, not a Radware problem. We don't use it to its fullest capacity.

Whenever there is an incident, it sometimes lacks the proper information about the attack, but most of the time, it's really reliable.

The APSolute Vision feature needs improvement. 

Radware DefensePro can defend against Layer 3 and Layer 4 DDoS attacks but it is not capable of protecting against Layer 7 attacks.

Radware DefensePro suffers from a high false positive rate of 25 percent and occasionally blocks legitimate traffic, requiring manual unblocking. Additionally, it has been known to miss some threats.

We have not seen a reduction in downtime associated with attacks by using DefensePro.

Radware DefensePro needs to improve its cloud scrubbing capabilities. We have discontinued their cloud services due to poor performance.

The inability to access local technical support during our business hours poses a significant inconvenience. This necessitates extra devices for continuous operation until we can speak to their support. We would appreciate the availability of a team within our time zone for optimal service.

Right now, we have DefensePro 6. The only complaint I have is that SSL inspection, when activated, consumes a lot of resources on the machine. We are currently reviewing a possible change to DefensePro X, the new version, which has a separate module with its processors. It only consumes the performance of that card, not the rest of the machine. But SSL inspection resource consumption in DefensePro is the only thing I would say can be improved in our current version.

They need to provide more granular control over security policies, allowing organizations to tailor configurations based on their specific needs and risk profiles. There is a restriction on the number of policies that can be defined.  That count may be increased further to create more specific policies

They should integrate automated incident response capabilities to streamline the mitigation process and reduce response times during attacks.

It would be ideal if they could expand protocol support to cover emerging communication standards and ensure comprehensive protection against diverse attack vectors.

There is room for improvement in the pricing; the product could be more affordable. 

Improvements to the support and protection are always welcome, though they are in a good place. 

I started from scratch, from medium customers to bigger customers, and then maybe smaller ones. I would like to have more granular steps according to protected bandwidth, so the granularity should be better. For example, one gigabit of protected bandwidth, two gigabits, three gigabits, and so on. Right now, it's two, four, and six, something like that. It depends on the appliance, of course, as Defense Code 6 is the smaller one and next is 10 or 12. However, in general, the granularity could be better.

Its documentation is not 100% clear, making it the weakest aspect of Radware. We have encountered some difficulties in understanding how to configure it correctly.

We would like to have seven-layer functionality.

As price increases based on the volume of net traffic, it can get expensive. 

The NetFlow security could be improved too.

More customization options would be a welcome addition. 

There are no issues on the hardware front, but on the management front, the APSolute Vision needs to be more granular so that it's possible to get real-time information. If I want to check on TCP traffic or any kind of traffic flowing between a source and a destination, I should be able to access it in real-time. For now, I have to check four or five options, then go for a TCPDUMP, download it, and then open it. It takes too long and is a complex process. There should be an option in the management server or on the GUI, to simplify things for users. It should just be a matter of putting in the source and the destination IP, to see the latency for that particular destination and what's going on.

Because Radware does not have its own control plane software, it can only integrate with specific products. They should aim to integrate with third parties such as Genie, Nokia, and Arbor DMS. It's currently very limited.

The customer service needs to be improved. I do not mean the support, but specifically the customer service. They didn't listen to what we were asking for and what we needed. When we went to upgrade, we kept telling them what we needed and they would offer something else. It was as if we were trying to buy oranges and they would offer us apples. We corrected them and offered additional detail, yet they continued to come back and offer us the wrong solution. This was very expensive and ultimately, we decided to look elsewhere.

This product would be improved if ongoing live monitoring with dashboards were added.

Radware DefenseFlow should add new features and algorithms to make it efficient. 

The current deployment heavily depends on the Radware team and requires improvement, particularly in the device configuration aspect rather than the cloud mitigation aspect. We encountered several challenges during deployment. We heavily relied on Radware's technical team to ensure the proper setup and configuration of VPN tunnels for cloud mitigation.

They need to increase the limit of devices that we can manage (currently it is 100). I manage a huge network and I am forced to use two and this is very uncorfortable. 

In the event of a power failure, it would be nice for the device to turn on again automatically. When managing a very large network it requires to have to contact the offices for a manual restart.

Customization could be improved. 

I would like to see more graphics within the dashboard. Right now, you are required to buy tools in order to have a graphical representation for your monitoring.

This solution may not cover all of the requirements in situations for which I am unfamiliar, and there is always room for improvement.

The solution needs to improve its communication with users. Last year, there was a lot of silence on their end. There have been communication delays we would rather not deal with.

There needs to be more reporting. I'd like to be able to see more information on traffic or the system's data. Right now, information is lacking, from what I can tell.

We are currently using the solution in conjunction with Cisco Firepower. In terms of the defense devices, I would like to see an improvement within the implementation and upgrade phases.

The dashboard could be updated. It's just the one that is used with Internet Explorer 11 and with outdated Java. It's only a small part of their web interface and is not the entire dashboard.

The implementation process could be a bit better.

There are customers who don't want Firepower. Let's say they have Sophos or they have Palo Alto. We're trying to re-position Radware DefensePro as a separate appliance in their environment.

The solution is a little more pricey than other options on the market.

It could be a little bit more user friendly, however, that said, it's pretty decent compared to a lot of other vendors.

Better integration with the automated incident response platform, and the ecosystem in general, would be an improvement. Everything should be automated and seamless.

I would like to see more focus on layer seven protection. This is the application layer. 

There was occasionally a lack of communication between the distributors, the vendor, and companies that can affect how the solution operates or is implemented. The level of knowledge of the product by support was not so high in the past. There were miscommunications about integration capabilities. This is just something I noticed, and it was a few years ago, so I'm not sure if the problems have already been dealt with, or if it was a one-off case.

The solution needs a bit more functionality. It would be good if DefensePro could have anti-bot functionalities in order to stop bots like web scrapers from getting onto our customers’ network.

The solution should aim to be a multi-functional platform. It could be cloud as well, but offer a mix of functionalities under one line of products.

The documentation needs improvement and the best practices need adjustments. I find I spend a lot of time searching for information and documentation related to implementation. They need to provide better sources to make things easier.

The performance needs to be better.

The solution needs high availability. It would help you avoid some of the trouble with configuration.

Converting or offering integration with the cloud solution would improve the product. Maybe a solution that does more to track the behaviors for the site and enhance the intelligence and proactive behavior.

We have no problem at all with Radware DefensePro. I have recommended it to more than 50 clients with no complaints about the interface's ease of use. 

There are some technical issues. For first time users, the security configuration is a continuous learning process. It is not easy.

Radware DefensePro requires a continuous learning process. Using this technology, we can improve our network. That is why we recommend the product for security monitoring. 

Based on the different attack mechanisms, we use Radware DefensePro to provide security for our clients' networks very effectively.

From a service provider's point of view, I would like to see better scalability in terms of a platform, rather than sticking to specific models. From a subscription or model-of-operations point of view, I think they should scale it better.

If they would go to a cloud-based approach, that would give much more flexibility in terms of working with them.

They should add artificial intelligence to the platform. It is currently missing the machine learning piece.

I would like to see better implementation of a zero-day attack implementation strategy with self-mitigation.