Jefe de Infraestructura y Seguridad at a comms service provider with 51-200 employees
Real User
Top 20
2023-04-30T10:29:00Z
Apr 30, 2023
We have had difficulties with the configuration of rules when it comes to allowing connections and having a list of IPs that are authorized to use a specific service. We have not been able to make a whitelist work. For example, if we want to publish services to a limited number of providers and we only want those providers to connect, we need to forward those requests to the Radware support team and they apply them, but it takes some time. It seems to me that this long process would be faster if the configuration could exist directly in the portal. That would make things easier.
They have a portal for webinar training but because we are in a Spanish-speaking country, it is difficult for us to watch them. Not all of us are fluent in English, but most of the courses and webinars are in English. That part could be improved, with more options for people for whom English is not their native language.
Network Engineer at a real estate/law firm with 1,001-5,000 employees
Real User
Top 5
2023-04-13T18:07:00Z
Apr 13, 2023
The reporting has room for improvement. We've had some issues with putting certificates in. We considered using Radware Cloud WAF Service to protect our API gateway with a WAF. However, we encountered issues with licensing since we had to obtain a license for each individual connection, which was not suitable for our API. To deploy one API Gateway, we would need to purchase 30 licenses, which was expensive. Additionally, we experienced difficulties with obtaining support and resolving the issue, which went on for several weeks. Eventually, we decided to explore other options due to the lack of time to address the problem. The scaling is not cost-effective and has room for improvement.
CISO at a financial services firm with 1,001-5,000 employees
Real User
Top 5
2023-03-02T21:22:00Z
Mar 2, 2023
They've changed their process for call logging. I suppose it's fine, but I used to be able to send emails in. They could also build up more local resiliency here in South Africa. They're working on that, so it isn't much of an issue now.
IT Unit Chief at ATM - AUTORITAT DEL TRANSPORT METROPOLITA
Real User
Top 10
2023-02-17T19:40:00Z
Feb 17, 2023
The primary area for improvement is in issue detection and understanding whether a log is a false positive. It can sometimes be a challenge to take the data of a given security event and determine if it's a genuine threat using a Wiki etc. Navigating to find specific options can sometimes be challenging, but we only do this occasionally; we primarily control the logs, so it's not particularly significant for us. We had some issues with the initial implementation, especially around tuning the solution to avoid false positives.
Manager Cloud Security at a computer software company with 501-1,000 employees
Real User
Top 10
2022-09-12T08:59:58Z
Sep 12, 2022
The integration part could be better. The visibility part could improve as well. In the market, everyone is moving towards the cloud. However, the patience is not good. When we are trying to find out some information, we are not getting what we need on time. They need to arrange some more use cases for their partners, for their customers to showcase their product and show exactly how it is working, how they're capturing the market, et cetera. Right now, they aren't showcasing what can be done, making it hard to sell. I've found it difficult to find good documentation for cloud deployments.
Radware’s Cloud WAF provides enterprise-grade, continuously adaptive web application security protection. Based on Radware’s ICSA Labs certified, market-leading web application firewall, it provides full coverage of OWASP Top-10 threats and zero-day attacks, while implementing both negative and positive web application security models to automatically adapt protections to evolving threats and protected assets.
Radware’s Cloud WAF offers full web security protection including OWASP Top-10...
We have had difficulties with the configuration of rules when it comes to allowing connections and having a list of IPs that are authorized to use a specific service. We have not been able to make a whitelist work. For example, if we want to publish services to a limited number of providers and we only want those providers to connect, we need to forward those requests to the Radware support team and they apply them, but it takes some time. It seems to me that this long process would be faster if the configuration could exist directly in the portal. That would make things easier.
They have a portal for webinar training but because we are in a Spanish-speaking country, it is difficult for us to watch them. Not all of us are fluent in English, but most of the courses and webinars are in English. That part could be improved, with more options for people for whom English is not their native language.
The reporting has room for improvement. We've had some issues with putting certificates in. We considered using Radware Cloud WAF Service to protect our API gateway with a WAF. However, we encountered issues with licensing since we had to obtain a license for each individual connection, which was not suitable for our API. To deploy one API Gateway, we would need to purchase 30 licenses, which was expensive. Additionally, we experienced difficulties with obtaining support and resolving the issue, which went on for several weeks. Eventually, we decided to explore other options due to the lack of time to address the problem. The scaling is not cost-effective and has room for improvement.
They've changed their process for call logging. I suppose it's fine, but I used to be able to send emails in. They could also build up more local resiliency here in South Africa. They're working on that, so it isn't much of an issue now.
The primary area for improvement is in issue detection and understanding whether a log is a false positive. It can sometimes be a challenge to take the data of a given security event and determine if it's a genuine threat using a Wiki etc. Navigating to find specific options can sometimes be challenging, but we only do this occasionally; we primarily control the logs, so it's not particularly significant for us. We had some issues with the initial implementation, especially around tuning the solution to avoid false positives.
The integration part could be better. The visibility part could improve as well. In the market, everyone is moving towards the cloud. However, the patience is not good. When we are trying to find out some information, we are not getting what we need on time. They need to arrange some more use cases for their partners, for their customers to showcase their product and show exactly how it is working, how they're capturing the market, et cetera. Right now, they aren't showcasing what can be done, making it hard to sell. I've found it difficult to find good documentation for cloud deployments.