Radware Bot Manager Reviews

Before we had the Radware services, we used another tool. It was not very good at understanding the bot traffic, and it couldn't really stop it. So, we had to utilize Radware for that.

It can categorize different bots, which is helpful because, initially, we were seeing large spikes in connection attempts. They were bots. Our assumption was they were all bad bots, but that's not necessarily true. There are many different services out there that are like aggregators collecting information on the internet. Understanding that there are good bots versus bad bots out there helps you to make different decisions. You definitely want good bots to come in, but you want them to be able to use only a certain threshold of bandwidth. That's a metric that we can set. So, it has definitely helped us to see what they are and how to limit their utilization against our site and then cut out the bad ones.

Bot Manager has helped reduce the number of false positives that our organization receives in response to attacks. As a part of the project, we did a lot of reporting to show the impact when we turn the services on. It was pretty staggering. There was a pretty big drop in terms of the bandwidth used and attacks on the site. The impact was huge. From about half a million connections a day, we brought them under a hundred thousand at that point. About 80% or higher of that was noise, where bots were just scanning our website and looking for flaws.

Bot Manager didn't reduce downtime associated with attacks, but there was a reduction in CPU, memory, and disk usage. We reduced the CPU, memory, and disk usage for those services because they weren't getting nearly as many connections. So, there are definitely cost savings.

There have definitely been time savings because I now just get alerts instead of having to go in and take action to see what was occurring. I get a few hours back a week instead of actively going out there looking for issues and taking care of them. I don't have to interact with them.

Previously, I was probably spending six to eight hours a week looking at the site trying to determine utilization. I don't have to do that anymore. I'm getting back six to eight hours a week, which comes out to be more than 800 hours for the past two years.

The Bot Manager crypto mitigation algorithm is a capability in there, and we do have it turned on. Essentially, what it does is that if anyone is trying to use bots in a malicious way to attack your service, it will essentially cause them to consume more resources in order to try to attack or do something against your site. It's an interesting concept. It has helped to reduce the number of bot attacks, but I don't have the metrics.

It's very good at categorizing the different types of bots, whether they're malicious or good. Bot is a very generic term. It could be good, it could be bad. Quite a lot of legitimate businesses are using bot-type services to just scrape the internet for information.

The Bot Manager portal is very easy to use now. When we first started, it was a separate portal. It was different. It's all wrapped into one now, so it's easy to use.

Bot Manager’s ability to detect and mitigate bots in real-time is very good. It has been very effective. We definitely see different bot types. It has done a good job of stopping them. We do get alerts that something has occurred, so it's an effective service.

It would be good to have more integrations. It's very hard to get data in and out of their portal. It doesn't have any integrations with any of our tools, such as our SIEM tool. It only depends on emails. Having that tied into the warehouse, SIEM,  and maybe our on-call tools would be very helpful because it would just give us a holistic picture of everything.

The Bot Manager portal sometimes doesn't refresh correctly. There are cosmetic issues that can be improved on. 

I have been using this solution for two years.

It has been great. It has been a very good service. Never had a problem with it. Never had an outage. I'd give it a pretty good rating.

We haven't had any performance issues due to scalability. It has done a good job.

We have contacted them a lot. When tools are new to us, there are a lot of questions. While we were doing the implementation, the bot service used to be a separate portal, and then they rolled it into the Cloud WAF portal. It's a unified portal. During that time frame, there were a lot of issues where something was no longer available in the portal and moved somewhere else. We had questions about their migration to the new portal, and then we just had questions about any issues that we had with the service or the way they implemented the application, such as what was your intent or what am I supposed to do in the situation. They were good. I'd rate them an 8 out of 10.

Azure has some built-in native capabilities, but they're not great. It's called Azure Application Gateway, but it's not nearly as good as what Radware offers.

The protection capabilities against attacks are very good inside of Radware. It can definitely categorize an attack and determine the attack type. I can easily see what the attack is. It can tell me a little bit about the client that's trying to connect, whereas none of that was available in Azure Application Gateway. It was even hard to get a user agent type. That's a basic capability.

It's straightforward. You have to work with the engineer you are assigned by Radware. It works great when you have someone like a project manager and someone from the technical side to do the implementation. 

Bot Manager is integrated with our WAF. They weren't integrated natively. We had to integrate them. When we first initially launched, we turned on the Cloud WAF, which gave us some visibility, and then the next step was to turn on bot protection. We tried to turn them on piecemeal so that we could understand the impact it caused on the application and what kind of traffic it was modifying.

We had two people involved in its implementation.

Its time-to-value was immediate. Once we enabled those services, it definitely cleared out all of the attacks where the traffic was not customer based or that didn't need to be there and served us no value.

We did demos of the Citrix, Imperva, and Azure products.

To someone who wants an anti-fraud solution but isn’t considering Bot Manager, I'd say that it really comes out of visibility in the tool. In our case, we can show the metrics of our typical website application usage and then the significant decrease in traffic after the Bot Manager service. There was a significant decrease in traffic that was not just bots. That was not related to any type of customer. We filtered it down to just what our core customer usage is, and having that data helps a lot because otherwise, you just make assumptions that all those connections 24/7 are legitimate usage patterns, but they're not. So, it has a lot of value.

I'd definitely recommend utilizing such a service, whether it's Radware or anyone else. It definitely provides a lot of business value. You cut down on all of that noise and traffic and protect your resources from malicious traffic. It's definitely worth the time and effort.

Our experience with Bot Manager has been very good. It served the reason we bought it, and it's doing its job from a scalability, performance, and reliability perspective.

Overall, I'd rate it a 10 out of 10.

We use this solution for bot mitigation. We run a dedicated server to manage a high-traffic website that draws a lot of attention from bots.

Bots have become more prevalent and insidious over the years. We use ShieldSquare as a gateway to filter traffic, letting the good bots and real users in while keeping the bad bots out. There are webmasters who do this manually, but we don't want to spend our time doing that kind of whack-a-mole. The other big upside is in preventing scrappers. We publish a lot of original content, and without this protection, there is a feeding frenzy on it that could result in search engines listing the scrapper sites higher with our own content.

The reporting is excellent, providing a nice overview of what's coming at us. Along with Google analytics, it helps us get an understanding of our traffic. We've also found the whitelist feature handy, which allows us to crawl our own site without being blocked.

This is always evolving, but somehow quarantining bots or sticking them in a honeypot so they can't pound the API would be helpful. The bots, of course, are always evolving.

I have been using this solution for about nine years.

I haven't had a problem with any downtime.

We've had to scale it up, and it was not a problem.

It's been excellent. The recent support was very helpful.

We did this ourselves using firewalls and other tools, but it proved a losing battle.

The initial setup for us was a long time ago. I remember it requiring a bit of effort, but getting the help we needed.

We implemented this solution in-house.

I can't provide a solid number, but for what we save in resources and what we get from listing protection, it is certainly worth it.

We didn't hit any traps. This company has been very honest and helpful. I'd suggest letting them make recommendations.

We evaluated solutions a while ago, but I think we looked into Incapsula and a few others.

They've been great during transitions, like when we've had to move servers. Thye provided excellent support. They're very tenacious about getting problems solved, even when it means digging deep.

Reducing Price and Content Scraping and at the same time freeing server resources and offering a better user experience

The ShieldSquare bot mitigation solution helps us to avert product and price scraping attempts by malicious bots. They not only help us in eliminate the bot attacks, but they also provide us with comprehensive reports on bots intent and their activity on our site. ShieldSquare ensured that genuine users are not affected in the complete process.

We were confronting bots that were illegally scraping price and product listing on our website. We were finding it difficult to filter and eliminate the highly sophisticated bots because of their continually changing approaches. After evaluating several solutions, we decided to deploy ShieldSquare’s non-intrusive API based bot mitigation solution. ShieldSquare helped us in averting the scraping attempts by bad bots and provided us with the detailed analytics of bot traffic on our site.

There is very little to improve as the package is complete as in it does everything required of it. Only improvements could be made with the reporting down to a page level.

No issues.

No issues.

All good.

We used our own internal system which could not cope with the volume of bots hitting our site.

Simple.

In-house.

Set up was a breeze, cost is superb.

No.