Radware Cloud WAF Service Reviews

Since many of our businesses are on this application and web applications, we have a huge environment. There are more than hundreds of applications that we have. We are using it for WAF-based production, for bot and for DDoS protection.

The interface is quite concise and clear, and it is easy to navigate. I have worked with other WAFs, however, Radware Cloud WAF Service is quite easy to navigate compared to others. 

I have never had a problem with the application or any websites. Many threats are getting blocked here. Since I joined this organization and had the opportunity to compare early deployment statistics with current ones, we can see that many threats have been blocked, resulting in a very good return on investment.

With Bot Manager, we get many detections which are actually blocked, especially related to application headers. Malicious user agents are something that we get frequently and it has been blocking the majority of the threats, almost about 97-98% of threats are blocked, almost to 99% itself.

Our first line of defense for our web applications, especially on the cloud, is Radware Cloud WAF Service. Whatever comes through, including reconnaissance attempts, different types of targeted attacks, targeted threat vectors and many APT groups targeting our environment, they are getting blocked in the recon phase itself thanks to the Bot Manager.

They can work more on the documentation part. The documentation I found is quite vague. There can be more practical examples, and since we are a paid customer, they can give us arranged training. They can arrange sessions or trainings regarding using Radware Cloud WAF Service and what further things we can do. I recently learned about source blocking, so training or sessions can be organized, along with improving documentation with practical examples.

I have been using it for two and a half years since joining the new company. The company has been using the solution for quite a long time.

In the last two and a half years, I have not seen any kind of lags or issues.

Scalability is good. Our organization is quite big, so we keep on adding applications behind it. I never found an issue with lagging or non-working components due to scaling limitations. The solution is providing scalability in all aspects.

The speed and quality was good. We got a good quick turnaround time, especially in cases where we were actually under attacks and wanted blocking to work as soon as possible.

In my previous company, I have worked with other WAFs, including the F5 WAF and the cloud native WAF. I have also worked with Akamai. I found Radware Cloud WAF Service to be better compared to others.

The initial setup was quite easy. I moved around, did some R&D on my own, and it was easy to navigate.There are clear and concise filters that I can apply. Everything was on the screen. Whatever I wanted to try or do was available on the screen. I could move around in the console and try all kinds of experiments. It was quite easy and user-friendly.

Since I joined this organization and had the opportunity to compare early deployment statistics with current ones, we can see that many threats have been blocked, resulting in a very good return on investment.

Pricing is something that is decided by the top management. I am more of an operations person.

We do not use the CDN services.

I have not used the API Discovery completely, however, I have checked out the API security that comes under the WAF part, specifically the threat detection part that we are focused on. I am hearing about source blocking for the first time, which would be helpful as we would not have to manually block it.

We are using the DDoS protection and it has been blocking many DDoS attacks that we have observed. Many times when traffic slips through our DDoS protection pipelines, they are definitely getting blocked by Radware Cloud WAF Service, including anomalous rate limiting.

It took me about a week to learn the system, as I am a quick learner. There is no required maintenance as it is already taken care of by Radware. We get notifications regarding maintenance upgrades and everything, mainly for the IP blocking parts.

On a scale of one to ten, I rate this solution a nine.

Radware Cloud WAF Service serves as a Web Application Firewall for the applications my organization has exposed on the internet that are hosted in the Azure cloud. I use Radware Cloud WAF Service as a WAF for applications that are exposed on the internet, and it provides us broad visibility and monitoring of all the traffic that goes to them.

Radware Cloud WAF Service has positively impacted my organization by providing broad visibility into the traffic and the requests from our third parties to our exposed services.

A specific example of how these features have benefited my organization is that we currently have our core system hosted in the Azure cloud and exposed, and many third parties consume our service. With Radware Cloud WAF Service, we have visibility and can see all the traffic and the requests that are generated to our services.

The best features that Radware Cloud WAF Service offers are the robustness and the visibility I have of my applications exposed on the internet.

Regarding aspects that Radware Cloud WAF Service could improve, I would suggest that at the start, on the home interface, having dashboards that help us summarize and extract metrics would be beneficial.

I have been using Radware Cloud WAF Service for approximately two years.

I consider Radware Cloud WAF Service to be a very stable solution.

I would rate the scalability of Radware Cloud WAF Service as excellent.

My experience with the technical support of Radware Cloud WAF Service has been very good. When we have requested support, they have provided solutions to our questions almost immediately.

Before implementing Radware Cloud WAF Service, I did not use any other solution. It is the first WAF solution my organization has implemented.

My experience with the costs, initial configuration, and licensing of Radware Cloud WAF Service is that the tool is somewhat expensive and not inexpensive. However, it is worth every peso I pay.

I have seen a return on investment since I started using Radware Cloud WAF Service through time savings. We now have all the traffic and visibility centralized for what goes to our exposed applications, allowing us to save time when reviewing all the traffic.

Before choosing Radware Cloud WAF Service, I evaluated other options such as F5 and Fortinet.

Factors that influenced my choice of Radware Cloud WAF Service instead of F5 or Fortinet include robustness and the way it is implemented.

Radware Cloud WAF Service meets all my organization's expectations.

My advice to other companies that are considering implementing Radware Cloud WAF Service is that it is a good tool. It is not inexpensive, but it is a good and very robust tool for cloud environments.

Radware Cloud WAF Service is an excellent tool and very robust for companies that have core systems and services hosted in the cloud. I would rate this product ten out of ten.

My main use case for Radware Cloud WAF Service is blocking the IPs of hackers, SQL injections, and others for protecting the domains of Gran Melia Resort.

In my experience, the best feature of Radware Cloud WAF Service is its strong protection for public-facing domains and web applications. Its ability to block common web attacks and the visibility it gives into suspicious traffic and threats improves the security posture of our online services without adding too much operational complexity.

Radware Cloud WAF Service has positively impacted our organization by giving us peace of mind with suspicious traffic, fewer web security concerns on public services, and more confidence in the protection of our applications. It has helped us maintain service availability more effectively during suspicious traffic situations.

Radware Cloud WAF Service could be improved with a simpler management interface, more detailed reporting, and easier policy tuning for day-to-day administration. The service is strong, but improving its usability, reporting clarity, and day-to-day policy management would make it even better. A more streamlined administrative experience would be very valuable.

I have been working in my current field for three years.

Radware Cloud WAF Service has been very stable in our experience, and we have not had any problems with the service.

Radware Cloud WAF Service has shown good scalability in our experience. It has been able to support our needs reliably as requirements grow without causing issues in daily operations.

The customer support for Radware Cloud WAF Service has been very good. We are happy with the support provided and the overall responsiveness of the team.

We did not use a different solution before Radware Cloud WAF Service.

I would recommend clearly defining our protection needs and public-facing services from the start so the setup can be aligned with our environment. If security and reliable support are important for our organization, Radware Cloud WAF Service is a strong option to consider.

Our only relationship with the vendor is as a customer.

I have seen a return on investment with Radware Cloud WAF Service mainly in terms of time saved, lower operational risk, and better protection of our public-facing services.

Before choosing Radware Cloud WAF Service, we also evaluated other well-known options such as Cloudflare, Akamai, and Imperva.

Radware Cloud WAF Service is deployed in a public cloud environment. I would rate this review as a ten out of ten.

We have COTS and SaaS applications that are onboarded behind this Radware Cloud WAF Service. We are leveraging the Radware SaaS platform, and that is how it is being used; we have huge traffic hitting every day on the applications hosted behind it.

The Bot Manager operates on the concept of AI/ML and is essential for our security strategy. The security events and alerts generated by the Bot Manager are crucial, enabling us to stop numerous attacks from various sources. By using the Bot Manager, we've discovered important insights about our incoming bot traffic that we weren't aware of before. Previously, we did not have that functionality, but after enabling Bot Manager, we began receiving alerts and visibility into anomalies that we weren't aware of. This added visibility allows us to monitor identified traffic, with some already blocked while still keeping others under watch, protecting our applications from excessive traffic through Radware Cloud WAF Service.

The real-time BLA detection and mitigation processes have significantly enhanced our threat management with Radware Cloud WAF Service. Enabling various blades, including this real-time functionality, ensures we have visibility and can block undesired traffic effectively.

I have tried using the API discovery feature with the Radware Cloud WAF Service for almost all of our onboarded applications, and it's pretty straightforward. It provides useful results, and our application penetration testing team leverages it significantly, making it very helpful for gathering data during tests. 

We have integrated Radware Cloud WAF Service with our SIEM tool to capture audit logs and security events. The integration process is quite simple, thanks to the available connectors and developed methodologies, making it one of the simplest integrations we've done, even though they have limited connectors and integrations at this point.

Incorporating Radware's combination of negative and behavioral-based positive security models is becoming essential for our security strategy as we delve into the AI world and machine learning. User analytics and behavior analysis are very important, with anomalies flagged by the analytics engine running behind the traffic hitting the Radware Cloud WAF Service.

What I appreciate the most about Radware Cloud WAF Service is that the UI is quick and very simple. Ease of administration is crucial since I'm the administrator looking after it. The functionality they have, starting from onboarding applications to managing them, is pretty straightforward; modifications, additions, or deletions are completed without complex codes or scripts. Additionally, the data populated post-onboarding includes both an executive view and detailed views for security analysts, which are incredibly helpful. If we compare this to other Cloud WAFs, we often don't get as much information for many security alerts, requiring deeper investigation. However, with Radware Cloud WAF Service, details are available when opening any security alerts, making the process more efficient.

Source blocking is a straightforward feature in the Radware Cloud WAF Service. We can easily block or whitelist traffic coming from certain geo-locations or specific IPs. I find that feature nicely implemented in a simple manner.

The web DDoS protection, particularly HTTP L7, is critical and has helped us immensely. It provides visibility, especially over port 80 and 443, as well as custom ports offered by Radware, and has proven essential for preventing denial-of-service attacks, whether distributed or isolated.

The automated analytics for looking at events is where there is room for improvisation in the Radware Cloud WAF Service. They are working on improving the automated capabilities of workflows and integrating AI, but it's not quite up to the mark yet. There's a lot of work to be done since various customers have different requirements, and any implemented automated features should provide expected results.

They need to improve the support side. Information should be more readily available on their support portal, especially knowledge-based articles for customers to resolve queries independently. The support portal used to be slow, and the UI experience was less than ideal, although it has improved over time. Additionally, the lack of an AI chatbot has been a downside, though we have been notified that functionality is in development now.

On the reporting side, customization options are limited; creating tailored reports is currently not possible, which is a significant drawback since full customization is crucial for effective data presentation.

I have been using Radware Cloud WAF Service for two and a half years.

In terms of stability, Radware Cloud WAF Service operates at 99.99% uptime. I have never witnessed any lagging, crashing, or downtime.

Scalability isn't an issue with Radware Cloud WAF Service; we can onboard as many applications as we need, and since it operates in the cloud, they effectively expand their resources as required.

I have contacted technical support with Radware Cloud WAF Service numerous times, mainly because I am the administrator overseeing all features. I regularly interact with their support team and customer success managers. The quality of support from Radware Cloud WAF Service is good; however, they must improve the speed of addressing customer queries, especially for straightforward questions. They adhere to policies but need to resolve blockers for customers much quicker. There's substantial room for improvement on their support side. I would give a score of seven out of ten for the quality of support received from Radware Cloud WAF Service based on my current experiences.

Neutral

I have used alternatives to Radware Cloud WAF Service, including Akamai, which we leveraged for different purposes, but that service is being discontinued.

The initial deployment with Radware Cloud WAF Service was straightforward and lacked complexity. There wasn't much information needed, making it easy to set up.

There is no maintenance required on our end since Radware Cloud WAF Service is a cloud-based and SaaS product. They manage everything, and we only need to monitor our applications.

Pricing with Radware Cloud WAF Service depends on the applications we want to onboard and how negotiations go between our technical commercial teams and Radware. Based on all current deals, it has been a win-win situation for both parties, and I feel satisfied with the pricing.

When it comes to false positives with Radware Cloud WAF Service, we absolutely get a lot of them. Whenever we onboard new applications, it's expected to encounter numerous false positives, which will mature over time. We have tweaked our queries to improve the ratio of true positives versus false positives, and now we don't see as many false positives compared to when we started with Radware Cloud WAF Service. It is important to note that onboarding applications with high traffic will still likely yield some false positives, which is expected in the cybersecurity world, but we see it maturing over time. 

With regards to protecting against zero-day attacks using Radware Cloud WAF Service, we haven't seen any such attacks being caught or flagged by the Radware team. While we do catch information from various sources, media, and other channels, we feel there isn't a reliable tool that can notify us of zero-day detections at the outset.

We don't use any CDN services with the Radware Cloud WAF Service at the moment. All our applications are on-prem, accessed from specific geo-locations, and currently, we don't require CDN services. 

We are not using the PCI DSS 4 extension compliance with Radware Cloud WAF Service, as we don't have any applications storing sensitive records.

I would rate Radware Cloud WAF Service a nine out of ten.

The use case is protection for all  web applications. This includes the applications we serve via critical workloads. We are utilizing Radware Cloud WAF Service for this protection.

In addition to protecting our production environment, we also implement Layer 7 protections, DDoS protections, and other security measures. We have established a detailed level of protection for all of our applications.

I am satisfied with Radware Cloud WAF Service's ability to block unknown threats and attacks, as the moment we enable protection for specific applications, it starts working. For instance, we receive results indicating whether there's any unusual activity. This system operates like Software as a Service (SaaS). You don't have to worry about the underlying algorithms or the conditions that need to be applied. It's essentially a plug-and-play solution, making it easy to use.

The automated analytics of Radware Cloud WAF Service are quite effective. They inspect and remediate DDoS attacks quickly by monitoring any suspicious activity and reporting it, demonstrating the power of their deployed algorithms.

I use the CDN service offered by Radware together with Radware Cloud WAF Service, and I find it feasible because it provides faster responses for users accessing our applications, especially when it's caching configurations and monitoring protection simultaneously.

Radware Cloud WAF Service has saved me more than 30% of my time, as it's very easy to spin up any application with just a few clicks.

I receive reports every 30 days. The live metrics are visible on their dashboard, showing the current status of all applications and the number of hits, including false positives.

The automated source blocking features of Radware Cloud WAF Service have a proactive and holistic approach. It effectively protects applications with default methods for any sort of protection, though some of those methods generate false positives that we need to adjust based on our needs.

In terms of compliance, we are following GDPR, and to adhere to this compliance, we have chosen the required region to ensure all incoming traffic is treated accordingly. I find Radware Cloud WAF Service good with respect to my compliance needs, providing services in all required regions.

I really appreciate the DDoS protection that Radware Cloud WAF Service provides, especially because it reacted well to multiple DDoS attacks on my applications in the last couple of months without any signs of issues being reported.

Their Network Operation Center (NOC) is very proactive in monitoring the health status and metrics continuously. Whenever they identify an issue, they do not delay in informing me or my team, making them very proactive.

Radware Cloud WAF Service has helped reduce false positives, but we do experience some false positives, such as when certain URIs or headers are incorrectly flagged as malicious, and we need Radware to refine those to treat as genuine traffic, achieving about a 25% reduction in false positives.

There is an area for improvement in Radware Cloud WAF Service, specifically regarding the visibility of default algorithms or source blocking systems that create false positives, as it would help if customers could see these blocks to isolate problems quickly without needing to reach out for tech support. There are various blocking systems in place, including some default algorithms that can block a lot of content. Unfortunately, this can lead to false positives, making it difficult to determine whether an issue is being caused by Radware WAF or something else. As a customer, we can't see what's happening behind the scenes because it's a SaaS service. I would suggest that if there are any blocks, they should be clearly visible to us. This would allow us to isolate the problem and understand whether it's related to the WAF or another source. Currently, these blockings are not transparent; they remain hidden until we reach out to the tech support teams. Often, we only find out about the issues from them, which leaves us unaware of the problems as they aren't displayed in the portal. These behind-the-scenes elements should be available. I understand it would have read-only access. That's acceptable, but it should be visible so we can isolate issues quickly.

We have been using it for the last one and a half years.

The service is always available to us. I would rate the stability of Radware Cloud WAF Service as a nine out of ten, as we rarely experience downtime, bugs, or glitches.

I rate the scalability of Radware Cloud WAF Service as a seven out of ten, fitting well with our approximately 8,000 users.

I rate the technical support of Radware Cloud WAF Service as an eight out of ten.

Positive

I find the deployment of Radware Cloud WAF Service to be moderate in complexity, as it takes months to complete based upon requirement

More than 8,000 users work with Radware Cloud WAF Service. While it does require maintenance, it is not a concern for us since it's a SaaS service, meaning they maintain everything on the backend while we focus on uptime.

The pricing for Radware Cloud WAF Service is cost-efficient for us, especially since we have opted for a big bundle that includes not only the Cloud WAF but also Radware other products.

We did not assess any other vendor as we have been using Radware from the beginning and are already familiar with its features, knowing it is fully integrated with our requirements and custom ports for web applications. While comparing Radware Cloud WAF Service with other WAF solutions, the biggest advantage is its seamless integration with my environment, and their tech support and NOC support are better than several other WAF services.

The combination of negative and behavioral-based positive security models is important for my security strategy, and we have defined a ratio of 70% to 30%, where it properly blocks what we define, and false positives are adjusted for all applications.

I would recommend Radware Cloud WAF Service to other users because it offers excellent WAF protection services that work like a plug-and-play solution without needing to worry about algorithms. However, the deployment time could be a drawback.

Overall, I would rate Radware Cloud WAF Service an eight out of ten.

My main use case for Radware Cloud WAF Service is to protect domains with the WAF services. I am mainly using Radware Cloud WAF Service to protect my web services, and it has helped me address SQL injection, DDoS, and every malware attack which we are protecting our domains.

The best features of Radware Cloud WAF Service are valuable for protecting our domains with day-to-day attacks, including fake URLs so that we can maintain our domains to best practice for the users.

Since using Radware Cloud WAF Service, when we onboard our domains in the WAF, it has become very easy to track down things for the domains, allowing us to protect against fake domain attacks and track with that false domain.

It reduces incidents and also saves real-time because our domains contain very sensitive data, which gives us a clear vision to protect that with the WAF.

Radware Cloud WAF Service must improve by providing clearer directions; it is not recommended for new users to have bulky features, but the WAF is doing very well as we receive prompt responses regarding alerts, and we can track easy logs findings.

I have been using Radware Cloud WAF Service for the past four years.

In my experience, Radware Cloud WAF Service is stable with no downtime or reliability issues, and we receive notifications regarding any changes or downtime prior, which makes it easy to notify our users.

Radware Cloud WAF Service can handle growth easily as our needs increase.

The experience with customer support is very good because when I raise a case, I will receive prompt responses and continuous follow-ups regarding the tickets.

I do not know regarding money saved, but definitely, the time saving with the WAF is very useful because nowadays, saving time for employees and your organization is the best practice.

Regarding pricing, if an organization wants to protect their domains with a clear and very good experience with WAF services, I do not think the price is an issue because for perfect security with the domains, you will get the best services for the pricing.

I would advise others looking into using Radware Cloud WAF Service to go for this WAF because it is very helpful and very protective for the domain.

The main use case my organization has for Radware Cloud WAF Service is the protection of websites. A concrete example of how my organization uses Radware Cloud WAF Service to protect these websites is that the platform is protected by hardware against attacks such as SQL Injection.

Radware Cloud WAF Service is very good, and there are various features such as DDoS for blocking mass attacks. The best features offered by Radware Cloud WAF Service include that it is SaaS. The features I consider to be the best include a user-friendly interface, very good support, fast response times, and very advanced tools for blocking Zero-day attacks. The positive impact of Radware Cloud WAF Service on my organization is the defense of the websites of our clients, since hackers constantly attack the websites and Radware Cloud WAF Service protects our websites. Since using Radware Cloud WAF Service, we have experienced measurable benefits such as the blocking of SQL Injection, XSS, RFI, LFI, and various injection attacks.

An aspect that could be improved in Radware Cloud WAF Service is having more reports. I would prefer that part to be improved by having the data presented in charts and more visual dashboards in order to have a more accurate analysis of what is happening in real time.

I have been using Radware Cloud WAF Service for two years.

I consider Radware Cloud WAF Service to be a stable solution.

I have not needed to scale the initial service yet, as it still meets my needs.

I would rate Radware's customer support for Radware Cloud WAF Service as very good. On a scale from one to ten, I would rate customer support a ten.

We used other solutions before Radware Cloud WAF Service, and then we migrated to Radware.

Before choosing Radware Cloud WAF Service, we evaluated other options, considering it being SaaS in the cloud because of the ease of configuration and maintenance.

I rate Radware Cloud WAF Service a ten overall. I give it a ten because I appreciate the platform, the support, the blocking capabilities of the tool, the features, the infrastructure, and the ease of use. I would advise other professionals considering using Radware Cloud WAF Service that it is very good, very fast, and very simple to understand and configure, although I do not have information about the price.

We are in the post-implementation phase of using Radware Cloud WAF Service right now, but we have been using a Radware solution for about six years in our company.

Right now, we are working on transitioning our systems to the cloud. We have just obtained the license and are currently testing the system as part of the implementation process. This started back in January of this year, and we are approaching one year of use. While we are in the post-implementation phase, our corporate structure has a lot of approval processes that require multiple steps. Because of this, we can't fully transition to the protection capabilities of Cloud WAF just yet. However, we are actively using and testing it, and we are taking note of all the results.

Our company works in banking, and every day we face malicious and suspicious requests incoming to our site. Radware Cloud WAF Service is helping protect against these threats effectively. When we were using physical hardware, it would become overloaded and go down, making it impossible to protect our site. Radware Cloud WAF Service protects all of the backend applications and services by defending against malicious and suspicious requests.

Automated analytics are easy to use. When we were using manual detection, it was difficult to detect certain traffic patterns. The automatic detection is very effective.

Radware Cloud WAF Service reduces false positives compared to our previous on-premises system. After implementing Radware Cloud WAF Service, I observed the alerts and noticed a significant reduction in false positive blocking. It has more advanced capabilities, including header request searching.

We have integrated it only with Splunk so far, and it's easy to integrate.

Bot Manager's configuration is straightforward. We input IP addresses, local IPs, and configure log sending to Splunk.

The interface is really cool, especially with the dark theme. It looks clean and organized, which I appreciate. It's not complicated at all.

Support is prompt and efficient. The response to our support tickets has been quick, and I'm really happy with that. Overall, I'm glad with my experience so far.

It is easy to use for me. I've already been working with the hardware and the portal for two years now. I know where everything is, so I find it easy.

They might need to add more integrations. Adding AI-based search capabilities would be beneficial, allowing us to search for the origins of bot attacks by country. The behavioral analysis could be made more efficient. While Bot Manager has many of these features already, there is room for further enhancement.

It is stable.

It is scalable. 

The support team responds quickly to our tickets, and I am very satisfied with their service.

Positive

The Radware deployment process was straightforward and easy to install. Our company has many approvals and processes, so it took over two weeks.

Our SOC team with ten people works with this solution. Our company has two teams working on security systems with three levels of engineers. I am a level two engineer handling configuration and monitoring. The level three engineers manage major updates and have comprehensive knowledge of the system.

We conducted POC testing with three systems: Akamai, Imperva, and Radware Cloud WAF Service. We only tested Imperva and Radware because Akamai did not meet our bank corporation's policies regarding reseller companies. Imperva had too many issues.

The Imperva cloud solution was located in Hong Kong, which was too far from Mongolia and caused internet connectivity issues. After testing it, we were not satisfied. We then tested Radware Cloud WAF Service and found it easier to use, particularly since we were already using Radware Bot Manager in the cloud.

Currently, we are not using the API discovery feature as we are in the pre-implementation phase of API protection. We are focusing on getting Radware Cloud WAF Service into production first. After that, we plan to implement additional features such as API security and customer security.

In Mongolia, we do not have a CDN and are currently using Akamai CDN. The situation in Mongolia is restricted and somewhat complicated.

I would recommend this solution. Radware is the largest company in the security solutions industry. They have many prototypes and numerous integrations. This is an important aspect of the purchasing process. Another key point is their support; they provide a quick response to your inquiries. Their service is easy to use. With Radware's cloud solutions, they cover all aspects of security effectively. They are able to provide comprehensive coverage for your needs.

I would rate Radware Cloud WAF Service an eight out of ten.