Radware DDoS Reviews

Opting for a solution like Radware DefensePro is a strategic move for our telecom company, especially considering the critical nature of our subscriber self-care portal and the potential impact on the organization's image and the country as a whole. 

Radware DefensePro is renowned for its advanced DDoS mitigation capabilities and has significantly enhanced the security posture of our infrastructure.  

As a public sector unit, the stakes are high, and DefensePro's ability to handle sophisticated attacks provides an added layer of confidence. Its scalability ensures that our telecom infrastructure can adapt to changing traffic patterns and evolving threat landscapes.

DefensePro offers a multi-layered defense mechanism, combining behavioral analysis, signature detection, and real-time threat intelligence to identify and neutralize DDoS attacks promptly. Its adaptive nature allows it to evolve with emerging threats, ensuring that our self-care portal is shielded against the latest attack vectors.

The solution's granular traffic inspection capabilities enable it to differentiate between legitimate and malicious traffic, preventing service disruptions caused by volumetric, protocol, or application-layer DDoS attacks. This not only safeguards our portal but also contributes to maintaining the promised 100% uptime.

The solution has many valuable features, including a regular signature update. Radware is providing regular signature updates for the DefensePro solution, thus our organization is better equipped to handle any new threat vectors.

The solution's reporting and analytics features are quite useful. It offers valuable insights into ongoing and past attacks, aiding in post-incident analysis and continuous improvement of our cybersecurity strategy. This proactive approach aligns with the need to not only mitigate threats but also to learn from and refine our security posture over time.

They need to provide more granular control over security policies, allowing organizations to tailor configurations based on their specific needs and risk profiles. There is a restriction on the number of policies that can be defined.  That count may be increased further to create more specific policies

They should integrate automated incident response capabilities to streamline the mitigation process and reduce response times during attacks.

It would be ideal if they could expand protocol support to cover emerging communication standards and ensure comprehensive protection against diverse attack vectors.

I've been using the solution for the last 11 years.

It is stable.  

Scalability is an issue. It can be made more scalable by considering the growing DDoS attacks and web services.

We've always received support when needed.

Positive

I did not use a different solution.

It was a straightforward setup. We had no hiccups.

Implementation was through the vendor team. I would rate them nine on a scale of one to ten where one is the worst and ten is best.

It is a good option for those who are looking for on-premises protection against DDoS attacks.

We primarily use the solution for web application firewalls and as hardware.

I can only distinguish Radware DefensePro from Netscout AED, which doesn't have such a protection network, behavior analysis, intrusion prevention, and maybe anti-bot modules. This product is more advanced than Netscout AED. However, I haven't the knowledge of how it looks in comparison, for example, to F5 or Fortinet appliances or others, as I didn't do RFI and RFP. The most important thing for me right now in the Radware portfolio, is that Radware went to the cloud and has a flexible model based on virtual machines that can be delivered in our data center model, which could be delivered via the public cloud. That’s the big advantage of Radware, from my perspective.

Its functionality is very good.

The behavioral analysis is of very good quality.

I started from scratch, from medium customers to bigger customers, and then maybe smaller ones. I would like to have more granular steps according to protected bandwidth, so the granularity should be better. For example, one gigabit of protected bandwidth, two gigabits, three gigabits, and so on. Right now, it's two, four, and six, something like that. It depends on the appliance, of course, as Defense Code 6 is the smaller one and next is 10 or 12. However, in general, the granularity could be better.

I’ve used the solution for five years.

The solution is quite stable. There are no bugs or glitches. It doesn’t crash or freeze.

The product is scalable.

We have 12 to 15 people on the solution.

I don’t directly deal with technical support. That is the responsibility of others.

I'm not a technical guy. From my perspective, the initial setup is not easy. However, it's not hard. Someone who would like to have a good security policy should have enough knowledge to configure it using the security policy. The knowledge is essential since it's not possible to implement a security policy without knowledge about the traffic, including what kind of traffic, what kind of application, what kind of parameters, et cetera. It's not a hammer. It's a security appliance. For our people, it's not as hard since we use it. We know how to use it. It's maybe more important to integrate it with additional systems like a CM.

The solution offers good quality for the price.

I prefer low investment expenditures. I prefer paying less at the beginning of the project. After the customer base starts growing, I can pay more.

This solution is moderately priced. I would rate it three out of five.

To deliver to our current customers, we had to buy something new. However, in the future, we would like to check what kind of opportunities are on the market.

We are in the middle of buying the newest DefensePro. We switched to the new technology as the old one is the end of life and end of support. That's why we have to buy a new DefensePro.

It's in our internal infrastructure, so it's in our network. It's not a data center, for example, Amazon, Azure, or Google Cloud.

With this model, it's all one. We would like to extend it in the near future, maybe to be more flexible. I am in the middle of the project and in the middle of how to distinguish protection against DDoS attacks and have Layer 7 and web application firewalls. In our offering, we combined these two areas into one service. One part is DDoS protection against 7th layer DDoS attacks, and the second is web application firewalls. Right now, I would like to work on how to distinguish to maybe separate it. I don't know what it will look like right now.

I’d rate the solution overall an eight out of ten.

We use the product to protect our centers from DDoS attacks. We deploy the tool across multiple offices across the Middle and Far East. 

The solution provides us with data security and better protection against DDoS attacks. It also gives monthly analysis reports, which are beneficial.

DDoS Protection Service provides excellent defense in the cloud, and the implementation and migration are very straightforward. 

The solution provides good real-time protection against threats. 

We use the Cloud DDoS Management System, and it provides good visibility into incidents. We can centrally manage incidents according to our defense flows.  

The Management System is very easy to use. 

The Cloud DDoS Management System provides many cloud-based tools for analyzing and managing attacks on our organization, including alerts and reporting. There's a dashboard that allows us to monitor alerts, and we can configure reports to receive them daily and monthly.  

The Cloud DDoS Management System mitigates attacks depending on their priority, but it takes less than 30 minutes to mitigate high-priority attacks, and the response begins immediately.   

The product's mean time to detect an incident is ten to fifteen seconds. 

There is room for improvement in the pricing; the product could be more affordable. 

Improvements to the support and protection are always welcome, though they are in a good place. 

We've been using the solution for ten years. 

The product is stable. 

The solution is scalable. We currently have 1,000 end users. 

The customer support is good; I rate it eight out of ten.

Positive

The initial deployment was straightforward; it took around a month, and 30-40 staff were involved in the setup. The solution requires some maintenance. 

The product gives us an ROI of around 20%. 

Radware Cloud DDoS is very expensive. 

I rate the solution ten out of ten. 

To someone looking for a DDoS Protection product but who wants to go with the cheapest option on the market, it depends on your support and how capable you are of integrating the tool with your customers.

Our company provide services to government organizations, banks, and local police. Approximately two weeks ago, our customer experienced an attack with a volume of about 20 gigabits. Despite the attack, the website remained available and working perfectly.

We use these solutions to provide services to our customers. Customers purchase DDoS protection solutions. We have DefenseFlow Pro installed at our facility. The customers' traffic passes through this DefenseFlow, allowing us to provide enterprise services to our clients.

We are very satisfied with the solution. Recently, our company has been facing difficulties due to attacks originating from the Russian Federation. DefenseFlow has proven to be a highly effective solution in protecting our customers.

Signature protection is enabled because it uses profiles stored in the device. When configuring protection for a customer, one can select from various profiles. Migration protection is the most crucial, and we offer subscriptions with Radware.

Another effective feature of Radware DefenseFlow is the behavior mechanism, implemented for protection. This mechanism monitors the customer's traffic and typically requires one day to learn the customer's traffic patterns, establishing baselines. If significant deviations from these baselines occur, the behavior protection is triggered to safeguard the customer's traffic.

Its documentation is not 100% clear, making it the weakest aspect of Radware. We have encountered some difficulties in understanding how to configure it correctly.

I have been using Radware DefenseFlow for three years.

The product’s stability is quite good.

Radware bugs can pass through a certain amount of traffic. They say this is clean or legitimate traffic. The box itself can test through 40 megabits per second of plain traffic, but you need to buy a license. The license can accommodate 10 gigabits per second. It's the same box, but you just buy a license to accommodate the traffic. Scalability is sort of purchasing a new license.

We, a team of four people were using this solution. There are some alerts configured on the box. We'll be monitoring the health of the device to see what situation.

We had some issues. When we opened a ticket, they responded immediately.

Positive

We're using a different solution from Juniper.

We have router, which connects to other routers functioning as SDR routers that have BGP sessions with our upstream providers. We installed DefenseFlow on the device and configured it according to our customers' needs. This setup allows traffic to pass through the DefenseFlow and then proceed to the customer's location.

Sometimes it blocks traffic, and it's challenging to identify the reason why it's blocking the traffic. We can clearly see that traffic is being dropped because when we configure the whitelist to bypass anything inside the box, the traffic begins to flow, indicating that the traffic was previously dropped. However, there are no traces of this in the logs. This doesn't happen very often, but there have been a couple of instances where we've encountered this situation. It took us few days to properly configure it.

The solution brings customers.

The solution is easy to use with extensive troubleshooting. Also, it is easy to integrate, simply connect to the switch and configure ethernet ports until you are ready to go.

Overall, I rate the solution a ten out of ten.

The solution is stable. 

It has a high level of scalability. It is reliable. 

The initial setup is easy.

Technical support is satisfactory. 

The features are good. 

We would like to have seven-layer functionality.

I've been using the solution for four years. 

The solution is stable and reliable. There are no bugs or glitches, and it doesn't crash or freeze. 

The solution can scale well, and it is easy to expand. 

We have about 1,000 people on the solution. 

Technical support has been good in general. We are satisfied with their level of assistance. 

Positive

It offers an easy initial setup. It's not overly complex. You shouldn't have an issue with the implementation process. 

I'd rate it 4.5 out of five in terms of ease of implementation. 

The licensing cost is about $50,000.

We are Radware partners. 

I'd advise potential new users to go with a hybrid mode and move to the cloud. That should be the approach.

I'd rate the solution nine out of ten. 

We use Radware to control close to the most sensitive areas of our network and as protection against significant external attacks.

The important features include automated protection and defense against many attacks, it's important that our networks are protected in the Radware cloud.

As price increases based on the volume of net traffic, it can get expensive. 

The NetFlow security could be improved too.

More customization options would be a welcome addition. 

We have been using the solution for three months.

The stability is good at the moment.

The solution has scalability. 

Technical support is good, I would rate it a five out of five. 

Positive

Initial setup is easy.

We implemented Radware deployment through a reseller. 

We use about 10 engineers for the deployment and maintenance of this product.

It's very important for us to have well-analyzed and protected traffic within our network, that's why we use this solution.

I would rate this solution an eight out of ten.

I'm a security engineer.

In terms of the environment that I work in, the SSL, DNS, and HTTP are all valuable features. This is a very technologically simple and effective solution. 

There are no issues on the hardware front, but on the management front, the APSolute Vision needs to be more granular so that it's possible to get real-time information. If I want to check on TCP traffic or any kind of traffic flowing between a source and a destination, I should be able to access it in real-time. For now, I have to check four or five options, then go for a TCPDUMP, download it, and then open it. It takes too long and is a complex process. There should be an option in the management server or on the GUI, to simplify things for users. It should just be a matter of putting in the source and the destination IP, to see the latency for that particular destination and what's going on.

Because Radware does not have its own control plane software, it can only integrate with specific products. They should aim to integrate with third parties such as Genie, Nokia, and Arbor DMS. It's currently very limited.

I've been using this solution for three years. 

The solution is stable.

Scalability is not an issue because the product comes with a scalable license. 

The customer support wasn't great but it was reasonable. 

The initial setup was very straightforward. Maintenance requirements depend on the size of the environment. If it's deployed in an ISP environment then it requires one or two administrators. If it's a single appliance for an enterprise environment, then one person is enough for maintenance.

I rate this solution seven out of 10. 

This solution is used to to block and mitigate cyber attacks. We have a lot of clients that use this solution including banks, corporates, and governments.

This solution is extremely scalable and has the highest level throughput (100G) which complies with Telco deployment.

The solution is also very secure and reliable and can be integrated with many different platforms. The configurations are very easy when considering the graphical user interface.

I would like to see more graphics within the dashboard. Right now, you are required to buy tools in order to have a graphical representation for your monitoring.

I have been selling this solution for a few years.

This solution is stable.

This solution has an entry level throughput that is extremely scalable. 

The support provided is very knowledgeable. We do not need to use them much since, as a distributor, we are trained and certified on the platform.

The initial setup was straightforward and much easier than the AppWall. You are able to install this solution on-premise in three to five days. There is a baseline that is based on the traffic of your network that can be adjusted and configured to your specific needs.

The whole process can be completed by a single engineer.

The price varies by use case and there are monthly and annual licensing options. If you deploy on-premise, there is an annual license with the amount dependent on the throughput you need and which features you will be using - i.e. IPS, behavioral, etc.

This is a great product for any organization looking to be protected from cyber attacks or hackers.