Cloud Protection

We use Radware DDoS  for our web services, and currently, we have added one more thing; we are using it for our API gateways also. The API service we are calling is being managed through the load balancer only.

Radware DDoS can reduce our bandwidth and provide the required performance. Bandwidth compression and all other features are available. SSL encryption, decryption, and offloading are all features we are using, and they provide the benefit of reducing the workload on the server. The server will perform related applications and will not have to do other tasks like DDoS protection, SSL encryption, decryption, or compression. Everything is handled by Radware only. Rather than the requirement of the server being increased two to ten or fifteen fold, with four to five servers, it will properly optimize, and we are getting proper performance.

From the features perspective, the best features in Radware DDoS include SSL onloading and offloading, compression, and the proxy feature. The reverse proxy we are using is a great feature. The response time is excellent. We are getting responses in two to three milliseconds, so performance-wise, it is excellent.

Radware DDoS has reduced my need for additional infrastructure investment due to DDoS threats. We have invested in all the products in data center, disaster recovery, and far disaster recovery sites. For the cloud, we have also purchased Web Application Firewall  in the cloud.

From the features perspective and functionality-wise, there are areas of Radware DDoS that I would like to see improved or enhanced in the future. Version upgrades are being provided, but they should communicate with clients about these new features being available so clients can test them and deploy them on the disaster recovery system before moving to the live segment. There should be a test report that will provide confidence that the version is stable and everything will work properly. Last time we faced an issue with a version upgrade, and we faced extensive troubleshooting with littile bit more time in the troubleshooting process. It turned out to be a small issue that was resolved by the engineering team.

I would like to see improved support from Radware DDoS. Sometimes in support, we have to log the call with their support partners rather than Radware. After ten years of experience, we know exactly what the issue is, and we understand that it cannot be handled by their support channel or partner level. Radware team always asks us to go through the partners, but sometimes we have found that the issue cannot be handled by the partners. After the partners fail to resolve the issue, it goes to the Radware team. At that time, one to two days of required timeline gets increased by one to two days. If Radware came into immediate action and resolved the issue rather than relying on their service partners, it would be better. After ten years, we have the knowledge of troubleshooting, and we understand that the issues we are facing with Radware can only be resolved by their team. However, due to their policy, they insist we move through the partner first, and only after the partner fails do they escalate to Radware. During that troubleshooting period of twenty-four to forty-eight hours, we remain in an unresolved state with the reported issue.

I have been working with Radware DDoS since around 2016 and 2017. I am currently working with Radware DDoS  and we renewed the product as well.

When it comes to performance, I find Radware DDoS to be stable. I have not seen it utilized beyond a particular load. It is not even using 10% of its capacity. It is fully optimized, and the performance is very good. It is top-notch.

I assess Radware DDoS's response times after an attack as stable. The response time is stable and consistent. It works stably during any attack. It is very optimized, as the utilization never gets more than 10%.

Radware DDoS detects incidents immediately. If you are monitoring, it immediately detects and shows the issues on the system. It is not taking much time. In milliseconds, it shows that the issue is on the dashboard. After that, troubleshooting becomes easier to proceed further. Whatever the dashboard shows, whether the service is down or any misbehavior, we can identify it immediately.

Radware DDoS is scalable. As per requirement, we can scale it. We can increase the connection and whatever required server connection is needed. As I mentioned, it is never seen at 10% utilization, whether in bandwidth, CPU, or RAM, it does not cross 10%. There is more than enough capacity and room for scalability in future requirements.

I would evaluate Radware DDoS technical support and customer service team as an eight out of ten.

Prior to Radware DDoS, I used F5.

My experience with the deployment of Radware DDoS has been smooth. We had the existing product of Radware, so we only had to export and import the configuration. A half hour of downtime was required. It was smooth, and we never experienced such a wonderful migration with Radware. Within a half hour or within a fraction of time, we exported and imported the new configuration to the new hardware from the old hardware, and it has been working smoothly without any hesitation or issue.

I purchased Radware DDoS directly through an authorized Radware vendor. Through the RFP process, we obtained the product from the authorized service partner. Radware team is directly in touch for the installation and upgrades of the system, including pre-planning and post-migration activities. Everything involving Radware DDoS is handled by the Radware team.

I have seen return on investment with Radware DDoS. Within three and a half years, we found that we are achieving the ROI on the product investment.

I assess the cost versus value of Radware DDoS protection compared to other solutions that I have evaluated as always better with Radware. We have proceeded with Radware DDoS, and we are achieving the ROI in three and a half years as mentioned earlier. Rather than providing service on a subscription basis, we purchased it for a long period of time. This provides better value for the ROI.

The key differences, both pros and cons, of Radware DDoS in comparison to F5 or other technologies I have evaluated are based on usability and cost. We have conducted evaluation with Array as well. Array has a complicated GUI, while Radware DDoS has a user-friendly GUI. The configuration part is user-friendly and very understandable. F5 also has the same configuration part, but in terms of cost, Radware DDoS is far more comfortable and budget-friendly. Array does not have user-friendly interfaces, and we found some challenges with it. We decided to choose Radware DDoS because it performs at the top-notch level like F5, and it is budget-friendly. Whatever requirements we have are fulfilled with Radware DDoS, so we proceeded with it.

My experience with Radware DDoS's behavior-based detection technology in terms of real-time attack detection and minimizing false positives has been positive. False positives are not occurring. Detection is working perfectly because we observed that whatever required traffic is passing through with the required URLs. There is proper protection related to DDoS and other required vulnerabilities.

Radware DDoS protection ensures that legitimate users are not affected during a DDoS attack by properly blocking traffic and allowing only required traffic. During a DDoS attack, Radware blocks whatever traffic is necessary, and they allow only the required traffic. For a particular time frame, they will block particular IP addresses. Whatever the attacks are and the IP address or any stream, it will be blocked.

Radware DDoS has helped me reduce the number of false positives that my organization receives in response to attacks. Their support is available, but after issuing the ticket, they rely on the service partner. Rather than relying on the service partner, if direct support from Radware was provided, it would be better.

Overall, Radware DDoS has helped me reduce downtime associated with attacks. As mentioned earlier, minimum downtime of one to two days is required by default. That is why they need to improve support. One more thing I would like to add is that they have a limitation in the knowledge base articles on their platform or any other platform on search engines. Either they should open their existing learning module to understand the issues and solutions that we have faced and reported, or other users and clients can understand the issues and take benefit from the resolution through the knowledge base articles. One more thing is that certification is also required from their side. If there is an educational certification in Radware, they should provide it or promote clients to take an active part in the certification to understand the new functionality and what is going on in Radware DDoS. After the certification, clients are able to understand better and will also reduce their downtime with proper education and knowledge of Radware DDoS products.

Given my rich experience with Radware DDoS, I can share this piece of advice with other organizations considering it: automated reporting is required. When anything happens, automatic reporting should be provided through email or any platform. Rather than being able to log on the dashboard continuously twenty-four hours a day, seven days a week, if there is any incident, you should get a report or an email alert that something is happening or something is wrong with your system. Through reporting or email communication, you will be able to understand. If the team is monitoring, they can take immediate action on that.

My impressions of Radware DDoS's SecOps dashboards for monitoring and reporting metrics are that they need improvement. As mentioned earlier, version upgrades require some improvement in the monitoring version. A little improvement is required in the monitoring version. There is a single management console, but there is too much room for improvement in automation and reporting.

I assess Radware DDoS's SecOps dashboard for providing historical information on protected objects and networks as providing a detailed view. It provides a detailed view of the objects. There is an option for modification and detection, and we can take action through the dashboard and monitoring system. However, as I mentioned, there is a requirement for some improvement as per the competitor's standards. Room for improvement exists for reporting automation and some advanced features. I think it is not a part of the licensing, because we are already on the top license or higher license side. Whatever features are available should already be there.

Regarding how easy or difficult it is for non-technical staff to use Radware DDoS's SecOps dashboards, I would rate it six to seven out of ten, rather than other products. It is not that difficult to understand.

Overall, I give this review a rating of nine out of ten.

Our primary use at the moment is on auto-scaling in AWS . By using that and changing the architecture a little bit, auto-scaling is basically only needed when it comes to high-volume times like Black Friday and end of the year. Instead of having it permanently running, it is now only used during certain times of the year when we scale up and then scale in again.

I have used Radware DDoS  web DDoS protection, such as HTTP L7.

Radware DDoS  has been very good in mitigating advanced DDoS threats, such as burst, DNS attacks, and floods.

Radware DDoS protection ensures that legitimate users are not affected during a DDoS attack. This protection has helped uncover miscommunication between different departments within the company. For instance, the marketing team decided to allow a company to scrape the website or a specific part of the website. By finding that out and confirming it, it created a new communication channel internally and between users and clients, whether it is a B2C or B2B type of connection. We were able to find out in advance that a company was busy scraping a lot of data, but it looked like a bad configuration on their side where it was supposed to be a simple query, without having to break anything. This information was highlighted within the technical side and then communicated to create a communication channel.

The most valuable features I have found include sourcing geo information to determine where the DDoS queries are coming from, and then assisting with reporting to management and senior management. The technical information is great, and converting that into what is being targeted by the DDoS and from where is very helpful.

My experience with Radware DDoS behavior-based detection technology in terms of real-time attack detection and minimizing false positives helps from a technical perspective to get the information and then conduct deeper analysis. The behavior analysis around company announcements, whether it is a retailer or a bank, helps to see how the increase in attacks happens around certain keywords, especially if it is a financial announcement.

There is always room for improvement as nothing is perfect.

The additional features or improvements I would like to see in the next release of Radware DDoS include better algorithm tweaking and enhanced analytics for finding unique possible attacks. There are many people on the dark side that use spray and pray tactics, yet there are companies making use of very light tests and getting small but consistent replies. If that can be automated better, then that will help. This is also known as a low and slow attack.

I have been working with Radware DDoS directly for about four or more years now.

I would rate Radware DDoS stability about an eight.

I would rate the scalability of Radware DDoS a nine. There is always room for improvement.

I think their technical support is about an eight to nine, depending on the person I talk to and the willingness to reach out internally if there is something that they need to find out.

The quality of first-level support might not be so high at times, especially if it is a technical team that is working or managing the DDoS environment as a client.

Before Radware DDoS, I researched other products. Other than that, it was more just tools that were available within AWS , Azure , and those types of things, WAFs, that we configured but could not handle.

My experience with the deployment was straightforward. Obviously, there were some misunderstandings and assumptions that came to light during the deployment. From my side, that is normal in these situations: not understanding what was explained or someone within the team on our side assuming something instead of asking questions and conducting research.

We deployed it ourselves and with Radware.

I have definitely seen return on investment with Radware DDoS. The number of failed requests after implementation reduced drastically.

Radware DDoS has reduced my need for additional infrastructure investments due to DDoS threats.

My experience with the pricing of Radware DDoS has been that it is reasonable. There is always the request to sharpen pencils, which is a normal story.

I evaluated what is now called Thales and their services, and then also a company that had a proprietary algorithm that they use, which was not good. It was a local company. I also went through some testing of Citrix and Cisco and all those providers that said they had services available to see if it fits our requirements.

Radware DDoS protection ensures that legitimate users are not affected during a DDoS attack. This protection has helped uncover miscommunication between different departments within the company.

The average amount of time it takes for Radware DDoS to detect an incident is quick. The average that we used was a five-minute checkup, and it is usually less than that, which is what we found.

I would assess Radware DDoS response times after an attack as very good. It is catching something before it gets noticed by the SOC, which is always helpful.

My impressions of the SecOps dashboards for monitoring and reporting metrics are that they are good. Most people are pleased, which is normal. Someone would always prefer to see something specific, and understanding what people want is usually one of the big things.

I assess the SecOps dashboard for providing historical information on protected objects and networks as great for the security team. For reporting, it helps to break it down into different environments, if it makes sense, to report to management.

It is easy for non-technical staff to use the SecOps dashboards with just a little bit of training.

I would rate Radware DDoS as a product an eight overall.

Currently, I only use Radware DDoS . I have been carrying Radware DDoS  for about 10 years already.

Radware DDoS can mitigate attacks from layer 4 to 7, which makes the organization more secured with a dedicated DDoS solution.

Using Radware HTTP or HTTPS protection actually protects my application at the application layer. I am confident that the applications running on my system are well protected from different types of DDoS attack.

Radware DDoS is very effective in mitigating distributed denial-of-service attacks. The solution is very mature, and since Radware DDoS can detect attacks within 18 seconds, it really helps the organization against those types of attacks.

Using behavioral-based detection, Radware DDoS can detect even unknown or zero-day attacks and mitigate those attacks within 18 seconds. That is the advantage of the behavioral-based feature of Radware DDoS.

Radware DDoS can pinpoint whether users are legitimate or illegitimate, meaning the traffic. That is one of the key features that Radware DDoS has.

On the appliance, maybe the hardware could be improved. Most of Radware DDoS appliances are physical, so they could improve that aspect.

In terms of the system and the functionality, Radware DDoS is constantly upgrading.

I have been working in the industry for 25 years already.

Deploying Radware DDoS is very easy. It is an inline appliance, so I just put it in line and then configure it using its Cyber Controller. Cyber Controller is the management interface for the Radware DDoS device or appliance.

It does not take much time to set up. If I already have the information in place, it does not take much time to configure Radware DDoS.

Including the downtime of the customer or deploying it, it will take maybe an hour or an hour and a half if all necessary configuration is already pre-configured.

The only thing needed is mounting the appliance because it is heavy.

Radware DDoS definitely reduced my operational cost.

Radware DDoS response time is in real-time. As mentioned earlier, it can detect vulnerability or attacks within 18 seconds and can generate its own signatures within that period.

I would rate Radware DDoS a 9 out of 10.

In my previous company, I used Radware DDoS  for more than one and a half years, and it was positioned in front of the perimeter firewall.

Our main use case for Radware DDoS  was to protect the external services, which were deployed on Big-IP F5, and then in front of that, a Check Point firewall was there, and in front of the Check Point firewall, Radware DDoS was there, protecting all the external services for that particular company I worked for.

I can give a specific example of an attack where Radware DDoS made a difference; we verified that an attacker tried to generate a TCP flood attack originating from multiple sources, and Radware DDoS was able to mitigate that based on the security features that were enforced on it.

Regarding our use case for Radware DDoS, it was enforced for each and every application, with TPS assigned there for verifying the requests coming from each single source, either based on a single source or distributed sources.

In my experience, the best features Radware DDoS offers include the ability to mitigate DDoS attacks such as TCP and SYN flood attacks; we can also mitigate UDP flood attacks, and while using TCP, it can verify the client and many other aspects, being implementable on Layer 7 for more granular information such as user-agent, which is possible if we import the private key of the particular service.

Out of all those features, the one that had the biggest impact for my team was the Layer 3 and Layer 4 DDoS implementation because it was more effective for us; we did not want to have decryption on the first layer of defense as it would introduce latency for our applications.

Radware DDoS has positively impacted my organization by sorting unwanted traffic, specifically malicious traffic targeting the applications, and it has taken the burden off the perimeter firewall during incidents.

For one particular incident, I believe that more than two million requests came through, and I think over twenty million requests were mitigated at the Radware DDoS level.

I believe Radware DDoS could be improved for cloud deployments with more granular controls that could provide valuable gains for the company, especially by verifying whether the client is genuine or not with additional metrics.

While I think the support is quite good and the user interface is acceptable, it does require a more friendly interface, although I cannot recall the exact improvements needed.

I have been in this field for more than four and a half years.

Radware DDoS is stable in my experience, with no downtime or reliability issues; on-premises performance exceeds expectations.

Radware DDoS's scalability is good; scaling up or down is easy without performance issues.

Customer support for Radware DDoS is fine; I would rate them nine out of ten. The learning curve for Radware DDoS was fine; it was easy for my team to get up and running.

I do not believe we had any other DDoS solution prior to Radware DDoS; we had F5 Cloud DDoS for cloud, which was good but still used Radware DDoS for on-premises.

I have seen a return on investment with Radware DDoS because it reduced our work by mitigating traffic before it reached the perimeter firewall, which lessened the need for extra security policies.

I am unsure if we evaluated other options before choosing Radware DDoS; my team likely did, but I was not part of that particular process.

My advice for others looking into using Radware DDoS is that if they are seeking a good solution while also considering budget, Radware DDoS is a suitable option.

I would rate Radware DDoS a seven out of ten because I believe that our board DDoS is much better.

I think we have covered all the aspects of Radware DDoS, but I feel the cloud requires more attention compared to on-premises. I gave this review a rating of seven out of ten.

We are using Radware Cloud DDoS installed in our organization, and I work with a banking client where we use it to protect against outside attacks coming from external sources.

I have used Radware's WAF , HTTP, and L7 DDoS protection, which protects from layer four to layer seven. It functions as a WAF  device, and for layer seven, it is very useful for us in protecting from application layer attacks. We use Radware Cloud DDoS in our organization for many purposes, such as detecting new TCP handshake violations, and we maintain contact with Radware TAC for any issues. We raise Radware TAC cases for technical assistance from the portal and receive support.

We use both Akamai  and Radware DDoS , with 95% of our traffic routed through Radware DDoS itself. I have seen it effectively protect our system from external threats and malicious IPs, helping us check the traffic and block any unwanted IPs. Compared to Akamai , we find Radware DDoS cloud solution somewhat better, so we route our traffic through it.

Radware DDoS protection ensures that legitimate users are not affected during a DDoS attack by having configured policies for our banking subnets. We know our subnets, and for legitimate users, we have configured a policy allowing our endpoints through Radware DDoS. Anything other than our endpoints is detected and quarantined, and we receive alerts on our mobile if there are flood attacks. Our team gets notifications so we can log in and check the specific IP involved and quarantine it accordingly.

Radware DDoS is quite stable, and we have not encountered issues recently. Previously, we had issues with customer support, but over the past three months, I worked on TAC cases and found their response to be prompt, usually within three to four hours, providing legitimate solutions.

Radware DDoS has been quite effective in mitigating advanced DDoS threats such as burst and DNS attacks, encrypted SSL floods, and IoT botnets.

I have worked simultaneously with both Akamai and Radware DDoS. Radware DDoS was in place before I joined, but we later brought in Akamai due to previous support issues with Radware DDoS. Nonetheless, we still route 95% of our traffic through Radware DDoS.

Radware DDoS is very useful for us in protecting from many attacks, particularly flood attacks and SYN flood attacks, which we deal with in the banking environment. When people are trying to access our systems and attempting to hack, they send continuous pings and flood our systems, and we are using Radware DDoS for that purpose.

What I appreciate about Radware DDoS is that it is very easy to use. We are configuring new rules on Radware DDoS by directly going to the Radware cloud firewall and writing new rules for bypassing and blocking. We use it for geo-based blocking as well, blocking access for users from countries such as China or Japan if we do not want to give them access. We are configuring the objects and implementing them on the security rules, and it is interesting and user-friendly. It is easier for us to handle the access part and any configurations.

My experience with Radware DDoS's behavior-based detection technology in terms of real-time attack detection and minimizing false positives is positive. It provides granular control where you can configure per hour or per day for different threats. Its layer seven cloud firewall protects against outsider threats, and it is very effective in that aspect.

Radware DDoS response times after an attack are quick, and we receive alerts within seconds of a flood attack happening.

The average time for Radware DDoS to detect an incident is only milliseconds, as even a delay of ten seconds is significant in networking.

I see measurable benefits from Radware DDoS in terms of efficiency improvement, particularly in the banking environment where many flood and TCP attacks are happening. It serves as one of the best solutions against the current cyber attack trends.

In Radware DDoS, everything is good as it is, but I think it can improve with more automation linked to the system. We have good real-time monitoring, and documentation is also helpful, but any integration with platforms such as Splunk would enhance it further.

In terms of specific features missing in Radware DDoS, I would appreciate seeing an API Protector or similar capabilities that Akamai has. These allow for record creation on Akamai that Radware DDoS currently lacks.

I have been working with Radware DDoS for the past year.

Radware DDoS is quite stable, and we have not encountered issues recently.

In terms of scalability, Radware DDoS is easy to use. They have support documents available in their cloud portal, so we can check through them easily to see what can be done.

Previously, we had issues with customer support, but over the past three months, I worked on TAC cases and found their response to be prompt, usually within three to four hours, providing legitimate solutions.

I would rate the tech support of Radware DDoS a ten. They are proactive, joining calls and resolving issues effectively, fetching logs, sending reports, and providing resolution steps for the issues we have encountered.

I have worked simultaneously with both Akamai and Radware DDoS. Radware DDoS was in place before I joined, but we later brought in Akamai due to previous support issues with Radware DDoS. Nonetheless, we still route 95% of our traffic through Radware DDoS.

Key differences between Radware DDoS and Akamai are that in Akamai we can create external records and block traffic, but in Radware DDoS, we can only add endpoints for protection. However, we mainly work on Radware DDoS because most of our traffic is going through it.

I was not involved in the deployment of Radware DDoS.

Radware DDoS solutions have not reduced my need for additional infrastructure investments due to DDoS threats because it effectively stops attacks.

Radware DDoS helps to reduce downtime associated with attacks, depending on how we troubleshoot the issues. Because of Radware DDoS, many attacks can be mitigated effectively.

Generally, it saves us a maximum of five to ten minutes, minimizing downtime or response times.

I have worked simultaneously with both Akamai and Radware DDoS. Radware DDoS was in place before I joined, but we later brought in Akamai due to previous support issues with Radware DDoS. Nonetheless, we still route 95% of our traffic through Radware DDoS.

I would recommend Radware DDoS as a solution to others because it provides good timely responses and effectively stops attacks.

I do not have specific recommendations for other organizations considering Radware DDoS, but I find it quite good and think it should have more features, such as record creation. I have given this review an overall rating of eight.