Our primary use at the moment is on auto-scaling in AWS. By using that and changing the architecture a little bit, auto-scaling is basically only needed when it comes to high-volume times like Black Friday and end of the year. Instead of having it permanently running, it is now only used during certain times of the year when we scale up and then scale in again.

I have used Radware DDoS web DDoS protection, such as HTTP L7.

Radware DDoS has been very good in mitigating advanced DDoS threats, such as burst, DNS attacks, and floods.

Radware DDoS protection ensures that legitimate users are not affected during a DDoS attack. This protection has helped uncover miscommunication between different departments within the company. For instance, the marketing team decided to allow a company to scrape the website or a specific part of the website. By finding that out and confirming it, it created a new communication channel internally and between users and clients, whether it is a B2C or B2B type of connection. We were able to find out in advance that a company was busy scraping a lot of data, but it looked like a bad configuration on their side where it was supposed to be a simple query, without having to break anything. This information was highlighted within the technical side and then communicated to create a communication channel.

The most valuable features I have found include sourcing geo information to determine where the DDoS queries are coming from, and then assisting with reporting to management and senior management. The technical information is great, and converting that into what is being targeted by the DDoS and from where is very helpful.

My experience with Radware DDoS behavior-based detection technology in terms of real-time attack detection and minimizing false positives helps from a technical perspective to get the information and then conduct deeper analysis. The behavior analysis around company announcements, whether it is a retailer or a bank, helps to see how the increase in attacks happens around certain keywords, especially if it is a financial announcement.

There is always room for improvement as nothing is perfect.

The additional features or improvements I would like to see in the next release of Radware DDoS include better algorithm tweaking and enhanced analytics for finding unique possible attacks. There are many people on the dark side that use spray and pray tactics, yet there are companies making use of very light tests and getting small but consistent replies. If that can be automated better, then that will help. This is also known as a low and slow attack.

I have been working with Radware DDoS directly for about four or more years now.

I would rate Radware DDoS stability about an eight.

I would rate the scalability of Radware DDoS a nine. There is always room for improvement.

I think their technical support is about an eight to nine, depending on the person I talk to and the willingness to reach out internally if there is something that they need to find out.

The quality of first-level support might not be so high at times, especially if it is a technical team that is working or managing the DDoS environment as a client.

Before Radware DDoS, I researched other products. Other than that, it was more just tools that were available within AWS, Azure, and those types of things, WAFs, that we configured but could not handle.

My experience with the deployment was straightforward. Obviously, there were some misunderstandings and assumptions that came to light during the deployment. From my side, that is normal in these situations: not understanding what was explained or someone within the team on our side assuming something instead of asking questions and conducting research.

We deployed it ourselves and with Radware.

I have definitely seen return on investment with Radware DDoS. The number of failed requests after implementation reduced drastically.

Radware DDoS has reduced my need for additional infrastructure investments due to DDoS threats.

My experience with the pricing of Radware DDoS has been that it is reasonable. There is always the request to sharpen pencils, which is a normal story.

I evaluated what is now called Thales and their services, and then also a company that had a proprietary algorithm that they use, which was not good. It was a local company. I also went through some testing of Citrix and Cisco and all those providers that said they had services available to see if it fits our requirements.

Radware DDoS protection ensures that legitimate users are not affected during a DDoS attack. This protection has helped uncover miscommunication between different departments within the company.

The average amount of time it takes for Radware DDoS to detect an incident is quick. The average that we used was a five-minute checkup, and it is usually less than that, which is what we found.

I would assess Radware DDoS response times after an attack as very good. It is catching something before it gets noticed by the SOC, which is always helpful.

My impressions of the SecOps dashboards for monitoring and reporting metrics are that they are good. Most people are pleased, which is normal. Someone would always prefer to see something specific, and understanding what people want is usually one of the big things.

I assess the SecOps dashboard for providing historical information on protected objects and networks as great for the security team. For reporting, it helps to break it down into different environments, if it makes sense, to report to management.

It is easy for non-technical staff to use the SecOps dashboards with just a little bit of training.

I would rate Radware DDoS as a product an eight overall.

Radware DDoS dashboards are very interesting for me. The specific dashboard for analyzing traffic is very useful since I can display the different traffic of my customer for specific countries, such as Colombia, the United States, or India. This information is very important for protecting the solution. Another dashboard shows attacks, allowing me to check the amount and size for different types of attacks. In another dashboard, I can find reports, and it is very interesting how the reports work because I can configure them for different policies or physical interfaces. This is very useful for me. Another dashboard requires a license for GIL, but I don't have much experience with that feature. In general, this is good for me.

The best thing about Radware DDoS for me is that the solution is very accurate. The information and the different types of graphics and data are very important. It is easy to operate and to understand the solution in my case. I had the opportunity to work with other types of solutions, Cloudflare, for example, and Forti DDoS, which is another solution for Fortinet specific to DDoS attacks. Radware is very easy to use. In fact, I had the opportunity to finish many courses for this type of technology.

Radware released a new solution specific to HTTP or Layer 7, and I find this solution very interesting. I try to know more about this specific solution because nowadays many types of attacks are not only Layer 4 or Layer 3 but also application-layer attacks. This solution is very important for me because it aims to understand the traffic, the different protocols, the thresholds for specific applications, and I try to understand the correct behavior. In order to do this, I aim to mitigate different types of attacks. This solution is a significant win compared to other vendors because it tries to understand the traffic and the behavior of the traffic, and it utilizes intelligence or machine learning to mitigate false positives, which is highly customized for different types of customers.

It is very interesting how Radware DDoS works because it is necessary to understand how different types of traffic operate. It is necessary to understand how DNS works. DNS, the domain name system, requires understanding the different queries. The solution for specific DefensePro is very interesting because I can configure the queries and the different types of queries of DNS. This solution permits me to configure and protect the DNS service for different companies. This customization is very easy to implement in order to protect the DNS solution.

Radware can improve in several specific areas. The downside is the marketing. Radware does not have the same presence as others, such as Cloudflare or Akamai. This is a key factor because many types of customers prefer other solutions due to marketing. In my experience, the cloud solution needs improvement. For example, Cloudflare is better in this aspect. This is the downside for Radware, but this is my opinion only.

Marketing for the presence of different types of solutions is one area. Another is the cost. The different solutions for Radware DDoS are expensive. Better pricing is needed. The solution is very expensive, and a less expensive solution would be very beneficial because many people could acquire this solution and these products.

I have had the opportunity to use Radware DDoS since 2018.

Stability depends on the architecture and how the overall environment works. For example, when I have the DDoS solution, I need DefensePro. DefensePro is the technology that is in front of the traffic and protects against DDoS attacks. It is common for Radware to launch this solution with another product called Cyber Controller. This Cyber Controller is for logging and analyzing traffic to report and understand if a DDoS attack is occurring. In my experience, I don't have many issues with this. I remember only one time when not Cyber Controller but APSolute Vision, an earlier product, the memory and disk were full. When this happens, users can't connect. I solved this by contacting a Linux expert to increase disk size, which allowed user access again.

Support has two phases. I remember once that support was very bad, but if I don't have all the information, such as packet capture, architecture, or topology explanation, it is very difficult to present the correct environment to technical support, and it is easy to lose time. However, I had the opportunity at another moment with all the information collected in a document of files that explains the topology, how traffic works, and what the issues are that need to be reviewed. Then the support is good. For me, it is necessary to communicate effectively both about the technology and the context to ensure Radware understands everything quickly and efficiently.

My experience with other types of DDoS solutions is relevant. If I were to compare other solutions to Radware DDoS, I obviously view Radware as better. I had the opportunity to implement Forti DDoS, which is a solution for attacks by Fortinet, but the solution is very slow and hard to set up or configure. The concept of security is different, and for me, the solution for Fortinet is very bad compared to Radware. Radware works very well. I had the opportunity to operate Cloudflare, and it is good, with the solution in the cloud. For example, many customers move to Azure or AWS, and this solution is very native in those environments. I don't know how Radware works in this specific environment.

The initial deployment is very easy because when I implement this solution, the information and different materials from the vendor are very useful in order to implement it. Last year, I had the opportunity to implement a Shield for an important customer in Colombia, specifically in the government and forces in my country, Colombia. I had the opportunity to implement a Shield using DefensePro. I don't remember if it was a model 60 or 60P, but this solution is very useful, and the different stages to protect the solution for our customer are very good. The customer is happy with this solution because when the plan and the solution are very stable, it is easy to migrate.

The implementation of Radware DDoS technology requires proper planning and technical expertise. The material is very good because the technical information is useful for me. Deployment is typically in on-premises environments and needs careful integration into existing networks. It is common to know all technology and architecture of the network to avoid impacting latency or availability with this solution. But it is very common in these types of migrations or using this technology.

During the initial phase, the solution must learn the normal traffic. For example, planning with the customer on how the solution works is necessary. The initial phase is when it learns the traffic patterns for one week, two weeks, or three weeks, depending on the quality of traffic. After this time, I can block the solution to protect the traffic. This stage should be very easy and comfortable for our customers. In my opinion, this solution is very good for customers because in just two phases, I can protect against different types of DDoS attacks easily and quickly.

This behavior-based detection technology, VDoS, is a component that uses a mathematical statistical module that builds a threshold. This threshold is based on the amount of traffic and obviously behavioral patterns, such as how many packets in SYN, ACK, and the different flags for TCP or UDP traffic. The accuracy of these various traffic types is registered all the time.

It is very interesting how Radware's protection ensures that legitimate users are not affected during a DDoS attack. When I have the correct baseline, the traffic is blocked when it passes this baseline. It's very interesting how it works because the traffic is analyzed and registered. When the traffic is detected as illegitimate, it is blocked or dropped. It is necessary to make a decision in DefensePro in order to block or manage the traffic. Once I detect and correct it in DefensePro, obviously the traffic is blocked and returned for the customer. I have had the opportunity to see when different types of attacks materialize for different customers, and I understand that the customer continues using the traffic during an attack. It is very important for me that when different types of attacks materialize, the availability of data is vital for our customers. Radware works very well on this topic.

Radware can detect an attack very quickly because in November last year, I had the opportunity to implement this solution for another customer in banking, and I find the detection of different types of attacks to be very quick. During the initial phase, it learns to understand how the traffic flows. But once the traffic is detected, I can review different types of attacks, such as UDP attacks. ERT is another type of solution for Radware and is also very quick. When the traffic is analyzed, it quickly detects traffic for Radware in my experience. During this initial learning phase, while the traffic is learning, it obviously passes through and is not blocked. Then when I establish a plan with the customer of one week or two weeks to block the traffic, it obviously works better.

I like this technology because the concept of security is very good for me. It's very interesting how security impacts organizations. I like how Radware works because the concept of security is necessary to protect an organization's assets in order to mitigate the different attacks that can be launched nowadays. I would give Radware DDoS a rating of seven out of ten.