My use case for Radware Cloud WAF Service is for blocking malicious IP addresses.
Radware Cloud WAF
RadwareExternal reviews
130 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Automated threat detection and mitigation secure our network effectively
What is our primary use case?
How has it helped my organization?
Radware Cloud WAF Service blocks threats effectively, providing a comprehensive report that shows the traffic and denied traffic from malicious IPs or specific countries, so I am satisfied.
Radware Cloud WAF Service has reduced the false positive rate, and it's beneficial for our organization. By using Radware Cloud WAF Service, 30% to 40% of false positives are reduced.
For zero-day attacks, Radware Cloud WAF Service integrates threat intel, which detects anomalous traffic and blocks it automatically, preventing attackers from entering our organization or attacking our domains. Source blocking is effective because it has good capability to handle things automatically without human intervention, as a human cannot handle all the alerts and traffic.
The real-time BLA detection and mitigation of Radware Cloud WAF Service strongly performs to mitigate and take action against contamination. Radware Cloud WAF Service is quite effective and handles all traffic to HTTP or HTTPS effectively.
What is most valuable?
My organization is quite large, so we have to monitor activities promptly. Since it's not possible for a human to detect and address every threat, we implemented Radware Cloud WAF Service, which automatically detects and prevents DDoS threats and traffic without human intervention, making it better for us and protecting our organization.
With the automated analytics of Radware Cloud WAF Service, if multiple logins occur from the same malicious IP in the same pattern, the AI automatically recognizes it and takes the appropriate action, such as blocking or allowing, which is beneficial for us.
What needs improvement?
Improvement areas could be some of the AI capabilities related to false positives. The required IP addresses sometimes get blocked, so that needs to be enhanced. The AI recognizing features can be improved. Recognition aspects could be refined; it's performing at almost 99%, so there's a small margin for improvement.
For how long have I used the solution?
I have been using Radware Cloud WAF Service for three years in my organization.
What do I think about the stability of the solution?
It is stable. I would rate it a ten out of ten for stability.
What do I think about the scalability of the solution?
It is scalable. I would rate it a nine out of ten for scalability.
We have about 35 users working with this solution.
How are customer service and support?
I would rate their customer support a ten out of ten.
How would you rate customer service and support?
Positive
How was the initial setup?
It is easy. It takes 10 to 15 days.
What's my experience with pricing, setup cost, and licensing?
The pricing for Radware Cloud WAF Service is moderate; it's not expensive. We can't say it's low and we can't say high; it's moderate, and I got that perfect point.
Which other solutions did I evaluate?
It is easier to use with a moderate cost than others.
What other advice do I have?
To assess Radware Cloud WAF Service for blocking unknown threats and attacks, we have found that if an IP is identified as malicious, we can block it, and we utilize the graph chart provided. Using the CDN with Radware Cloud WAF Service is easy to implement and use; it's not a headache for us.
I would rate Radware Cloud WAF Service a nine out of ten.
Radware Cloud Webapp Firewall
What do you like best about the product?
What I like best about Radware Webapp Firewall is ability to provide cyber intelligence and dynamic protection without constant manual oversight. The autopolicy creation and behavioral anlysis features are particularly very good. Customer Support and availability of engineer is very impressive.
What do you dislike about the product?
As RadWare provides good and excellent protection. i would highlight a cone which is difficulties in Radware advance configurations. fine tune for custom rules is bit challenging.
What problems is the product solving and how is that benefiting you?
Radware Cloud Webapp Firewall does help by addressing several critical security challenges, specially protecting webapp from Advance and critical threats. It help us to mitigates risks from OWASP Vulnerabilities, botnet Attack, and zero-day attacks, which are common in our environment now a days. automated threat detaction and auto policy generation decrease the need for manual rule updates help us to save time and effort.
Saves significant time with user-friendly interface and proactive features
What is our primary use case?
My use case primarily involves the admin part, however, I haven't had a chance to do that yet. I'm using the tool for analysis purposes, such as monitoring application traffic trends and observing DDoS traffic and cloud requests, whatever hits we are getting from the internet on this application.
We also use the geofencing feature, which helps us significantly. During the recent conflict between India and Pakistan, we used the geofencing on our application onboarded on Radware Cloud WAF Service to block specific regions, preventing any unwanted traffic.
What is most valuable?
The features I find best about Radware Cloud WAF Service are its user-friendly GUI and the smooth deployment or onboarding process. I've interacted with colleagues in engineering who have noted that application onboarding is straightforward.
The dashboard allows me to see trends weekly, monthly, and daily for this particular application, enabling me to take action if I want to allow or block specific IPs or traffic.
I use Radware Cloud WAF Service daily for monitoring purposes, which saves approximately half an hour to one hour. In total, I can estimate around ten to 14 hours per week saved.
For automated analytics related to events, we can create details on the dashboard concerning automated analysis. I haven't explored it much but believe it would be useful for our respective business units since we've deployed various applications in Radware and they are regularly monitored by the application owners to ensure no impact on availability.
My assessment of Radware's solution to protect against zero-day attacks is perfect. I give it the highest marks of ten out of ten. Whenever such an issue occurs, we can directly add the relevant details or signatures for specific IPs in the rules, creating analytic rules to detect and prevent such incidents, which is commendable.
We are using the source blocking feature, which I consider one of my favorites. With geofencing, we proactively blocked many regions, and during that process, we raised a support case with Radware, which they addressed promptly by adding the IP list for blocking. After that, we learned how to block source IPs from the console, and I appreciated their good support.
I don't have any information on using Radware Bot Manager right now. For compliance, we have another team, the audit team, that monitors compliance processes related to application availability. They are the primary owners of the compliance for applications onboarded to Cloud WAF, and I do not track their specific changes.
We are using Web DDoS protection, specifically for HTTP L7, and I find it very efficient. There are no application issues as we create analytics rules to monitor traffic, and the implementation or configuration of such rules is straightforward.
Radware Cloud WAF Service is proactive, with notifications about scheduled maintenance provided by the Radware team, which helps us prepare in advance. If any issues arise, we can reach out to the support team, which is beneficial.
What needs improvement?
I've not explored deeply enough to identify areas for improvement in Radware Cloud WAF Service, but I can mention the retention policy. I'm not sure about how much historical traffic data we can access. Knowing the ability to view traffic from six months back would be beneficial for audit and compliance purposes, especially if an attack happens on an application. There was a request in the past that we couldn't fulfill due to this limitation, so I'd like to know more about the retention policy.
For how long have I used the solution?
I have been using the solution since I joined the company in January 2023, so I have been using this tool for the past two years.
What do I think about the stability of the solution?
I would rate the stability of the service as a nine out of ten, which is quite good.
What do I think about the scalability of the solution?
Regarding scalability, I can give it a mark of nine out of ten based on my experiences, as it meets our needs effectively.
My cybersecurity team consists of over 100 users, and multiple business units access Cloud WAF with their applications. I can estimate that approximately 150 to 200 people use it.
How are customer service and support?
On a scale from one to ten, I would rate the technical support that Radware provides for Cloud WAF Service a perfect ten.
How would you rate customer service and support?
Positive
What was our ROI?
In terms of return on investment, we've saved around 30% to 40% of time and resources. We get major insights from the analytics rules and dashboards, allowing us to pinpoint main issues. This detailed summary of particular hits and application traffic is incredibly helpful. This efficiency also means we don't need to hire extra resources, as the Radware Cloud WAF Service interface is user-friendly.
What other advice do I have?
I would definitely recommend Radware Cloud WAF Service to other users and organizations given the features we've utilized and the excellent support we've received, earning it full marks. Overall, I would rate Radware Cloud WAF Service a nine out of ten, as it performs excellently.
Ease of use allows effective investigation and real-time anomaly detection
What is our primary use case?
Radware Cloud WAF Service is utilised for analysis. As part of a SOC team and Incident Response Manager role, the team investigates incoming traffic to onboarded applications, identifies potentially malicious traffic, and takes appropriate action. This includes creating and modifying WAF rules and making decisions about which traffic is allowed or blocked, as well as IP blocking and related measures.
How has it helped my organization?
Radware Cloud WAF Service effectively blocks unknown threats and attacks, with no issues regarding its blocking capabilities.
The automated analytics meet my expectations for event analysis.
Its real-time, behavior-based anomaly detection benefits our threat management by reliably detecting and blocking malicious traffic.
What is most valuable?
Radware Cloud WAF Service is easy to use and requires little experience or resources. Basic tasks can be completed with minimal effort.
Integration was seamless, and the source blocking feature works well.
What needs improvement?
Radware Cloud WAF Service could improve its application onboarding process, as it only supports ports 80, 443, and 1024–65535; key ports like 993 and 995 needed for SMTP are unsupported, limiting email app protection. For IP whitelisting, the current setup allows all traffic from a specific allowed(whitelisted) IP without detection, which exposes threat. A more granular approach—allowing both page- and IP-specific access while detecting threats—is recommended.
The service earns eight out of ten for reducing false positives, but some legitimate traffic is still blocked due to header parameters. Whitelisting helps, but further improvements and AI-driven behavior analysis could enhance accuracy.
For how long have I used the solution?
I have been using Radware Cloud WAF Service for more than two years.
What do I think about the stability of the solution?
The stability of Radware Cloud WAF Service is perfect; I would rate it a ten out of ten.
What do I think about the scalability of the solution?
I find the scalability of Radware Cloud WAF Service to be perfect, rating it a ten out of ten.
How are customer service and support?
I would rate their technical support an eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We have several other tools for threat management, but we primarily rely on Radware Cloud WAF Service. It effectively identifies, detects, and blocks malicious traffic. This is the main feature we are looking for, and Radware Cloud WAF Service performs exceptionally well in this regard.
What was our ROI?
Implementing Radware Cloud WAF Service saves 20–30 minutes per traffic analysis incident.
Which other solutions did I evaluate?
I notice that Radware Cloud WAF Service has drawbacks when compared to other WAF solutions, particularly because we were checking other solutions that support custom ports for application onboarding. Many custom-built applications run on different ports, and that is something that needs to be addressed; it should support custom ports. Other WAFs in the market currently support custom ports, which poses a major drawback for Radware Cloud WAF Service.
Easy with better visibility
What do you like best about the product?
I have been using radware for a while and it's great at blocking threats and handling traffic spikes without slowing things down. The customization is powerful as well as navigation is simple. I use it regularly
What do you dislike about the product?
The initial setup is complex and report seems to be limited options.
What problems is the product solving and how is that benefiting you?
Radware WAF helps us in blocking web attacks, bots, and DDoS attacks in real time. This keeps our applications secure and available to the legitimate users. It reduces manual monitoring effort giving us better control over security posture of the applications. This has made our overall security management more efficient.
My Hands-On Review of Radware AI SOC Xpert
What do you like best about the product?
SOC Efficiency Boost
API Discovery & Cleanup
Isolation Layer Advantage
API Discovery & Cleanup
Isolation Layer Advantage
What do you dislike about the product?
Steep Learning Curve
Slow Performance
Limited Integrations
Slow Performance
Limited Integrations
What problems is the product solving and how is that benefiting you?
Secures exposed APIs with auto policy generation.
Dashboards offer live traffic and attack insights.
Frees up SOC analysts for strategic tasks.
Dashboards offer live traffic and attack insights.
Frees up SOC analysts for strategic tasks.
Enhances security with effective application attack prevention and time-saving visualizations
What is our primary use case?
We are using Radware Cloud WAF Service to prevent our applications from attacks, such as DDoS and other attacks.
How has it helped my organization?
Using Radware Cloud WAF Service has saved us considerable time. It provides good visualization and traffic information, saving around four to six hours for investigating logs whenever we try to pull logs from any other tools.
Radware Cloud WAF Service is quite effective for blocking unknown threats and attacks. We have 10 to 15 applications onboarded with Radware, and it has proven to be good at blocking threats from external sources.
Radware Cloud WAF Service is able to protect against zero-day attacks. They are committed to preventing any potential attacks. It has the capability to analyze behavioral patterns, which allows them to implement preventive measures. I have received notifications from Radware confirming that they are fully optimized to address zero-day vulnerabilities at this time.
What is most valuable?
Radware Cloud WAF Service allow us to directly filter the data from whatever attack was performed, so we can directly filter the attack details from the event viewer section, which is very helpful to us. Another module that I appreciate about Radware Cloud WAF Service is that it provides custom port security. The other tools are not providing the custom port feature where Radware Cloud WAF Service is providing, and it will be very helpful to us.
The automated analytics for looking at events in Radware Cloud WAF Service are working for us; the automatic event correlation is very beneficial to analyze how the alerts and events occur and visualize the patterns of network traffic and other traffic going in and out from the application via Radware Cloud WAF Service.
The combination of negative and behavioral-based positive security models is important for our security strategy; since most of our applications work internally, behavioral-based analytics helps us address issues where methods such as POST and GET are not functioning, so we raise concerns with our internal team to whitelist applications, thus helping reduce blocking of traffic in our environment.
Radware Cloud WAF Service is effective, particularly in the custom service it provides and its capabilities in DDoS protection and bot manager facilities, making it effective for validating the correlation part of incidents.
What needs improvement?
Regarding areas in Radware Cloud WAF Service that have room for improvement, one thing we observed was that we received a notification where Radware Cloud WAF Service stopped working properly in our cloud environment without any prior notification. We got the alert around one and a half hours after the event occurred, so I would suggest that they should notify customers in such scenarios.
For how long have I used the solution?
I have been using Radware Cloud WAF Service for three to four years.
What do I think about the stability of the solution?
The stability of the Radware Cloud WAF Service rates around nine out of ten.
What do I think about the scalability of the solution?
The scalability of the Radware Cloud WAF Service deserves a full ten, as it is definitely scalable.
Organization-wise, we have more than 100 users using the service currently.
How are customer service and support?
The technical support for Radware Cloud WAF Service rates 10 out of 10; whenever we require support, it is perfectly timely.
How would you rate customer service and support?
Positive
How was the initial setup?
The deployment method of the Radware Cloud WAF Service is very easy; since most of our applications operate on custom ports, it helps us integrate and onboard them securely.
The solution does not require any maintenance from our side.
What other advice do I have?
I am not directly looking into the integration aspect of the Radware Cloud WAF Service, but I have discussed it with other team members who might be using the integration part to collect logs from Radware Cloud WAF Service to get correlation and alert triggers for incident management tools such as ServiceNow and Sentinel, but they are not using it frequently or fully optimized currently.
We have discovered bot traffic involving attacks such as SQL injection. Radware's Bot Manager is working to prevent such attacks, especially with SQL injection and XSS attempts from outside entities. Regarding compliance with PCI DSS, we don't have any issues currently; we are also compliant with ISO 27001, and our applications onboarded on the Radware Cloud WAF Service operate without compliance issues.
We are using the web DDoS protection such as HTTP, L7 in the Radware Cloud WAF Service, and it is effective for us; we experienced an attack from the external side last month, which Radware Cloud WAF Service effectively prevented.
Overall, I would rate the Radware Cloud WAF Service a nine out of ten.
Radware Cloud WAF Works for Modern Web Security
What do you like best about the product?
What stands out most about Radware Cloud WAF is its comprehensive and adaptive protection against a wide range of web threats, including OWASP Top 10 vulnerabilities, zero-day exploits, bot attacks, and DDoS events. Its cloud-native architecture ensures seamless scalability and flexibility, while centralized management and reporting make it easy to monitor and control application security. The platform’s real-time threat detection, customizable rulesets, and integration with SIEM systems empower security teams to respond swiftly and proactively. These features, combined with Radware’s continuous policy refinement and support, make it a powerful solution for safeguarding modern web applications and APIs. Easy to implement & integrate. I use it almost daily to monitor and analyze traffic. Great experience with customer support as well, my queries were addressed in a timely manner.
What do you dislike about the product?
I’ve experienced a few service disruptions, including a global outage that impacted critical URLs and portal access. It was resolved, but it did raise concerns about reliability during high-stakes periods.
I find the SSL certificate provisioning and renewal process a bit cumbersome, and the API documentation could be more detailed—it makes advanced configuration harder than it should be.
Need more customization in reporting and dashboards.
I find the SSL certificate provisioning and renewal process a bit cumbersome, and the API documentation could be more detailed—it makes advanced configuration harder than it should be.
Need more customization in reporting and dashboards.
What problems is the product solving and how is that benefiting you?
First and foremost, it provides robust protection against OWASP Top 10 threats, zero-day vulnerabilities, bot attacks, and DDoS events, which is essential given the scale and sensitivity of the applications we manage. It also helps streamline application onboarding through API-based automation, making it easier to secure new domains quickly without manual overhead.
One of the biggest benefits I’ve seen is its centralized management and reporting, which gives us clear visibility into threat patterns and system health. The platform’s self-healing capabilities have proven valuable during incidents—like the bot manager configuration issue—where services were restored quickly and corrective actions were implemented to prevent recurrence.
One of the biggest benefits I’ve seen is its centralized management and reporting, which gives us clear visibility into threat patterns and system health. The platform’s self-healing capabilities have proven valuable during incidents—like the bot manager configuration issue—where services were restored quickly and corrective actions were implemented to prevent recurrence.
Radware Cloud WAF review
What do you like best about the product?
What I like best about Radware Cloud WAF is its precision. In a landscape where threats evolve faster than policies, Radware’s rule engine stands out for its granular control and customizability. Whether it’s defending against advanced bot attacks or fine-tuning API security, the platform offers a level of depth that’s rare in cloud-native WAF solutions.
Its support for non-standard ports, recursive DNS, and SIEM/SOAR integrations makes it a versatile fit for complex enterprise environments like ours.
Its support for non-standard ports, recursive DNS, and SIEM/SOAR integrations makes it a versatile fit for complex enterprise environments like ours.
What do you dislike about the product?
While Radware Cloud WAF offers robust protection against DDoS and other web-based threats, there are several areas where the solution falls short:
Complex Initial Setup and Integration
The onboarding process is not as seamless as expected. Integrating Radware Cloud WAF with existing infrastructure often requires significant configuration and troubleshooting, which can be time-consuming and resource-intensive
Limited Reporting Capabilities
The reporting interface lacks intuitive depth, making it difficult to perform quick and proactive threat analysis. Users have noted that the dashboards and analytics tools could be more user-friendly and customizable
Frequent Maintenance and Incidents
There have been multiple maintenance updates and incident notifications affecting the Asia Pacific (Chennai) and Global Cloud Portal components. These disruptions, while resolved, highlight potential reliability concerns in high-availability environments
Complex Initial Setup and Integration
The onboarding process is not as seamless as expected. Integrating Radware Cloud WAF with existing infrastructure often requires significant configuration and troubleshooting, which can be time-consuming and resource-intensive
Limited Reporting Capabilities
The reporting interface lacks intuitive depth, making it difficult to perform quick and proactive threat analysis. Users have noted that the dashboards and analytics tools could be more user-friendly and customizable
Frequent Maintenance and Incidents
There have been multiple maintenance updates and incident notifications affecting the Asia Pacific (Chennai) and Global Cloud Portal components. These disruptions, while resolved, highlight potential reliability concerns in high-availability environments
What problems is the product solving and how is that benefiting you?
Protection Across All HTTP Ports
Unlike Akamai, which only secures standard HTTPS ports (80 and 443), Radware Cloud WAF supports non-standard HTTP ports, making it essential for protecting a broader range of applications
API Security and Discovery
Radware offers API protection and discovery, which is critical given the increasing reliance on APIs in modern web services. This helps identify and secure exposed endpoints that could be exploited
DDoS Defense
It includes application-layer DDoS protection, helping mitigate traffic floods and ensuring uptime even during attack scenarios
Real-Time Threat Monitoring
Radware enables live data analysis and threat visibility, which enhances your ability to respond quickly to emerging threats
Unlike Akamai, which only secures standard HTTPS ports (80 and 443), Radware Cloud WAF supports non-standard HTTP ports, making it essential for protecting a broader range of applications
API Security and Discovery
Radware offers API protection and discovery, which is critical given the increasing reliance on APIs in modern web services. This helps identify and secure exposed endpoints that could be exploited
DDoS Defense
It includes application-layer DDoS protection, helping mitigate traffic floods and ensuring uptime even during attack scenarios
Real-Time Threat Monitoring
Radware enables live data analysis and threat visibility, which enhances your ability to respond quickly to emerging threats
Reliable and efficient cloud-based WAF for application security
What do you like best about the product?
Radware Cloud WAF provides strong protection against OWASP Top 10 vulnerabilities and advanced threats such as bot attacks and zero-day exploits. the real-time monitoring , automated policy updates and ddos mitigation features make it highly reliable. Its intuitive dashboard and detailed reporting help in quick threat visibility and incident response. The solution is also easy to scale, which it suitable for growing cloud environments.
What do you dislike about the product?
The Initia Setup and policy fine-tuning can be complex, requiring skilled resources. Sometimes false positive occur, which need manual intervention. The pricing is on the higher side compared to some competitors, and technical support response times could be faster.Integration with third-party SIEM tools can also be more seamless.
What problems is the product solving and how is that benefiting you?
Reduced Security Incidents
Organizations report a significant drop in successful attacks and breaches, improving overall security posture.
Improved Application Uptime
By filtering out malicious traffic, Radware helps maintain high availability and performance of web applications.
Lower Operational Overhead
Automation and managed services reduce the burden on IT and security teams, allowing them to focus on strategic tasks.
Enhanced Compliance
Helps meet regulatory requirements by providing robust application-level protection.
Customizable Security Policies
Offers granular control over rules and alerts, enabling tailored protection for different applications.
Global Coverage with Low Latency
Uses a global network of WAF points of presence (PoPs) for fast, reliable protection across distributed environments.
Organizations report a significant drop in successful attacks and breaches, improving overall security posture.
Improved Application Uptime
By filtering out malicious traffic, Radware helps maintain high availability and performance of web applications.
Lower Operational Overhead
Automation and managed services reduce the burden on IT and security teams, allowing them to focus on strategic tasks.
Enhanced Compliance
Helps meet regulatory requirements by providing robust application-level protection.
Customizable Security Policies
Offers granular control over rules and alerts, enabling tailored protection for different applications.
Global Coverage with Low Latency
Uses a global network of WAF points of presence (PoPs) for fast, reliable protection across distributed environments.
showing 21 - 30