We are using Radware Cloud WAF Service to prevent our applications from attacks, such as DDoS and other attacks.
Radware Cloud WAF
RadwareExternal reviews
130 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Easy with better visibility
What do you like best about the product?
I have been using radware for a while and it's great at blocking threats and handling traffic spikes without slowing things down. The customization is powerful as well as navigation is simple. I use it regularly
What do you dislike about the product?
The initial setup is complex and report seems to be limited options.
What problems is the product solving and how is that benefiting you?
Radware WAF helps us in blocking web attacks, bots, and DDoS attacks in real time. This keeps our applications secure and available to the legitimate users. It reduces manual monitoring effort giving us better control over security posture of the applications. This has made our overall security management more efficient.
Enhances security with effective application attack prevention and time-saving visualizations
What is our primary use case?
How has it helped my organization?
Using Radware Cloud WAF Service has saved us considerable time. It provides good visualization and traffic information, saving around four to six hours for investigating logs whenever we try to pull logs from any other tools.
Radware Cloud WAF Service is quite effective for blocking unknown threats and attacks. We have 10 to 15 applications onboarded with Radware, and it has proven to be good at blocking threats from external sources.
Radware Cloud WAF Service is able to protect against zero-day attacks. They are committed to preventing any potential attacks. It has the capability to analyze behavioral patterns, which allows them to implement preventive measures. I have received notifications from Radware confirming that they are fully optimized to address zero-day vulnerabilities at this time.
What is most valuable?
Radware Cloud WAF Service allow us to directly filter the data from whatever attack was performed, so we can directly filter the attack details from the event viewer section, which is very helpful to us. Another module that I appreciate about Radware Cloud WAF Service is that it provides custom port security. The other tools are not providing the custom port feature where Radware Cloud WAF Service is providing, and it will be very helpful to us.
The automated analytics for looking at events in Radware Cloud WAF Service are working for us; the automatic event correlation is very beneficial to analyze how the alerts and events occur and visualize the patterns of network traffic and other traffic going in and out from the application via Radware Cloud WAF Service.
The combination of negative and behavioral-based positive security models is important for our security strategy; since most of our applications work internally, behavioral-based analytics helps us address issues where methods such as POST and GET are not functioning, so we raise concerns with our internal team to whitelist applications, thus helping reduce blocking of traffic in our environment.
Radware Cloud WAF Service is effective, particularly in the custom service it provides and its capabilities in DDoS protection and bot manager facilities, making it effective for validating the correlation part of incidents.
What needs improvement?
Regarding areas in Radware Cloud WAF Service that have room for improvement, one thing we observed was that we received a notification where Radware Cloud WAF Service stopped working properly in our cloud environment without any prior notification. We got the alert around one and a half hours after the event occurred, so I would suggest that they should notify customers in such scenarios.
For how long have I used the solution?
I have been using Radware Cloud WAF Service for three to four years.
What do I think about the stability of the solution?
The stability of the Radware Cloud WAF Service rates around nine out of ten.
What do I think about the scalability of the solution?
The scalability of the Radware Cloud WAF Service deserves a full ten, as it is definitely scalable.
Organization-wise, we have more than 100 users using the service currently.
How are customer service and support?
The technical support for Radware Cloud WAF Service rates 10 out of 10; whenever we require support, it is perfectly timely.
How would you rate customer service and support?
Positive
How was the initial setup?
The deployment method of the Radware Cloud WAF Service is very easy; since most of our applications operate on custom ports, it helps us integrate and onboard them securely.
The solution does not require any maintenance from our side.
What other advice do I have?
I am not directly looking into the integration aspect of the Radware Cloud WAF Service, but I have discussed it with other team members who might be using the integration part to collect logs from Radware Cloud WAF Service to get correlation and alert triggers for incident management tools such as ServiceNow and Sentinel, but they are not using it frequently or fully optimized currently.
We have discovered bot traffic involving attacks such as SQL injection. Radware's Bot Manager is working to prevent such attacks, especially with SQL injection and XSS attempts from outside entities. Regarding compliance with PCI DSS, we don't have any issues currently; we are also compliant with ISO 27001, and our applications onboarded on the Radware Cloud WAF Service operate without compliance issues.
We are using the web DDoS protection such as HTTP, L7 in the Radware Cloud WAF Service, and it is effective for us; we experienced an attack from the external side last month, which Radware Cloud WAF Service effectively prevented.
Overall, I would rate the Radware Cloud WAF Service a nine out of ten.
Easy to use and understand WAF for beginners on WAF
What do you like best about the product?
Integrating the WAF on the Traffic flow was easy as the ability to bypass WAF controls and point the traffic to origin was a good option.
On boarding the Application on WAF is easy and quick as compared to other WAF Portals. Lots of security controls in place which are updated automatically and periodically by the Radware. We do use portal on day to day basis as we have many application point on it.
On boarding the Application on WAF is easy and quick as compared to other WAF Portals. Lots of security controls in place which are updated automatically and periodically by the Radware. We do use portal on day to day basis as we have many application point on it.
What do you dislike about the product?
Lack of Log Views, You will not get any logs for pass through traffic on the WAF. As the security controls are many on the portal, getting full information on the block is difficult and have to raise case with the support team.
What problems is the product solving and how is that benefiting you?
The major CVE's which are detected and attackers try to check for the same on the application, using Radware Cloud WAF we are protected for most of the Major CVE's. Also after using this, we have seen significant reduction on the Internet bandwidth utilization.
Radware’s support has been prompt and effective, especially in handling critical security incidents.
What do you like best about the product?
Radware WAF is a strong product, offering real-time alerts and robust threat defense. It can automatically take containment actions to prevent further infections in the environment. It also provide the best customer support. I have using this on daily basis since 3 years. It is easy to implement and use. It's a very useful tool and every organization should have it.
What do you dislike about the product?
It has strong AI features, but it still needs better integration to be a perfect solution.
What problems is the product solving and how is that benefiting you?
My organization is quite large, so we need to monitor activities thoroughly and promptly. Since it's not feasible for humans to detect and address every threat, we implemented the Radware WAF service. It has been effective in automatically detecting and preventing DDoS threats and unusual traffic without human intervention, and it provides comprehensive reports. Additionally, its fast customer support is a significant advantage.
Strong application layer protection and real time threat detection
What do you like best about the product?
Its AI powered defense automatically tunes secruity policies
What do you dislike about the product?
Complex and some improvement in reporting capability
What problems is the product solving and how is that benefiting you?
It solves application layer threat such as bot attacks , DDOs
Radware cloud WAF solution experience by client
What do you like best about the product?
As an active user of Radware Cloud WAF, our organization relies heavily on its robust capabilities to monitor infrastructure and manage both WAF traffic and DDoS threats across our protected domains. The dashboard serves as our central command, offering a clear and comprehensive view of incoming internet traffic. This visibility empowers us to take timely and informed actions to safeguard domain security.
One standout feature we've leveraged recently is Geo-Fencing. With minimal effort, we were able to block traffic from specific regions based on country-level filters. Even more impressively, the platform allowed us to whitelist critical subnets from those regions, ensuring operational continuity without compromising security. The entire process was seamless and highly efficient.
We also want to highlight the Radware support team, whose proactive assistance has been consistently reliable. Their responsiveness and expertise have made a significant difference in our day-to-day operations.
Lastly, the user interface of the Radware console deserves praise. Its intuitive layout and well-organized feature set make it easy for clients to navigate and utilize the platform without hesitation. Whether you're a seasoned security professional or a first-time user, the GUI enhances usability and confidence.
One standout feature we've leveraged recently is Geo-Fencing. With minimal effort, we were able to block traffic from specific regions based on country-level filters. Even more impressively, the platform allowed us to whitelist critical subnets from those regions, ensuring operational continuity without compromising security. The entire process was seamless and highly efficient.
We also want to highlight the Radware support team, whose proactive assistance has been consistently reliable. Their responsiveness and expertise have made a significant difference in our day-to-day operations.
Lastly, the user interface of the Radware console deserves praise. Its intuitive layout and well-organized feature set make it easy for clients to navigate and utilize the platform without hesitation. Whether you're a seasoned security professional or a first-time user, the GUI enhances usability and confidence.
What do you dislike about the product?
1. Lack of Granular Role-Based Access Control (RBAC)
Radware Cloud WAF offers basic user management, but for large enterprises with multiple teams (DevOps, SecOps, Compliance), the RBAC model lacks fine-grained permissions. For example, you can't easily restrict access to specific policy sets or audit logs without giving broader admin rights. This can lead to operational risk or internal friction in shared environments.
2. No Native Threat Intelligence Feed Customization
While Radware integrates its own threat intelligence, it doesn't allow easy ingestion of third-party threat feeds (e.g., from Recorded Future, MISP, or internal honeypots). This limits organizations that want to enrich WAF rules with proprietary or sector-specific threat data, reducing adaptability in targeted attack scenarios.
Radware Cloud WAF offers basic user management, but for large enterprises with multiple teams (DevOps, SecOps, Compliance), the RBAC model lacks fine-grained permissions. For example, you can't easily restrict access to specific policy sets or audit logs without giving broader admin rights. This can lead to operational risk or internal friction in shared environments.
2. No Native Threat Intelligence Feed Customization
While Radware integrates its own threat intelligence, it doesn't allow easy ingestion of third-party threat feeds (e.g., from Recorded Future, MISP, or internal honeypots). This limits organizations that want to enrich WAF rules with proprietary or sector-specific threat data, reducing adaptability in targeted attack scenarios.
What problems is the product solving and how is that benefiting you?
I will make this in very simple pointers:
1.Effortless Domain Onboarding
2.Geo-Fencing Efficiency
3.Exceptional Support Team
4.Centralized Traffic Visibility with useful information
These capabilities have collectively enhanced our ability to monitor, respond, and adapt to evolving security challenges with confidence and agility. We look forward to continued collaboration and innovation with the Radware team.
1.Effortless Domain Onboarding
2.Geo-Fencing Efficiency
3.Exceptional Support Team
4.Centralized Traffic Visibility with useful information
These capabilities have collectively enhanced our ability to monitor, respond, and adapt to evolving security challenges with confidence and agility. We look forward to continued collaboration and innovation with the Radware team.
Monitored real-time threats with effective live data analysis for improved security measures
What is our primary use case?
My use case for the Radware Cloud WAF Service involves checking the WAF related to DDoS traffic from the public IP to the organization, which outlines how much impact there is on the WAF. We check the traffic to see what fluctuations occur from the outside and inside, particularly in regards to DDoS types of attacks as mentioned my basic monitoring workflow.
Monitoring Workflow:
- Traffic Analysis: I monitor traffic from public IPs to your organization, focusing on fluctuations that may indicate DDoS attacks.
- Impact Assessment: We evaluate how these attacks affect the WAF, especially in terms of utilization and attack surface.
- Escalation: If anomalies or high-impact events are detected, we raise a case with Redware support.
- Integration with SIEM: We already done, integrating with a SIEM tool can help correlate WAF data with other security logs for deeper insights.
- Historical Trend Analysis: Compare current traffic with historical data to identify patterns or recurring threats.
- Trends and Dashboard: We have creating a dashboard or report template to visualize the traffic and attack trends on live monitoring use.
How has it helped my organization?
The Radware's combination of negative and behavioral based positive security models is beneficial. This behavior is good for timely checks against threats utilizing live monitoring during attack surfaces from public environments, particularly for ISP-relevant traffic or recognizing malicious abnormal activities, which is effective in our environment.
What is most valuable?
In the Radware Cloud WAF Service, the best features I find are that it's easy to use and that it's easy to identify what procedures are ongoing within this environment. We can see live data regarding the public IP's impact on our organization and what actions we can check.
We also find the dashboard helpful; we can monitor multiple business units in Adani from the same page through the Radware dashboard services and its other functions. We feel safe using Radware, and we are happy with it.
We use the API Discovery feature. Regarding how Radware Cloud WAF Service has helped with compliance efforts, compliance actions are done by other tools for the Adani Group, however, we check WAF integrations with our domains through the Radware portal.
We have created a small dashboard monitoring various group-wise applications and domains, including corporate business units, ensuring all websites and public IPs are accounted for. The compliance processes are predefined. We remain compliant. We use additional tools alongside Radware and BITs; both tools provide similar functionalities, and we check Radware for risk mitigation related to any threat intel.
This has quite an impact on our business; all applications and domains are mapped via API with Radware Cloud WAF Service. We receive scores, alerts about impacts, and informational notifications via email for necessary follow-up actions.
What needs improvement?
To make the solution a ten out of ten, we need improvements in AI capabilities, which Radware Cloud WAF Service currently has yet it still has room for integration. Considering what can be improved, customization could be enhanced, and support could be a tad faster; more reporting capabilities or additional intuitive AI features would also be constructive.
Honestly, I currently do not face any challenges that I can articulate for improvement; everything functions according to the service we have.
For how long have I used the solution?
I have been using the Radware Cloud WAF Service for about 1.6 years now.
What do I think about the stability of the solution?
For stability, I can give it a score of nine out of ten, with a possibility of considering it a ten due to its reliability.
Regarding stability, I would rate it a nine out of ten; we've received notifications when maintenance is ongoing, usually informed timely, which is commendable.
What do I think about the scalability of the solution?
About scalability, we haven't examined it at a full 100%, however, for our current needs, it meets 100% of them without pressing requirements for enhancement.
How are customer service and support?
Support for Radware Cloud WAF Service is good; I'm using it on a daily basis and receive 24/7 support, timely reminders, and assistance. However, where improvements could be made includes aspects like API calls and related tasks; daily improvements are noted along with suggestions from our team.
How would you rate customer service and support?
Positive
How was the initial setup?
Deployment of Radware Cloud WAF Service is easy, and we regularly use it. It provides an intuitive understanding of how to raise API calls and integrate other requirements. We map our dashboards easily, reviewing and utilizing its functionality effectively.
The Radware solution requires maintenance which our R team oversees. As for regular maintenance, there are no current issues, and the upgrading part is managed by the team who provides the necessary updates based on our needs.
What's my experience with pricing, setup cost, and licensing?
Regarding pricing, I don't find it expensive; it's reasonably priced and aligns with our requirements, so I see it as fair compared to other more expensive tools.
What other advice do I have?
The learning capacity is good, and every feature provided is available; we just haven't fully utilized all aspects of Radware's offerings.
I would rate the Radware Cloud WAF Service a nine out of ten; it is solid and efficient from my perspective.
Powerfull and modern cloud WAF
What do you like best about the product?
Radware Cloud WAF is very simple and fast to implement.
What do you dislike about the product?
Only event logs are shown on the interface you need to give s3 bucket ot sftp server to get all logs including access logs.
What problems is the product solving and how is that benefiting you?
Radware Cloud WAF solve the fact our web portals werent protected by an application Firewall before.
Radware Protects Applications with Real-Time OWASP and DDOS Threat Detection
What do you like best about the product?
Radware cloud application protection services has provided us with strong, reliable application security against OWASP. The solution reduce risk from DDOS attack, bot attack and application vulnerabilities.
What do you dislike about the product?
WAF should support custom ports as well.
What problems is the product solving and how is that benefiting you?
Radware cloud application protection services has provided us with strong, reliable application security against OWASP. The solution reduce risk from DDOS attack, bot attack and application vulnerabilities.
Effectively protects against threats and has user-friendly interface and quick support
What is our primary use case?
We are in the post-implementation phase of using Radware Cloud WAF Service right now, but we have been using a Radware solution for about six years in our company.
Right now, we are working on transitioning our systems to the cloud. We have just obtained the license and are currently testing the system as part of the implementation process. This started back in January of this year, and we are approaching one year of use. While we are in the post-implementation phase, our corporate structure has a lot of approval processes that require multiple steps. Because of this, we can't fully transition to the protection capabilities of Cloud WAF just yet. However, we are actively using and testing it, and we are taking note of all the results.
How has it helped my organization?
Our company works in banking, and every day we face malicious and suspicious requests incoming to our site. Radware Cloud WAF Service is helping protect against these threats effectively. When we were using physical hardware, it would become overloaded and go down, making it impossible to protect our site. Radware Cloud WAF Service protects all of the backend applications and services by defending against malicious and suspicious requests.
Automated analytics are easy to use. When we were using manual detection, it was difficult to detect certain traffic patterns. The automatic detection is very effective.
Radware Cloud WAF Service reduces false positives compared to our previous on-premises system. After implementing Radware Cloud WAF Service, I observed the alerts and noticed a significant reduction in false positive blocking. It has more advanced capabilities, including header request searching.
We have integrated it only with Splunk so far, and it's easy to integrate.
Bot Manager's configuration is straightforward. We input IP addresses, local IPs, and configure log sending to Splunk.
What is most valuable?
The interface is really cool, especially with the dark theme. It looks clean and organized, which I appreciate. It's not complicated at all.
Support is prompt and efficient. The response to our support tickets has been quick, and I'm really happy with that. Overall, I'm glad with my experience so far.
It is easy to use for me. I've already been working with the hardware and the portal for two years now. I know where everything is, so I find it easy.
What needs improvement?
They might need to add more integrations. Adding AI-based search capabilities would be beneficial, allowing us to search for the origins of bot attacks by country. The behavioral analysis could be made more efficient. While Bot Manager has many of these features already, there is room for further enhancement.
What do I think about the stability of the solution?
It is stable.
What do I think about the scalability of the solution?
It is scalable.
How are customer service and support?
The support team responds quickly to our tickets, and I am very satisfied with their service.
How would you rate customer service and support?
Positive
How was the initial setup?
The Radware deployment process was straightforward and easy to install. Our company has many approvals and processes, so it took over two weeks.
Our SOC team with ten people works with this solution. Our company has two teams working on security systems with three levels of engineers. I am a level two engineer handling configuration and monitoring. The level three engineers manage major updates and have comprehensive knowledge of the system.
Which other solutions did I evaluate?
We conducted POC testing with three systems: Akamai, Imperva, and Radware Cloud WAF Service. We only tested Imperva and Radware because Akamai did not meet our bank corporation's policies regarding reseller companies. Imperva had too many issues.
The Imperva cloud solution was located in Hong Kong, which was too far from Mongolia and caused internet connectivity issues. After testing it, we were not satisfied. We then tested Radware Cloud WAF Service and found it easier to use, particularly since we were already using Radware Bot Manager in the cloud.
What other advice do I have?
Currently, we are not using the API discovery feature as we are in the pre-implementation phase of API protection. We are focusing on getting Radware Cloud WAF Service into production first. After that, we plan to implement additional features such as API security and customer security.
In Mongolia, we do not have a CDN and are currently using Akamai CDN. The situation in Mongolia is restricted and somewhat complicated.
I would recommend this solution. Radware is the largest company in the security solutions industry. They have many prototypes and numerous integrations. This is an important aspect of the purchasing process. Another key point is their support; they provide a quick response to your inquiries. Their service is easy to use. With Radware's cloud solutions, they cover all aspects of security effectively. They are able to provide comprehensive coverage for your needs.
I would rate Radware Cloud WAF Service an eight out of ten.
showing 21 - 30