We are using Radware Cloud WAF Service to prevent our applications from attacks, such as DDoS and other attacks.
Radware Cloud WAF
RadwareExternal reviews
172 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Enhances security with effective application attack prevention and time-saving visualizations
What is our primary use case?
How has it helped my organization?
Using Radware Cloud WAF Service has saved us considerable time. It provides good visualization and traffic information, saving around four to six hours for investigating logs whenever we try to pull logs from any other tools.
Radware Cloud WAF Service is quite effective for blocking unknown threats and attacks. We have 10 to 15 applications onboarded with Radware, and it has proven to be good at blocking threats from external sources.
Radware Cloud WAF Service is able to protect against zero-day attacks. They are committed to preventing any potential attacks. It has the capability to analyze behavioral patterns, which allows them to implement preventive measures. I have received notifications from Radware confirming that they are fully optimized to address zero-day vulnerabilities at this time.
What is most valuable?
Radware Cloud WAF Service allow us to directly filter the data from whatever attack was performed, so we can directly filter the attack details from the event viewer section, which is very helpful to us. Another module that I appreciate about Radware Cloud WAF Service is that it provides custom port security. The other tools are not providing the custom port feature where Radware Cloud WAF Service is providing, and it will be very helpful to us.
The automated analytics for looking at events in Radware Cloud WAF Service are working for us; the automatic event correlation is very beneficial to analyze how the alerts and events occur and visualize the patterns of network traffic and other traffic going in and out from the application via Radware Cloud WAF Service.
The combination of negative and behavioral-based positive security models is important for our security strategy; since most of our applications work internally, behavioral-based analytics helps us address issues where methods such as POST and GET are not functioning, so we raise concerns with our internal team to whitelist applications, thus helping reduce blocking of traffic in our environment.
Radware Cloud WAF Service is effective, particularly in the custom service it provides and its capabilities in DDoS protection and bot manager facilities, making it effective for validating the correlation part of incidents.
What needs improvement?
Regarding areas in Radware Cloud WAF Service that have room for improvement, one thing we observed was that we received a notification where Radware Cloud WAF Service stopped working properly in our cloud environment without any prior notification. We got the alert around one and a half hours after the event occurred, so I would suggest that they should notify customers in such scenarios.
For how long have I used the solution?
I have been using Radware Cloud WAF Service for three to four years.
What do I think about the stability of the solution?
The stability of the Radware Cloud WAF Service rates around nine out of ten.
What do I think about the scalability of the solution?
The scalability of the Radware Cloud WAF Service deserves a full ten, as it is definitely scalable.
Organization-wise, we have more than 100 users using the service currently.
How are customer service and support?
The technical support for Radware Cloud WAF Service rates 10 out of 10; whenever we require support, it is perfectly timely.
How would you rate customer service and support?
Positive
How was the initial setup?
The deployment method of the Radware Cloud WAF Service is very easy; since most of our applications operate on custom ports, it helps us integrate and onboard them securely.
The solution does not require any maintenance from our side.
What other advice do I have?
I am not directly looking into the integration aspect of the Radware Cloud WAF Service, but I have discussed it with other team members who might be using the integration part to collect logs from Radware Cloud WAF Service to get correlation and alert triggers for incident management tools such as ServiceNow and Sentinel, but they are not using it frequently or fully optimized currently.
We have discovered bot traffic involving attacks such as SQL injection. Radware's Bot Manager is working to prevent such attacks, especially with SQL injection and XSS attempts from outside entities. Regarding compliance with PCI DSS, we don't have any issues currently; we are also compliant with ISO 27001, and our applications onboarded on the Radware Cloud WAF Service operate without compliance issues.
We are using the web DDoS protection such as HTTP, L7 in the Radware Cloud WAF Service, and it is effective for us; we experienced an attack from the external side last month, which Radware Cloud WAF Service effectively prevented.
Overall, I would rate the Radware Cloud WAF Service a nine out of ten.
Radware Cloud WAF Works for Modern Web Security
What do you like best about the product?
What stands out most about Radware Cloud WAF is its comprehensive and adaptive protection against a wide range of web threats, including OWASP Top 10 vulnerabilities, zero-day exploits, bot attacks, and DDoS events. Its cloud-native architecture ensures seamless scalability and flexibility, while centralized management and reporting make it easy to monitor and control application security. The platform’s real-time threat detection, customizable rulesets, and integration with SIEM systems empower security teams to respond swiftly and proactively. These features, combined with Radware’s continuous policy refinement and support, make it a powerful solution for safeguarding modern web applications and APIs. Easy to implement & integrate. I use it almost daily to monitor and analyze traffic. Great experience with customer support as well, my queries were addressed in a timely manner.
What do you dislike about the product?
I’ve experienced a few service disruptions, including a global outage that impacted critical URLs and portal access. It was resolved, but it did raise concerns about reliability during high-stakes periods.
I find the SSL certificate provisioning and renewal process a bit cumbersome, and the API documentation could be more detailed—it makes advanced configuration harder than it should be.
Need more customization in reporting and dashboards.
I find the SSL certificate provisioning and renewal process a bit cumbersome, and the API documentation could be more detailed—it makes advanced configuration harder than it should be.
Need more customization in reporting and dashboards.
What problems is the product solving and how is that benefiting you?
First and foremost, it provides robust protection against OWASP Top 10 threats, zero-day vulnerabilities, bot attacks, and DDoS events, which is essential given the scale and sensitivity of the applications we manage. It also helps streamline application onboarding through API-based automation, making it easier to secure new domains quickly without manual overhead.
One of the biggest benefits I’ve seen is its centralized management and reporting, which gives us clear visibility into threat patterns and system health. The platform’s self-healing capabilities have proven valuable during incidents—like the bot manager configuration issue—where services were restored quickly and corrective actions were implemented to prevent recurrence.
One of the biggest benefits I’ve seen is its centralized management and reporting, which gives us clear visibility into threat patterns and system health. The platform’s self-healing capabilities have proven valuable during incidents—like the bot manager configuration issue—where services were restored quickly and corrective actions were implemented to prevent recurrence.
Radware Cloud WAF review
What do you like best about the product?
What I like best about Radware Cloud WAF is its precision. In a landscape where threats evolve faster than policies, Radware’s rule engine stands out for its granular control and customizability. Whether it’s defending against advanced bot attacks or fine-tuning API security, the platform offers a level of depth that’s rare in cloud-native WAF solutions.
Its support for non-standard ports, recursive DNS, and SIEM/SOAR integrations makes it a versatile fit for complex enterprise environments like ours.
Its support for non-standard ports, recursive DNS, and SIEM/SOAR integrations makes it a versatile fit for complex enterprise environments like ours.
What do you dislike about the product?
While Radware Cloud WAF offers robust protection against DDoS and other web-based threats, there are several areas where the solution falls short:
Complex Initial Setup and Integration
The onboarding process is not as seamless as expected. Integrating Radware Cloud WAF with existing infrastructure often requires significant configuration and troubleshooting, which can be time-consuming and resource-intensive
Limited Reporting Capabilities
The reporting interface lacks intuitive depth, making it difficult to perform quick and proactive threat analysis. Users have noted that the dashboards and analytics tools could be more user-friendly and customizable
Frequent Maintenance and Incidents
There have been multiple maintenance updates and incident notifications affecting the Asia Pacific (Chennai) and Global Cloud Portal components. These disruptions, while resolved, highlight potential reliability concerns in high-availability environments
Complex Initial Setup and Integration
The onboarding process is not as seamless as expected. Integrating Radware Cloud WAF with existing infrastructure often requires significant configuration and troubleshooting, which can be time-consuming and resource-intensive
Limited Reporting Capabilities
The reporting interface lacks intuitive depth, making it difficult to perform quick and proactive threat analysis. Users have noted that the dashboards and analytics tools could be more user-friendly and customizable
Frequent Maintenance and Incidents
There have been multiple maintenance updates and incident notifications affecting the Asia Pacific (Chennai) and Global Cloud Portal components. These disruptions, while resolved, highlight potential reliability concerns in high-availability environments
What problems is the product solving and how is that benefiting you?
Protection Across All HTTP Ports
Unlike Akamai, which only secures standard HTTPS ports (80 and 443), Radware Cloud WAF supports non-standard HTTP ports, making it essential for protecting a broader range of applications
API Security and Discovery
Radware offers API protection and discovery, which is critical given the increasing reliance on APIs in modern web services. This helps identify and secure exposed endpoints that could be exploited
DDoS Defense
It includes application-layer DDoS protection, helping mitigate traffic floods and ensuring uptime even during attack scenarios
Real-Time Threat Monitoring
Radware enables live data analysis and threat visibility, which enhances your ability to respond quickly to emerging threats
Unlike Akamai, which only secures standard HTTPS ports (80 and 443), Radware Cloud WAF supports non-standard HTTP ports, making it essential for protecting a broader range of applications
API Security and Discovery
Radware offers API protection and discovery, which is critical given the increasing reliance on APIs in modern web services. This helps identify and secure exposed endpoints that could be exploited
DDoS Defense
It includes application-layer DDoS protection, helping mitigate traffic floods and ensuring uptime even during attack scenarios
Real-Time Threat Monitoring
Radware enables live data analysis and threat visibility, which enhances your ability to respond quickly to emerging threats
Reliable and efficient cloud-based WAF for application security
What do you like best about the product?
Radware Cloud WAF provides strong protection against OWASP Top 10 vulnerabilities and advanced threats such as bot attacks and zero-day exploits. the real-time monitoring , automated policy updates and ddos mitigation features make it highly reliable. Its intuitive dashboard and detailed reporting help in quick threat visibility and incident response. The solution is also easy to scale, which it suitable for growing cloud environments.
What do you dislike about the product?
The Initia Setup and policy fine-tuning can be complex, requiring skilled resources. Sometimes false positive occur, which need manual intervention. The pricing is on the higher side compared to some competitors, and technical support response times could be faster.Integration with third-party SIEM tools can also be more seamless.
What problems is the product solving and how is that benefiting you?
Reduced Security Incidents
Organizations report a significant drop in successful attacks and breaches, improving overall security posture.
Improved Application Uptime
By filtering out malicious traffic, Radware helps maintain high availability and performance of web applications.
Lower Operational Overhead
Automation and managed services reduce the burden on IT and security teams, allowing them to focus on strategic tasks.
Enhanced Compliance
Helps meet regulatory requirements by providing robust application-level protection.
Customizable Security Policies
Offers granular control over rules and alerts, enabling tailored protection for different applications.
Global Coverage with Low Latency
Uses a global network of WAF points of presence (PoPs) for fast, reliable protection across distributed environments.
Organizations report a significant drop in successful attacks and breaches, improving overall security posture.
Improved Application Uptime
By filtering out malicious traffic, Radware helps maintain high availability and performance of web applications.
Lower Operational Overhead
Automation and managed services reduce the burden on IT and security teams, allowing them to focus on strategic tasks.
Enhanced Compliance
Helps meet regulatory requirements by providing robust application-level protection.
Customizable Security Policies
Offers granular control over rules and alerts, enabling tailored protection for different applications.
Global Coverage with Low Latency
Uses a global network of WAF points of presence (PoPs) for fast, reliable protection across distributed environments.
Easy to use and understand WAF for beginners on WAF
What do you like best about the product?
Integrating the WAF on the Traffic flow was easy as the ability to bypass WAF controls and point the traffic to origin was a good option.
On boarding the Application on WAF is easy and quick as compared to other WAF Portals. Lots of security controls in place which are updated automatically and periodically by the Radware. We do use portal on day to day basis as we have many application point on it.
On boarding the Application on WAF is easy and quick as compared to other WAF Portals. Lots of security controls in place which are updated automatically and periodically by the Radware. We do use portal on day to day basis as we have many application point on it.
What do you dislike about the product?
Lack of Log Views, You will not get any logs for pass through traffic on the WAF. As the security controls are many on the portal, getting full information on the block is difficult and have to raise case with the support team.
What problems is the product solving and how is that benefiting you?
The major CVE's which are detected and attackers try to check for the same on the application, using Radware Cloud WAF we are protected for most of the Major CVE's. Also after using this, we have seen significant reduction on the Internet bandwidth utilization.
Reliable and Efficient Cloud WAF Solution
What do you like best about the product?
What I like best about Radware Cloud WAF is its ease of use and ease of implementation, which allow teams to get protection up and running quickly without heavy operational overhead. The platform offers a strong number of features while still maintaining ease of integration with existing environments. Its frequency of use reflects how intuitive and reliable it is for day‑to‑day security operations, and customer support is responsive and helpful, especially during incident handling and tuning.
What do you dislike about the product?
its initial configuaration and fine tuning can be complex, especially for smaller teams
What problems is the product solving and how is that benefiting you?
Radware Cloud WAF solves the problem of protecting web applications from attacks such as SQL injection, XSS, bot abuse, and DDoS, without requiring any on-premise hardware. It benefits me by delivering automated, real-time protection, reducing manual security effort, and helping keep my applications available and secure.
Radware’s support has been prompt and effective, especially in handling critical security incidents.
What do you like best about the product?
Radware WAF is a strong product, offering real-time alerts and robust threat defense. It can automatically take containment actions to prevent further infections in the environment. It also provide the best customer support. I have using this on daily basis since 3 years. It is easy to implement and use. It's a very useful tool and every organization should have it.
What do you dislike about the product?
It has strong AI features, but it still needs better integration to be a perfect solution.
What problems is the product solving and how is that benefiting you?
My organization is quite large, so we need to monitor activities thoroughly and promptly. Since it's not feasible for humans to detect and address every threat, we implemented the Radware WAF service. It has been effective in automatically detecting and preventing DDoS threats and unusual traffic without human intervention, and it provides comprehensive reports. Additionally, its fast customer support is a significant advantage.
Simplifying Threat Protection: My Experience with Radware Cloud WAF
What do you like best about the product?
I rely on Radware Cloud WAF daily for strong, real-time protection against OWASP Top-10 vulnerabilities and zero-day threats, thanks to its use of behavioral analysis and machine learning.
Its intuitive dashboard, automatic policy generation, and built-in bot and DDoS protection make managing security much easier for me.
I really appreciate how smoothly it deploys, the excellent customer support, and its ability to keep up with constantly evolving threats.
Its intuitive dashboard, automatic policy generation, and built-in bot and DDoS protection make managing security much easier for me.
I really appreciate how smoothly it deploys, the excellent customer support, and its ability to keep up with constantly evolving threats.
What do you dislike about the product?
Setting things up initially was quite complex—integrating Radware Cloud WAF with my existing infrastructure took time and required expert configuration.
I also faced a steep learning curve, especially when managing custom rules and fine-tuning alerts, which demanded a solid level of technical expertise and made it challenging at first.
I also faced a steep learning curve, especially when managing custom rules and fine-tuning alerts, which demanded a solid level of technical expertise and made it challenging at first.
What problems is the product solving and how is that benefiting you?
Radware Cloud WAF helps me tackle bot attacks, DDoS threats, and OWASP vulnerabilities effectively. It’s made my security management much simpler, with proactive support and dependable threat mitigation that I can count on.
Radware cloud WAF solution experience by client
What do you like best about the product?
As an active user of Radware Cloud WAF, our organization relies heavily on its robust capabilities to monitor infrastructure and manage both WAF traffic and DDoS threats across our protected domains. The dashboard serves as our central command, offering a clear and comprehensive view of incoming internet traffic. This visibility empowers us to take timely and informed actions to safeguard domain security.
One standout feature we've leveraged recently is Geo-Fencing. With minimal effort, we were able to block traffic from specific regions based on country-level filters. Even more impressively, the platform allowed us to whitelist critical subnets from those regions, ensuring operational continuity without compromising security. The entire process was seamless and highly efficient.
We also want to highlight the Radware support team, whose proactive assistance has been consistently reliable. Their responsiveness and expertise have made a significant difference in our day-to-day operations.
Lastly, the user interface of the Radware console deserves praise. Its intuitive layout and well-organized feature set make it easy for clients to navigate and utilize the platform without hesitation. Whether you're a seasoned security professional or a first-time user, the GUI enhances usability and confidence.
One standout feature we've leveraged recently is Geo-Fencing. With minimal effort, we were able to block traffic from specific regions based on country-level filters. Even more impressively, the platform allowed us to whitelist critical subnets from those regions, ensuring operational continuity without compromising security. The entire process was seamless and highly efficient.
We also want to highlight the Radware support team, whose proactive assistance has been consistently reliable. Their responsiveness and expertise have made a significant difference in our day-to-day operations.
Lastly, the user interface of the Radware console deserves praise. Its intuitive layout and well-organized feature set make it easy for clients to navigate and utilize the platform without hesitation. Whether you're a seasoned security professional or a first-time user, the GUI enhances usability and confidence.
What do you dislike about the product?
1. Lack of Granular Role-Based Access Control (RBAC)
Radware Cloud WAF offers basic user management, but for large enterprises with multiple teams (DevOps, SecOps, Compliance), the RBAC model lacks fine-grained permissions. For example, you can't easily restrict access to specific policy sets or audit logs without giving broader admin rights. This can lead to operational risk or internal friction in shared environments.
2. No Native Threat Intelligence Feed Customization
While Radware integrates its own threat intelligence, it doesn't allow easy ingestion of third-party threat feeds (e.g., from Recorded Future, MISP, or internal honeypots). This limits organizations that want to enrich WAF rules with proprietary or sector-specific threat data, reducing adaptability in targeted attack scenarios.
Radware Cloud WAF offers basic user management, but for large enterprises with multiple teams (DevOps, SecOps, Compliance), the RBAC model lacks fine-grained permissions. For example, you can't easily restrict access to specific policy sets or audit logs without giving broader admin rights. This can lead to operational risk or internal friction in shared environments.
2. No Native Threat Intelligence Feed Customization
While Radware integrates its own threat intelligence, it doesn't allow easy ingestion of third-party threat feeds (e.g., from Recorded Future, MISP, or internal honeypots). This limits organizations that want to enrich WAF rules with proprietary or sector-specific threat data, reducing adaptability in targeted attack scenarios.
What problems is the product solving and how is that benefiting you?
I will make this in very simple pointers:
1.Effortless Domain Onboarding
2.Geo-Fencing Efficiency
3.Exceptional Support Team
4.Centralized Traffic Visibility with useful information
These capabilities have collectively enhanced our ability to monitor, respond, and adapt to evolving security challenges with confidence and agility. We look forward to continued collaboration and innovation with the Radware team.
1.Effortless Domain Onboarding
2.Geo-Fencing Efficiency
3.Exceptional Support Team
4.Centralized Traffic Visibility with useful information
These capabilities have collectively enhanced our ability to monitor, respond, and adapt to evolving security challenges with confidence and agility. We look forward to continued collaboration and innovation with the Radware team.
Monitored real-time threats with effective live data analysis for improved security measures
What is our primary use case?
My use case for the Radware Cloud WAF Service involves checking the WAF related to DDoS traffic from the public IP to the organization, which outlines how much impact there is on the WAF. We check the traffic to see what fluctuations occur from the outside and inside, particularly in regards to DDoS types of attacks as mentioned my basic monitoring workflow.
Monitoring Workflow:
- Traffic Analysis: I monitor traffic from public IPs to your organization, focusing on fluctuations that may indicate DDoS attacks.
- Impact Assessment: We evaluate how these attacks affect the WAF, especially in terms of utilization and attack surface.
- Escalation: If anomalies or high-impact events are detected, we raise a case with Redware support.
- Integration with SIEM: We already done, integrating with a SIEM tool can help correlate WAF data with other security logs for deeper insights.
- Historical Trend Analysis: Compare current traffic with historical data to identify patterns or recurring threats.
- Trends and Dashboard: We have creating a dashboard or report template to visualize the traffic and attack trends on live monitoring use.
How has it helped my organization?
The Radware's combination of negative and behavioral based positive security models is beneficial. This behavior is good for timely checks against threats utilizing live monitoring during attack surfaces from public environments, particularly for ISP-relevant traffic or recognizing malicious abnormal activities, which is effective in our environment.
What is most valuable?
In the Radware Cloud WAF Service, the best features I find are that it's easy to use and that it's easy to identify what procedures are ongoing within this environment. We can see live data regarding the public IP's impact on our organization and what actions we can check.
We also find the dashboard helpful; we can monitor multiple business units in Adani from the same page through the Radware dashboard services and its other functions. We feel safe using Radware, and we are happy with it.
We use the API Discovery feature. Regarding how Radware Cloud WAF Service has helped with compliance efforts, compliance actions are done by other tools for the Adani Group, however, we check WAF integrations with our domains through the Radware portal.
We have created a small dashboard monitoring various group-wise applications and domains, including corporate business units, ensuring all websites and public IPs are accounted for. The compliance processes are predefined. We remain compliant. We use additional tools alongside Radware and BITs; both tools provide similar functionalities, and we check Radware for risk mitigation related to any threat intel.
This has quite an impact on our business; all applications and domains are mapped via API with Radware Cloud WAF Service. We receive scores, alerts about impacts, and informational notifications via email for necessary follow-up actions.
What needs improvement?
To make the solution a ten out of ten, we need improvements in AI capabilities, which Radware Cloud WAF Service currently has yet it still has room for integration. Considering what can be improved, customization could be enhanced, and support could be a tad faster; more reporting capabilities or additional intuitive AI features would also be constructive.
Honestly, I currently do not face any challenges that I can articulate for improvement; everything functions according to the service we have.
For how long have I used the solution?
I have been using the Radware Cloud WAF Service for about 1.6 years now.
What do I think about the stability of the solution?
For stability, I can give it a score of nine out of ten, with a possibility of considering it a ten due to its reliability.
Regarding stability, I would rate it a nine out of ten; we've received notifications when maintenance is ongoing, usually informed timely, which is commendable.
What do I think about the scalability of the solution?
About scalability, we haven't examined it at a full 100%, however, for our current needs, it meets 100% of them without pressing requirements for enhancement.
How are customer service and support?
Support for Radware Cloud WAF Service is good; I'm using it on a daily basis and receive 24/7 support, timely reminders, and assistance. However, where improvements could be made includes aspects like API calls and related tasks; daily improvements are noted along with suggestions from our team.
How would you rate customer service and support?
Positive
How was the initial setup?
Deployment of Radware Cloud WAF Service is easy, and we regularly use it. It provides an intuitive understanding of how to raise API calls and integrate other requirements. We map our dashboards easily, reviewing and utilizing its functionality effectively.
The Radware solution requires maintenance which our R team oversees. As for regular maintenance, there are no current issues, and the upgrading part is managed by the team who provides the necessary updates based on our needs.
What's my experience with pricing, setup cost, and licensing?
Regarding pricing, I don't find it expensive; it's reasonably priced and aligns with our requirements, so I see it as fair compared to other more expensive tools.
What other advice do I have?
The learning capacity is good, and every feature provided is available; we just haven't fully utilized all aspects of Radware's offerings.
I would rate the Radware Cloud WAF Service a nine out of ten; it is solid and efficient from my perspective.
showing 71 - 80