Reblaze - AWS WAF, DDOS, Bot Mitigation (SaaS Contract)

All of the organizations where I implemented this product had a primary objective to safeguard the platform against undesirable traffic, including protection against DDoS attacks, filtering out phishing attempts, preventing SQL injection, and other types of intrusions.

The most significant impact came from the implementation of bot filtering and defenses against SQL injection and script injection in general. It stands out as the primary focus because, in contrast to DDoS attacks which, while devastating, are relatively infrequent, the continuous scanning of ports and persistent attempts to gain unauthorized access to the platform happen daily. This is where the solution excelled, offering finely tuned filtering capabilities for specific types of traffic and country-specific IP ranges. 

There is a potential improvement regarding simplifying the complexity of rule creation. It would be beneficial if it had a workflow or a feature that could fine-tune settings based on high-level requirements. For example, setting up traffic filters for specific regions or closing certain ports without the need to manually translate these into rules.

I have been working with it for eight years.

We haven't encountered any failures. It is a highly resilient product that can handle significantly larger workloads and high volumes of traffic with ease.

I witnessed the level of protection they provide, especially during a digital attack that spanned across entire continents and was directed at us. It became evident just how intelligently the product is engineered. It effectively scaled to shield our platform while still allowing legitimate traffic to reach our servers. From that perspective, the scalability of the product is truly exceptional.

My overall experience was highly satisfying. In the particular incident when we faced a major attack on our platform, which happened several years ago, we spent several hours on the phone with them until they effectively neutralized the attack and filtered out all the traffic originating from a very specific geographic location. Also, in every other instance where we needed support, whether it was for configuring roles or for immediate assistance during an attack, their response has consistently been rapid and highly effective. 

Positive

The initial setup process is quite straightforward. Its complexity largely depends on the intricacies of your platform. If your platform spans multiple sites across the globe, requiring configuration of multiple instances and traffic routing, it can become more intricate. From our experience, even in companies with extensive platforms, the configuration process remains relatively simple. Once the instances are spun up and the initial configurations are in place, you can use their console application to set up your site or sites for traffic management. This involves configuring the sites and uploading SSL certificates. Even for those not well-versed in the intricacies of networking layers and rules, the out-of-the-box configurations already provide solid protection.

We found the cost to be a bit on the higher side, starting at approximately three to four thousand dollars for a small configuration. It is worth mentioning that these figures might not be current. Additionally, they are open to negotiations, and we were able to secure a substantial discount. They even offered extended trial periods lasting three, four, or even six months, essentially providing the product for free during that time. This flexibility in pricing certainly works in their favor and contributes to the appeal of considering them for the long term.

The suitability of this product depends on the specific circumstances of the business. If you're a small business owner running a simple operation I wouldn't recommend opting for it, as it might be a tad pricey for an entry-level scenario. To the best of my knowledge, they didn't offer a free tier the last time I checked, so the initial cost for even the most basic configuration might be a bit steep for a small-scale setup. There are alternative products available, some of which offer free or very affordable options. These alternatives often come with reduced functionality compared to what this product offers, but they can serve as cost-effective replacements. For instance, Amazon provides a basic Web Application Firewall (WAF) as part of their services, which, while not as robust as what this product offers, provides a level of protection for your online services. For medium to large businesses seeking robust support and a comprehensive product to safeguard their platform, this product is a solid choice as it generally offers above-average satisfaction and a comprehensive range of features that can effectively protect your online assets. It ultimately depends on your unique needs. I would rate it nine out of ten.

We are using it for Web Application Firewall, Layer 7 Firewall. It protects us from denial-of-service attacks, cross-site scripting, as well as injection attacks. 

It also has a good bot management system that informs us in advance about IP addresses that are not good for us, so we do not cater to their requests. It's like a Layer 7 defense for us.

The best thing about Reblaze, for us, is that it has been a game changer because previously, we were using Google's Web Application Firewall, but it wasn't up to the mark. 

First things first, it's pretty easy to look at the current state of affairs when it comes to the attack scenario and the attack surface of our website and applications. 

Second, the ease of writing rules is pretty standard because the Reblaze GUI helps us in creating and testing tools and even changing their hierarchy. For example, if we want to test a particular payload for a development service first and then for a SQL injection, we can easily change the priority of the rules in Reblaze. 

Third, the support we have received from the staff has been really, really good. I do not wish to name them, but yes, there are a few people who have supported us a lot because they have a Slack channel and dedicated personnel within that channel. If anything goes wrong and if Reblaze is the cause, they troubleshoot for us. 

So not just the technical bells and whistles within Reblaze, but the support from the staff has been really, really good.

There is still some room for improvement when it comes to bot management from Reblaze because they are relatively new compared to other vendors in the town. AWS WAF, the Web Application Firewall from AWS, has a vast database of bad IP addresses due to its long-standing presence in this business. Reblaze, being a new entrant, is still building its database of bad IP addresses and malicious systems. 

So, Reblaze needs to work on that aspect. But other than that, I don't think scaling Reblaze has been an issue. There were some initial glitches, but they were all sorted out. So currently, I would say that the bot management and the database are areas they should focus on for further improvement.

We have been using Reblaze for a year now. 

We did POCs in May last year, and we onboarded Reblaze starting in July 2022. So it's almost a year now. It's a cloud-based system, because it's a SaaS solution. We have pointed our DNS to Reblaze, and Reblaze takes care of vetting the traffic and sending it back to us. 

Reblaze is quite stable. During the initial phase, there were a few instances where the system went down, but that was mainly because both Reblaze and we were still learning about our environment, their support, and scalability. 

However, once that phase was behind us, there haven't been any major issues due to Reblaze. We also have a kill switch as a backup. If we notice the load increasing and Reblaze may struggle to handle it, we can bypass Reblaze and direct traffic straight to us. Though we haven't used the kill switch yet, we have had no issues so far. It's been a year, and we plan to renew our contract with them once the current license expires. Overall, we are happy with the product.

In our company, I manage the security team, which consists of eight people. Since we have a flat organization where everyone is involved in various tasks, all eight team members are using Reblaze. So currently, nine people are using Reblaze in our company.

In terms of support only, I would rate them around eight out of ten. They are doing well. The reason I deducted two points is that they don't provide 24/7 support yet, and most of their team members are based in Israel, where Reblaze originates from. This creates a time gap, and we had to communicate with them asynchronously. We used Slack as a common group to exchange messages, and they would respond accordingly. 

Initially, we had calls scheduled, sometimes even on weekends because one of their working days falls on Sunday. So we had calls on Sundays as well when they were available. These factors influenced my rating of eight out of ten, considering the time aspect.

Positive

My company chose Reblaze over AWS because we are on the Google Cloud Platform (GCP), not AWS. We cannot use AWS unless we migrate everything to AWS, which is not feasible for us.

We opted for Reblaze since it was compatible with the Google Cloud Platform.

The initial setup was pretty straightforward, to be honest. We had a test environment where we conducted the Proof of Concept (POC). We shared our DNS IP addresses, and the resolution IP addresses of our systems with the Reblaze team. This directed all traffic to Reblaze first, which performed traffic scanning before allowing it to reach our network. 

So we simply had to change the IP addresses. We did need to purchase some certificates because most of our traffic was encrypted, and Reblaze acted as a man-in-the-middle. We obtained the certificates from LicenseScript, which is free for the test environment. After that, everything started working smoothly.

Reblaze is worth the money. You will see a hundred percent return on investment. We were using Google's web application firewall, but it wasn't effective at all. We had no other option but to look for alternatives, and Reblaze has proven to be a good choice for us.

We negotiated a deal. So, we were able to secure a significant discount of around 40% off the quoted price. However, the precise figures remain confidential.

My first question would be if you are currently using any Web Application Firewall (WAF). 

Let's say, for example, you are using AWS as well. If you are already using AWS, I would advise against switching to Reblaze. Not because Reblaze is not good but because AWS WAF provides more comprehensive protection for your assets. Reblaze is catching up, and they are nearly there, but AWS WAF is currently more advanced. However, if you are using Google's WAF or any other vendor, then I would recommend considering Reblaze as the second-best option. 

In my opinion, AWS is the number one choice, and Reblaze ranks as the second-best among all the vendors I have tested so far. Reblaze stands out due to its ease of use and the flexibility it offers in customizing rule sets.

Ten being the best, I would rate Reblaze somewhere between seven and a half and eight. They are still evolving as a product. I have previous experience using AWS WAF in another company, and I know how good it is. If you are in an AWS environment, I would recommend AWS WAF. 

However, if you are not in an AWS environment or have the freedom to choose, Reblaze is a viable option. You cannot use AWS WAF on platforms like GCP or Azure, for example. That's why I say Reblaze is still developing. Their bot management capabilities are not yet at the same level, and their support is not fully refined either. We had to schedule calls on Sundays and sometimes late at night. But when it comes to value for money, Reblaze is a great choice. It is more cost-effective than AWS WAF and performs better than the other options available to us.