Initially, all our services were on-premises, but we decided to move many of them to the Azure cloud to make them accessible to our customers. However, we discovered that certain attacks were going undetected and the native tools in Azure cloud were inadequate for protecting against them. As a result, our expenses were increasing due to resource exhaustion. To address this issue, we consulted with our vendors and found a Cloud WAF hardware solution. Once we implemented Radware Cloud WAF Service and combined it with application controls, bot protection, and DDoS services, our expenses were reduced by 80 percent. This was a remarkable achievement.

I report every month on any incidents involving our public assets. One particular use case that I focus on is geo attacks, which help identify who is attempting to access these resources from locations outside of our Southeast US customer base. This helps reduce unnecessary noise. We also have private APIs that are only accessible to specific vendors, and it's important to secure them with an access list. Although it is a basic measure, it allows me to monitor who is attempting to access those resources. The unknown threat aspect of it is not a frequent occurrence.

Radware Cloud WAF Service provides excellent automated analytics for event analysis. Its visibility feature alone is a selling point for the product. When we initially invest in cloud services, it can be difficult to monitor activity. We only receive a bill indicating increased CPU and RAM usage. The analytics provided by Radware Cloud WAF Service has been extremely helpful in this regard.

Radware Cloud WAF Service has significantly reduced our Azure bill by filtering out unnecessary CPU, compute, and bandwidth usage on the front end. Previously, we experienced a lot of errors and serious issues due to APIs being exposed, and our developers could not always understand why these errors occurred. However, once we implemented Radware Cloud WAF Service, it significantly reduced the noise and eliminated malicious data. As a result, our developer logs now look good, and we can identify who is targeting us and their intentions through the provided metrics. It has been incredibly helpful from a management perspective as we can present them with dashboard metrics showing how the tool is blocking and protecting us. They appreciate this information.

Radware Cloud WAF Service has helped reduce our false positives by 90 percent.

We quickly recognized the value of the Radware Cloud WAF Service upon deployment. However, we needed to ensure that the business owners understood the changes being made. Upon activating the spot protection and geolocation service, we noticed a significant decrease in illegitimate traffic. Prior to the implementation, we were receiving an overwhelming amount of hits, averaging between 150,000 to 160,000 per hour on certain pages. Once the services were activated, this number decreased to only 2,000 to 3,000 hits per hour, indicating that a majority of the previous traffic was not legitimate. This allowed us to reduce our footprint in Azure and do so immediately. It is evident that the internet is filled with a vast amount of illegitimate traffic, with many individuals scanning for open services. The implementation of Radware Cloud WAF Service helped eliminate this issue within a day.

Before the introduction of Azure cloud-native tools, monitoring visibility was inadequate, making it difficult to identify the cause of resource attacks. With the current visibility dashboard, we can now obtain insight into the nature of attacks, identify attackers, and detect top IP or threat regions. This dashboard has proven to be helpful in improving our ability to identify and respond to attacks.

Radware Cloud WAF Service has significantly reduced the number of attacks and improved our visibility. However, there are some areas where it could improve its maturity. Previously, the interface, Bot manager, and Cloud WAF were separate interfaces, but they have now been merged into one dashboard. However, the current setup is somewhat cumbersome, and there is room for improvement in this area.

Radware Cloud WAF Service has limited integrations, and I would like to see it integrate with our use of Azure DevOps. Specifically, I would like it to be able to automatically detect and protect new APIs and changes made to existing ones, utilizing the API discovery and protection features. Currently, there is no integration for this. If we use a SIM, we can receive email alerts or check the dashboard for information on the types of attacks, but this is not an ideal or modern approach to alerting. It would be beneficial for the service to integrate with top enterprise tools like SIEM, allowing for more efficient and effective alerting and logging. Unfortunately, there are currently no native tie-ins for some of the products we use, requiring us to set up email notifications to our SIM. Therefore, integrating with enterprise tools for alerting and SIM purposes would be greatly appreciated.

I wish to have improved integrations with larger vendor tools, such as alerting systems or SIMs, to enable us to pull and query performance metrics for analysis. As a fairly large organization, we require a tool that can consolidate data from multiple applications into a single location for better visibility and decision-making. Unfortunately, we are currently unable to extract this data into any of our existing systems.

I have been using Radware Cloud WAF Service for two years.

I have only experienced one outage with Radware Cloud WAF Service in the past two years, so I would say that it is very reliable and stable.

The interfaces have significantly improved, but we had numerous queries about their functionalities and how to enable specific capabilities for monitoring purposes. We had to spend a considerable amount of time trying to understand the process, such as what we needed to turn on and how to turn it on, as well as interpreting the log entries. As a result, we had to contact support multiple times, which involved a lot of back and forth. Additionally, during certain periods, our services were targeted by heavy DDoS attacks, and we had to rely on support heavily to mitigate them. There were a few instances where we had to request significant assistance from support.

Positive

Previously, we utilized Azure Application Gateway, which included a built-in WAF capability. However, due to its cumbersome nature and limited capabilities, approximately 10 percent of Radware Cloud WAF Service, we switched to Radware. Azure CloudApp lacked reporting functionality, making it difficult for us to identify attack sources, methods, and user agents.

In comparison to Azure Application Gateway, Radware Cloud WAF Service has the ability to detect all types of attacks. While using Azure, there were a few attacks that utilized a unique combination of user agent strengths which Azure Cloud WAF was unable to detect. Due to limitations in the user registry and signature attack type, it could not comprehend how to prevent these attacks. Therefore, we opted to switch to Radware Cloud WAF Service, which was better suited to meet our security needs.

Setting up Cloud WAF was straightforward, but the bot protection was a bit of a mess initially. When the product was first launched, separate dashboards were provided for both services, giving the impression that they had separate support from the company. However, over the last two years, they have been consolidated into a single dashboard, making deployment and management much easier. Despite the initial difficulty with bot protection, Cloud WAF was ultimately easy to deploy. We required two people for the deployment.

The implementation was completed in-house.

We assessed Citrix Web App and Imperva DDoS, and Microsoft urged us to test their latest version of Cloud WAF. However, we declined their offer and instead opted for Radware Cloud WAF Service because it was effortless to implement. We were able to turn it on and have it working on the same day without requiring extensive integration, which was necessary for the other options we considered. We preferred a plug-and-play solution with a minimal learning curve. Radware Cloud WAF Service met these requirements and has been functioning well.

I give Radware Cloud WAF Service a nine out of ten.

We are interested in utilizing the API discovery feature, but since we frequently make changes to our APIs using a DevOps pipeline, our APIs change on a regular basis, almost every two weeks. Our company's current goal is automation, and all changes to the environments must be done through a coded pipeline with variables. Unfortunately, the API discovery feature may slow down our automation capabilities, making it difficult to push changes every two weeks unless the interface is improved. While we would like to take advantage of the API mapping and different attack techniques, we cannot use the feature until it becomes more mature and integrated with our automated pipeline.

We deploy the solution across one location.

The ability to log in and review data and logs is a crucial feature for me when choosing a Cloud WAF. While most services have similar capabilities, the differentiator lies in how well they can parse and present the data. I had trouble with Citrix as it was difficult to obtain and interpret the data to prevent attacks. However, Imperva has an excellent interface for pulling data, which helps us make informed decisions. Radware stood out as the best in both areas, with their dashboard being user-friendly and responsive. The implementation was also straightforward as all the necessary information was readily available. It only took a few hours to set up a new site, making it easy to go live quickly.