Radware Cloud WAF Works for Modern Web Security
What do you like best about the product?
What stands out most about Radware Cloud WAF is its comprehensive and adaptive protection against a wide range of web threats, including OWASP Top 10 vulnerabilities, zero-day exploits, bot attacks, and DDoS events. Its cloud-native architecture ensures seamless scalability and flexibility, while centralized management and reporting make it easy to monitor and control application security. The platform’s real-time threat detection, customizable rulesets, and integration with SIEM systems empower security teams to respond swiftly and proactively. These features, combined with Radware’s continuous policy refinement and support, make it a powerful solution for safeguarding modern web applications and APIs. Easy to implement & integrate. I use it almost daily to monitor and analyze traffic. Great experience with customer support as well, my queries were addressed in a timely manner.
What do you dislike about the product?
I’ve experienced a few service disruptions, including a global outage that impacted critical URLs and portal access. It was resolved, but it did raise concerns about reliability during high-stakes periods.
I find the SSL certificate provisioning and renewal process a bit cumbersome, and the API documentation could be more detailed—it makes advanced configuration harder than it should be.
Need more customization in reporting and dashboards.
What problems is the product solving and how is that benefiting you?
First and foremost, it provides robust protection against OWASP Top 10 threats, zero-day vulnerabilities, bot attacks, and DDoS events, which is essential given the scale and sensitivity of the applications we manage. It also helps streamline application onboarding through API-based automation, making it easier to secure new domains quickly without manual overhead.
One of the biggest benefits I’ve seen is its centralized management and reporting, which gives us clear visibility into threat patterns and system health. The platform’s self-healing capabilities have proven valuable during incidents—like the bot manager configuration issue—where services were restored quickly and corrective actions were implemented to prevent recurrence.
Radware Cloud WAF review
What do you like best about the product?
What I like best about Radware Cloud WAF is its precision. In a landscape where threats evolve faster than policies, Radware’s rule engine stands out for its granular control and customizability. Whether it’s defending against advanced bot attacks or fine-tuning API security, the platform offers a level of depth that’s rare in cloud-native WAF solutions.
Its support for non-standard ports, recursive DNS, and SIEM/SOAR integrations makes it a versatile fit for complex enterprise environments like ours.
What do you dislike about the product?
While Radware Cloud WAF offers robust protection against DDoS and other web-based threats, there are several areas where the solution falls short:
Complex Initial Setup and Integration
The onboarding process is not as seamless as expected. Integrating Radware Cloud WAF with existing infrastructure often requires significant configuration and troubleshooting, which can be time-consuming and resource-intensive
Limited Reporting Capabilities
The reporting interface lacks intuitive depth, making it difficult to perform quick and proactive threat analysis. Users have noted that the dashboards and analytics tools could be more user-friendly and customizable
Frequent Maintenance and Incidents
There have been multiple maintenance updates and incident notifications affecting the Asia Pacific (Chennai) and Global Cloud Portal components. These disruptions, while resolved, highlight potential reliability concerns in high-availability environments
What problems is the product solving and how is that benefiting you?
Protection Across All HTTP Ports
Unlike Akamai, which only secures standard HTTPS ports (80 and 443), Radware Cloud WAF supports non-standard HTTP ports, making it essential for protecting a broader range of applications
API Security and Discovery
Radware offers API protection and discovery, which is critical given the increasing reliance on APIs in modern web services. This helps identify and secure exposed endpoints that could be exploited
DDoS Defense
It includes application-layer DDoS protection, helping mitigate traffic floods and ensuring uptime even during attack scenarios
Real-Time Threat Monitoring
Radware enables live data analysis and threat visibility, which enhances your ability to respond quickly to emerging threats
Reliable and efficient cloud-based WAF for application security
What do you like best about the product?
Radware Cloud WAF provides strong protection against OWASP Top 10 vulnerabilities and advanced threats such as bot attacks and zero-day exploits. the real-time monitoring , automated policy updates and ddos mitigation features make it highly reliable. Its intuitive dashboard and detailed reporting help in quick threat visibility and incident response. The solution is also easy to scale, which it suitable for growing cloud environments.
What do you dislike about the product?
The Initia Setup and policy fine-tuning can be complex, requiring skilled resources. Sometimes false positive occur, which need manual intervention. The pricing is on the higher side compared to some competitors, and technical support response times could be faster.Integration with third-party SIEM tools can also be more seamless.
What problems is the product solving and how is that benefiting you?
Reduced Security Incidents
Organizations report a significant drop in successful attacks and breaches, improving overall security posture.
Improved Application Uptime
By filtering out malicious traffic, Radware helps maintain high availability and performance of web applications.
Lower Operational Overhead
Automation and managed services reduce the burden on IT and security teams, allowing them to focus on strategic tasks.
Enhanced Compliance
Helps meet regulatory requirements by providing robust application-level protection.
Customizable Security Policies
Offers granular control over rules and alerts, enabling tailored protection for different applications.
Global Coverage with Low Latency
Uses a global network of WAF points of presence (PoPs) for fast, reliable protection across distributed environments.
Easy to use and understand WAF for beginners on WAF
What do you like best about the product?
Integrating the WAF on the Traffic flow was easy as the ability to bypass WAF controls and point the traffic to origin was a good option.
On boarding the Application on WAF is easy and quick as compared to other WAF Portals. Lots of security controls in place which are updated automatically and periodically by the Radware. We do use portal on day to day basis as we have many application point on it.
What do you dislike about the product?
Lack of Log Views, You will not get any logs for pass through traffic on the WAF. As the security controls are many on the portal, getting full information on the block is difficult and have to raise case with the support team.
What problems is the product solving and how is that benefiting you?
The major CVE's which are detected and attackers try to check for the same on the application, using Radware Cloud WAF we are protected for most of the Major CVE's. Also after using this, we have seen significant reduction on the Internet bandwidth utilization.
Radware’s support has been prompt and effective, especially in handling critical security incidents.
What do you like best about the product?
Radware WAF is a strong product, offering real-time alerts and robust threat defense. It can automatically take containment actions to prevent further infections in the environment. It also provide the best customer support. I have using this on daily basis since 3 years. It is easy to implement and use. It's a very useful tool and every organization should have it.
What do you dislike about the product?
It has strong AI features, but it still needs better integration to be a perfect solution.
What problems is the product solving and how is that benefiting you?
My organization is quite large, so we need to monitor activities thoroughly and promptly. Since it's not feasible for humans to detect and address every threat, we implemented the Radware WAF service. It has been effective in automatically detecting and preventing DDoS threats and unusual traffic without human intervention, and it provides comprehensive reports. Additionally, its fast customer support is a significant advantage.
Simplifying Threat Protection: My Experience with Radware Cloud WAF
What do you like best about the product?
I rely on Radware Cloud WAF daily for strong, real-time protection against OWASP Top-10 vulnerabilities and zero-day threats, thanks to its use of behavioral analysis and machine learning.
Its intuitive dashboard, automatic policy generation, and built-in bot and DDoS protection make managing security much easier for me.
I really appreciate how smoothly it deploys, the excellent customer support, and its ability to keep up with constantly evolving threats.
What do you dislike about the product?
Setting things up initially was quite complex—integrating Radware Cloud WAF with my existing infrastructure took time and required expert configuration.
I also faced a steep learning curve, especially when managing custom rules and fine-tuning alerts, which demanded a solid level of technical expertise and made it challenging at first.
What problems is the product solving and how is that benefiting you?
Radware Cloud WAF helps me tackle bot attacks, DDoS threats, and OWASP vulnerabilities effectively. It’s made my security management much simpler, with proactive support and dependable threat mitigation that I can count on.
Strong application layer protection and real time threat detection
What do you like best about the product?
Its AI powered defense automatically tunes secruity policies
What do you dislike about the product?
Complex and some improvement in reporting capability
What problems is the product solving and how is that benefiting you?
It solves application layer threat such as bot attacks , DDOs
Radware cloud WAF solution experience by client
What do you like best about the product?
As an active user of Radware Cloud WAF, our organization relies heavily on its robust capabilities to monitor infrastructure and manage both WAF traffic and DDoS threats across our protected domains. The dashboard serves as our central command, offering a clear and comprehensive view of incoming internet traffic. This visibility empowers us to take timely and informed actions to safeguard domain security.
One standout feature we've leveraged recently is Geo-Fencing. With minimal effort, we were able to block traffic from specific regions based on country-level filters. Even more impressively, the platform allowed us to whitelist critical subnets from those regions, ensuring operational continuity without compromising security. The entire process was seamless and highly efficient.
We also want to highlight the Radware support team, whose proactive assistance has been consistently reliable. Their responsiveness and expertise have made a significant difference in our day-to-day operations.
Lastly, the user interface of the Radware console deserves praise. Its intuitive layout and well-organized feature set make it easy for clients to navigate and utilize the platform without hesitation. Whether you're a seasoned security professional or a first-time user, the GUI enhances usability and confidence.
What do you dislike about the product?
1. Lack of Granular Role-Based Access Control (RBAC)
Radware Cloud WAF offers basic user management, but for large enterprises with multiple teams (DevOps, SecOps, Compliance), the RBAC model lacks fine-grained permissions. For example, you can't easily restrict access to specific policy sets or audit logs without giving broader admin rights. This can lead to operational risk or internal friction in shared environments.
2. No Native Threat Intelligence Feed Customization
While Radware integrates its own threat intelligence, it doesn't allow easy ingestion of third-party threat feeds (e.g., from Recorded Future, MISP, or internal honeypots). This limits organizations that want to enrich WAF rules with proprietary or sector-specific threat data, reducing adaptability in targeted attack scenarios.
What problems is the product solving and how is that benefiting you?
I will make this in very simple pointers:
1.Effortless Domain Onboarding
2.Geo-Fencing Efficiency
3.Exceptional Support Team
4.Centralized Traffic Visibility with useful information
These capabilities have collectively enhanced our ability to monitor, respond, and adapt to evolving security challenges with confidence and agility. We look forward to continued collaboration and innovation with the Radware team.
Monitored real-time threats with effective live data analysis for improved security measures
What is our primary use case?
My use case for the Radware Cloud WAF Service involves checking the WAF related to DDoS traffic from the public IP to the organization, which outlines how much impact there is on the WAF. We check the traffic to see what fluctuations occur from the outside and inside, particularly in regards to DDoS types of attacks as mentioned my basic monitoring workflow.
Monitoring Workflow:
- Traffic Analysis: I monitor traffic from public IPs to your organization, focusing on fluctuations that may indicate DDoS attacks.
- Impact Assessment: We evaluate how these attacks affect the WAF, especially in terms of utilization and attack surface.
- Escalation: If anomalies or high-impact events are detected, we raise a case with Redware support.
- Integration with SIEM: We already done, integrating with a SIEM tool can help correlate WAF data with other security logs for deeper insights.
- Historical Trend Analysis: Compare current traffic with historical data to identify patterns or recurring threats.
- Trends and Dashboard: We have creating a dashboard or report template to visualize the traffic and attack trends on live monitoring use.
How has it helped my organization?
The Radware's combination of negative and behavioral based positive security models is beneficial. This behavior is good for timely checks against threats utilizing live monitoring during attack surfaces from public environments, particularly for ISP-relevant traffic or recognizing malicious abnormal activities, which is effective in our environment.
What is most valuable?
In the Radware Cloud WAF Service, the best features I find are that it's easy to use and that it's easy to identify what procedures are ongoing within this environment. We can see live data regarding the public IP's impact on our organization and what actions we can check.
We also find the dashboard helpful; we can monitor multiple business units in Adani from the same page through the Radware dashboard services and its other functions. We feel safe using Radware, and we are happy with it.
We use the API Discovery feature. Regarding how Radware Cloud WAF Service has helped with compliance efforts, compliance actions are done by other tools for the Adani Group, however, we check WAF integrations with our domains through the Radware portal.
We have created a small dashboard monitoring various group-wise applications and domains, including corporate business units, ensuring all websites and public IPs are accounted for. The compliance processes are predefined. We remain compliant. We use additional tools alongside Radware and BITs; both tools provide similar functionalities, and we check Radware for risk mitigation related to any threat intel.
This has quite an impact on our business; all applications and domains are mapped via API with Radware Cloud WAF Service. We receive scores, alerts about impacts, and informational notifications via email for necessary follow-up actions.
What needs improvement?
To make the solution a ten out of ten, we need improvements in AI capabilities, which Radware Cloud WAF Service currently has yet it still has room for integration. Considering what can be improved, customization could be enhanced, and support could be a tad faster; more reporting capabilities or additional intuitive AI features would also be constructive.
Honestly, I currently do not face any challenges that I can articulate for improvement; everything functions according to the service we have.
For how long have I used the solution?
I have been using the Radware Cloud WAF Service for about 1.6 years now.
What do I think about the stability of the solution?
For stability, I can give it a score of nine out of ten, with a possibility of considering it a ten due to its reliability.
Regarding stability, I would rate it a nine out of ten; we've received notifications when maintenance is ongoing, usually informed timely, which is commendable.
What do I think about the scalability of the solution?
About scalability, we haven't examined it at a full 100%, however, for our current needs, it meets 100% of them without pressing requirements for enhancement.
How are customer service and support?
Support for Radware Cloud WAF Service is good; I'm using it on a daily basis and receive 24/7 support, timely reminders, and assistance. However, where improvements could be made includes aspects like API calls and related tasks; daily improvements are noted along with suggestions from our team.
How would you rate customer service and support?
How was the initial setup?
Deployment of Radware Cloud WAF Service is easy, and we regularly use it. It provides an intuitive understanding of how to raise API calls and integrate other requirements. We map our dashboards easily, reviewing and utilizing its functionality effectively.
The Radware solution requires maintenance which our R team oversees. As for regular maintenance, there are no current issues, and the upgrading part is managed by the team who provides the necessary updates based on our needs.
What's my experience with pricing, setup cost, and licensing?
Regarding pricing, I don't find it expensive; it's reasonably priced and aligns with our requirements, so I see it as fair compared to other more expensive tools.
What other advice do I have?
The learning capacity is good, and every feature provided is available; we just haven't fully utilized all aspects of Radware's offerings.
I would rate the Radware Cloud WAF Service a nine out of ten; it is solid and efficient from my perspective.
easy to onboard and getting full support from Radware team to manage the day to day activities
What do you like best about the product?
Radware WAF delivers excellent protection against web threats with minimal impact on performance. Its intelligent threat detection and real-time analytics make it a reliable choice for securing applications. Setup and integration are smooth, and support is responsive. Highly recommended for enterprise-grade security.
What do you dislike about the product?
I didn't find the any dislike till today experience.
What problems is the product solving and how is that benefiting you?
It provides robust cybersecurity for our publicly accessible applications, and we’ve received excellent support from the team for configuration and ongoing management.
