R&S Web Application Firewall (DenyAll) Review

Geo-localization and IP reputation help to keep our clients secure and more available

What is our primary use case?

One of our customers needed to publish a web application. Since the customer had a platform that included a Hyper-V cluster, we chose the virtual version of the appliance.

We have deployed the WAF (web application Firewall) in reverse proxy mode to protect the published web application with the WAM, two-factor authentication module, Advanced API protection, and IP reputation control.

The difference between R&S and the other known WAF solutions is the fact that we can set it up as granularly as we want. In the IP reputation setting, we can define the amount of credibility of the reputation of the IP we want. In some other WAF products, we don't have the same degree of choice. We only have a checkbox to include IP reputation.

How has it helped my organization?

By publishing the application without fear, my customer has created new revenue by making the website available anytime and anywhere. We noticed a net growth of the business and strong availability of the application.

Compared to the previous solution, the application is more available and we noticed a growth of customer satisfaction. This is made obvious by the fact that some of the visitors come more often and spend more time on the application.

Consequently, our customer has decided to deploy more applications on the same server.

What is most valuable?

The three most valuable features that I noticed are the geo-localization of the user, the IP reputation, and the compartmental analysis. When browsing the website, the WAF can follow all of the activities of a user and continuously adjust the rate. If a user is identified as an attacker then the WAF is able to send a captcha or a two-factor authentication key to the user to solve. If answered correctly then the user can continue surfing on the website. Otherwise, they can be temporally or permanently blocked, depending on the granularity setting.

What needs improvement?

The area that should be improved is licensing. When using an active/passive cluster, we have to pay 70% of the master appliance and license for the passive server that does not work. Since we know that only one server works at a time, we should pay only one license for the appliances and for the support as well. In my opinion, this has to be improved.

If possible, the client software should be a web application instead of downloading software for the management. This can avoid login problems when they update or patch. 

For how long have I used the solution?

I have been using the R&S WAF for more than three years.

What was our ROI?

The ROI is very nice.

Which deployment model are you using for this solution?

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment