What is our primary use case?
I set this solution up for a company who was using it as their edge security solution. It was used to secure the entire infrastructure for the company and helped to protect against DDoS attacks. It was being used in conjunction with a load balancing solution and an open-source firewall running on CentOS.
I was working with them at the time that this solution was deployed, but I have now moved.
How has it helped my organization?
This solution has given us protection against our network being compromised. All of our customers are depending on services that are offered on our network, and DefensePro makes sure that it is protected and customers have access to these services at every point in time.
What is most valuable?
The most valuable feature is the DDoS protection.
The reporting is very good and provides us with a comprehensive description of where attacks are emanating from. The solution mitigates against these attacks in real-time and you can see where their base path is routing from.
If for any reason, DefensePro goes offline, it doesn't prevent your infrastructure from functioning or your customers from reaching you. Obviously, the protection will not be there, but your customers can still reach the services that you are hosting internally. This is a good feature because otherwise, it would be a single point of failure for your entire infrastructure.
What needs improvement?
This solution may not cover all of the requirements in situations for which I am unfamiliar, and there is always room for improvement.
For how long have I used the solution?
We implemented this solution in 2015 and it is still working.
What do I think about the stability of the solution?
This solution is quite stable. If the device is ever offline then you can still have everybody access the entire infrastructure. This is important in Africa, where power is not always stable. You can just wake up in the morning and discover that the power provider has made a mistake and the entire infrastructure is down. Once the power is restored, this solution boots up and simply begins working again.
What do I think about the scalability of the solution?
Radware DefensePro is highly scalable. You have to imagine the high volume of packet inspection. As you add more links, you want the inspection capability to be able to handle more packets. It is just a matter of buying more licenses that allow you to inspect more packets.
This solution is part of the security wall that is protecting between 600 and 700 users in a call center services environment. Several call centers across the country are relying on DefensePro as part of their edge security.
How are customer service and technical support?
The technical support is okay. They are very accessible and they have different levels of services, depending on your plan.
Which solution did I use previously and why did I switch?
We did use another solution prior to this but we were getting a lot of attacks. This meant that we were paying a lot for bandwidth and our customers were complaining that our services were not happening in a timely manner. Based on this, we felt that our solution was insufficient to protect the infrastructure, which is why we switched to Radware.
How was the initial setup?
The initial setup was straightforward. The deployment took about three days and the plan was executed such that there was minimal disruption to the business services.
We had been satisfied with the outcome of the simulation and everything we did before actually migrating to the production environment.
Two staff members, both system administrators, are handling maintenance. The same two people focus primarily on the edge protection devices.
What about the implementation team?
The company had two consultants visit from Radware and assist with the deployment. They were very helpful, supportive, and trained us in such a way that we were confident in handling the solution on our own and no longer needed to depend on them.
All the way from the testing phase to the deployment stage, the Radware consultants were there to support our efforts and everything was successful.
What's my experience with pricing, setup cost, and licensing?
The pricing is based on the amount of network traffic and the number of packets being inspected.
Which other solutions did I evaluate?
Before choosing Radware DefensePro, we did an extensive evaluation of all of the solutions that were available. This is a fantastic solution and it met all of our requirements at the time, which is why it was chosen.
What other advice do I have?
The reporting provides us with a lot of interesting and rich data. It allows us to have total control over what is being protected.
When I first started using this solution, I wondered why it was that the DDoS protection could not be coupled with other edge protection features that I have on my firewall. I questioned why it was that I couldn't have all of the protection in a single box. However, I now realize why it is, from a strategic perspective, and it just makes more sense to have DDoS in its own box.
The biggest lesson that I have learned from using this solution is that you can't assume that everything is right unless you have insight as to what is currently going on within your infrastructure. You can't just relax and think that everything is okay. It is not a good policy to assume that customers are simply complaining about the services and their experience for the sake of complaining. Rather, consider that something is not right and look into it. This begins with getting the proper solutions in place.
Overall, I'm happy with this solution and what it has offered so far. The suitability of using DefensePro depends on your budget and your requirements. My advice is to make sure that you have your requirements right and then compare against the other products that are out there. I tend to believe that this solution is fit for all institutions and in my opinion, anyone who implements this will not regret it because it will serve them well.
While this solution has worked well, I can't say it is perfect because there might be requirements out there that I am unfamiliar with and are not currently being met.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?