If you were talking to someone whose organization is considering Reblaze, what would you say?
How would you rate it and why? Any other tips or advice?
Just do it. Try it first, but do it. It's very easy to implement and very easy to understand. If you are a simple site it will be very easy to implement and if you have very complex sites, including web applications and mobile applications, with the SDK they provide for iOS and Android, there is 100 percent coverage of requirements. The biggest lesson we have learned from using this solution is that sometimes, when you have an entrepreneurial company with fire in its eyes and one that is willing to push and give you the best, you can trust it and grow with it, especially when they are very responsive to your needs and ready to change and add features very fast. We have three internal administrators working on the product and there are five or six viewers, who have different roles and who monitor the activities. We have one full-time employee who works on the product and monitors and improves rules, as needed. He is a cyber security administrator.
The biggest thing we've learned from using this solution is that "it doesn't always have to be hard." Know what your site's profile is and listen to Reblaze. They will put you into a learning mode to identify what they are seeing and what your normal traffic looks like and what traffic is suspicious. Work with them. As long as you work well with Reblaze, you will get a good solution out of it. Reblaze has just made things simpler for us. We have them in fairly complex setups with the hybrid solution, which is in Google and AWS. They deployed it, they maintain it. All we do is make sure that it is operating as expected. We scan it weekly, just to be sure, but they are a trusted resource. We've got system engineers, security engineers, and some network engineers all using this system and all of the different instances. We also have a third-party on the casino product, which is helping us to support that instance. We will have to do some maintenance about once every three to six months, in general, for major upgrades. That would usually involve a system engineer and a security engineer. Beyond that, the rules and the other methods that they are using for DDoS protection are fairly automated. We may tweak the rules here and there if we see a specific issue that we are sensing, but it is fairly low maintenance.
Go ahead and use it. We took a chance because, when we started with Reblaze, it was a young company. With a young company, you don't know if it will be there in two years. It was risky because to implement the system takes six months. To move to another platform would take another six months. So it was a risk. Today, there is no risk. Reblaze stands on its own. Its income is stable from customers. It's not only investors' money today. Reblaze has a lot of customers and its teams are much bigger. My primary advice is to have the coding team, the programming team, with you from the first minute, because they will need to support you. It's not just an IT task. It seems to be, but it's not. It's also a task for the programming team. You will need QA resources which, in most cases, are provided by the programming team. You also need architecture teams. You need to work much more closely with all these teams than we initially thought, when implementing this kind of solution. Look at * how much time you can save and the resources required * the stability and * the support. Those are the three main factors for me. And in these three factors, Reblaze excels.
Try it on your real production data and try it for more than just one week. You need to sit with a person who knows how to operate it. It's really simple to operate, but you need to learn it. Reblaze has taught me a lot about how to use my web application; how to think about my users and what they need. The biggest lesson I've learned is that, in security testing, you need to maintain things all the time. It will sound a little bit cliché, but it's a cat-and-mouse game. Reblaze helps with this game because it's effective and you can change it all the time and you can see what is changing in real-time. In the game of cat-and-mouse it's a good solution. I rate Reblaze at eight out of ten. Nothing is perfect. Producing security products is really hard and there is a lot more to do. Compared to other products in the category, it's really different. It's a little bit more convenient, simpler. The people behind Reblaze have learned a lot by participating in security games. You need a lot of knowledge when you're dealing with web applications.
They provide a solution for something that I have no time to do. Reblaze provides us with a solution we can count on. It is a company that will provide you with the solution you need, and you can count on them to do the right thing. We don't need anyone for deployment and maintenance of the solution. It runs by itself. I would rate Reblaze at nine out of ten because it needs a little bit of improvement, such as the interface and alerts on-the-fly.
I know Reblaze really well. I hear Microsoft has good products but I don't have experience with them. I would say that Reblaze is good but you should evaluate all of your options. You should do the configuration correctly and work according to the product's best practices. I would rate it an eight out of ten.
I rate this solution eight out of ten. I will never, never recommend any company to use any specific solution. I will always tell them to choose what is best for them, but I will give them my opinion on which programs I value. I always say which program I prefer but I will never say that it is the only solution because it will present me as biased and not a trusted advisor. I prefer to say what I like about the program, and then the person can choose what works best for him.