Excellent product, questionable future, but costly
September 07, 2018

Excellent product, questionable future, but costly

Anonymous | TrustRadius Reviewer
Score 4 out of 10
Vetted Review
Verified User

Overall Satisfaction with Oracle Dyn Web Application Security Platform

We have used Oracle's Dyn WAF since before Oracle acquired Zenedge. As with any WAF, it's used to protect Internet-facing web applications, providing a 24x7 monitored solution. The extensive tools available on their dashboard allow us to closely monitor the activity hitting our web presence and take appropriate action when necessary.

Pros

  • Pre-populated rulesets - This allows engineers to quickly spin up new WAF instances without the need to configure extensive rulesets.
  • Detailed audit logs - Logs show detailed information about traffic hitting the WAF as well as information the rules allowing or blocking the traffic.
  • Change Management - Changes can be staged and applied when necessary, without interfering with current traffic.

Cons

  • Expensive - This service is not cheap. There are several competitors that have similar services and are significantly less expensive.
  • Oracle - I think that says it all. Oracle, in my book, does not have a good track record. We'll be moving off of this service in the very near future.
  • Tech support slow to respond - Tech support has always been a little slow to respond. They're good at solving problems, and do a great job, but it can take a while to get things rolling.
Dyn WAF allows the user to configure sites in a variety of ways. There are controls to allow specific white and black listing based on IP. There are controls to allow selection of specific WAF rulesets. And there are controls to allow addition of custom WAF rules. Overall, the product seems to be quite configurable, meeting our needs and allowing for growth.
At the time we chose Zenedge, Dyn WAF was the clear leader. AWS WAF is almost 100% manual with no preset rules. Akamai and CloudFlare both excelled in CDN and Anti-DDoS services, but not in WAF services. Since that time, however, several competitors have appeared as well as offerings from both Akamai and CloudFlare. And each of these services are significantly less expensive.
Dyn WAF is a good product, don't get me wrong. Zenedge was constantly improving the product, adding new features on a regular basis. It works very well for dynamic websites, helping weed out SQL Injection, XSS, XSRF, and other attacks. We have also used this product to protect REST API endpoints. Again, the product works very well to repel attacks.

Comments

  • Kevin Armstrong | TrustRadius Reviewer
    Hi- My name is Kevin Armstrong and I am the Director of Customer Success here at Oracle Dyn. Thank you for your feedback. I really appreciate the comments regarding the product but I wanted to speak with you regarding the support issues you had in the past. We have made some great process changes to enhance customer support and I would be very interested in discussing them with you. If you are able, please email me at kevin.d.armstrong @ oracle.com and we can set up some time to chat. Thanks! Kevin

More Reviews of Oracle Dyn WAF