Radware has announced the availability of its Web DDoS Protection for Encrypted Traffic as a cloud-based service that does not require SSL certificate sharing or traffic decryption. With this release, Radware believes it is the only security provider to offer a cloud-based solution designed to block sophisticated, encrypted layer 7 DDoS attacks in the cloud without the need for a certificate, thus eliminating a common operational and compliance concern associated with encrypted traffic inspection.
As encrypted traffic now represents the majority of web communications, organizations often rely on SSL decryption to inspect traffic for layer 7 threats. While effective, this approach can introduce privacy, regulatory, and key management complexities. Radware’s cloud-based deployment allows organizations to choose whether to share certificates. Organizations choosing not to share certificates can still receive automated, accurate and scalable cloud-based protection while preserving regulatory and privacy frameworks.
“Many organizations want strong Web DDoS protection but are hesitant or unable to share SSL certificates or decrypt traffic in the cloud,” said Haim Zelikovsky, vice president, cloud security business at Radware. “This release makes our proven Web DDoS protections available as a cloud service that is designed to eliminate that requirement.”
Automated Web DDoS Mitigation for Encrypted Applications
Radware’s AI-powered Web DDoS Protection service uses cross-correlated, behavioral analysis and machine learning models to establish traffic baselines, detect anomalies, and dynamically generate mitigation rules. The system is designed to mitigate layer 7 DDoS attacks in real time without requiring ongoing manual policy tuning. Protection automatically adapts as traffic patterns evolve, helping maintain application availability while minimizing impact on legitimate users.
Flexible Deployment Models
With this new release, organizations can deploy Web DDoS protection in multiple ways depending on operational, regulatory, and infrastructure requirements:
- Cloud-based deployment via Radware’s Cloud Security Platform, with optional SSL decryption
- On-premise deployment using Radware DefensePro appliances, or integrated application delivery and security through Radware Alteon Protect appliances
- Deployment in Kubernetes-native environments using Radware Kubernetes WAAP
These options allow customers to choose between cloud, on-premises, hybrid, and containerized deployments, including a cloud-based model that does not require SSL certificate sharing nor traffic decryption.
