Radware Cloud DDoS Protection Service
Overview
Radware Cloud DDoS Protection Service provides a robust, multi-layered defense using advanced behavioral algorithms for swift detection and mitigation of volumetric and sophisticated application-layer DDoS threats.
The service is delivered globally via a high-capacity scrubbing network, offering flexible deployment models including Always-On, On-Demand, and Hybrid to align with diverse organizational security requirements.
This Pack Includes
Data Normalization and Querying Capabilities
- Data modeling rules to normalize Radware Cloud DDoS Protection Service logs that are ingested via RadwareCloudDDoSProtectionServices integration to Cortex XSIAM.
- Querying ingested logs in XQL Search using the radware_cloud_ddos_raw dataset.
Supported Log Categories
- Security Events
- Operational Alerts
Enable Data Collection
Configure Radware Cloud DDoS Protection Service
- Navigate to Accounts -> API Keys.
- Click on the + icon to create a new API Key.
- Fill out the form in the pane.
- Click Save. The Add New API Key dialog will appear.
- Copy the API Key that appears in the window.
- Click Confirm to complete the creation of the new API key.
Note:
For more information, search Cloud Services API USER GUIDE document here.
Configure Cortex XSIAM
To fetch events from Radware Cloud DDoS Protection Service, see the integration configuration details here.
- Navigate to Settings -> Data Sources.
- On the top right corner, click on + Add Data Source.
- Search for Radware Cloud DDoS Protection Service and click on the Connect button.
- Insert the Server URL, Default value is _https://api.radwarecloud.app_.
- Insert the Account ID.
- Insert the API Key.
- Under Collect, select Fetch events checkbox and choose event types from the drop down menu.
