• Overview
    Key features
    • Observability
    • Auto-scaling
    • Multiframework
    • Security
    Frameworks
    • Django
    • Next.js
    • Drupal
    • WordPress
    • Symfony
    • Magento
    • See all frameworks
    Languages
    • PHP
    • Python
    • Node.js
    • Ruby
    • Java
    • Go
  • Industries
    • Consumer Goods
    • Media/Entertainment
    • Higher Education
    • Government
    • Ecommerce
  • Pricing
  • Featured articles
    • Switching to Platform.sh can help IT/DevOps organizations drive 219% ROI
    • Organizations, the ultimate way to manage your users and projects
  • Support
  • Docs
  • Login
  • Request a demo
  • Free Trial
Meet Upsun. The new, self-service, fully managed PaaS, powered by Platform.sh.Try it now
Blog

Next-gen Fastly web application firewall

fastly
12 July, 2023
Platform.sh
Platform.sh

Our Elite and Enterprise customers currently using the Fastly CDN can now strengthen the protection of their web applications against a variety of different cyberattacks with our next-gen Fastly web application firewall (Next-Gen WAF) feature. But what exactly is Next-Gen WAF?

What is Next-Gen WAF and how does it work?

Next-Gen WAF is provided by Fastly, Platform.sh tech partner for our Advanced CDN features, and is deployed in the edge layer. It can therefore be used by customers who are already using the Fastly CDN. It was acquired by Fastly to be a replacement for the Fastly legacy WAF with a major benefit of the new Next-Gen WAF being that it leverages the Signal Sciences intelligent engine which analyzes incoming requests and blocks them automatically in the event of an attack. 

Just like any regular Web Application Firewall, this smart system detects and blocks the usual OWASP top 10 threats added to your potential personal blocking rules. But what makes it high performing for your application security is the continuous learning algorithm via the Network Learning Exchange (NLX) which Signal Sciences has built to offer features such as: 

  • Account takeover (ATO) protection
  • API protection
  • Bot protection
  • DDoS protection
  • Edge rate limiting

And the benefits don’t stop there–with this new automated approach, permits avoid the manual maintenance of lists of rules and no longer need to worry about receiving false positives, they’re a thing of the past. And with 95% of users happily using fully automated mode, we’re definitely moving in the right direction. The Next-Gen WAF also works seamlessly, no matter the programming language, stack, application, or cloud provider you’re working with. 

And finally, the best news is that on top of its strong security, the action of a Web Application Firewall being deployed at the edge–where the requests come in first–prevents the infrastructure from having to answer to non-legitimate requests. Limiting the load on the servers and the applications which enhances user experience and lowers energy consumption.

If you want to find out more about how Next-Gen WAF works, you can take a look on the Fastly documentation page or the Fastly Academy.

What’s Platform.sh NG WAF feature?

Our current Fastly legacy WAF is being deprecated by Fastly and won’t be supported or replaced by the Next-Gen WAF. All of our existing customers have been invited to migrate to the Next-Gen WAF with three options to choose from: Basic, Basic Configurable, and Advanced. Here’s everything you need to know:

CapabilityBasicBasic ConfigurableAdvanced
Default attack signals

Y

Y

Y

Default anomaly signals

Y

Y

Y

Virtual Patching

N

Y, block only - by Platform.sh

Y - by customer

Default dashboards

N

Y - by Platform.sh, manual, during QBRs

Y

Custom response codes

N

N

Y - by customer

Custom signals

N

N

Y- by customer

Standard API & ATO signals

N

N

Y- by customer

Edge Rate limiting

Y

Y

Y

WAF mode

Block mode only

Block, not blocking, off modes - by Platform.sh

Block, not blocking, off modes - by customer

How do I get the Next-Gen WAF?

Are you ready to make the most of the next-gen benefits of the Next-Gen WAF? Do you want to test it out for a few weeks to measure the immediate benefits? Or maybe you have a question on some of the new features mentioned above? We got you. 

Get in touch with our team today and we can help you with all of the information you need to get started.

Get the latest Platform.sh news and resources
Subscribe

Related Content

A tale of people: the human impact of adopting Platform.sh

A tale of people: the human impact of adopting Platform.sh

Company
AboutSecurity and complianceTrust CenterCareersPressContact us
Thank you for subscribing!
  •  
Field required
Leader Winter 2023
System StatusPrivacyTerms of ServiceImpressumWCAG ComplianceAcceptable Use PolicyManage your cookie preferencesReport a security issue
© 2024 Platform.sh. All rights reserved.
Supported by Horizon 2020's SME Instrument - European Commission 🇪🇺