WAF provides full-time protection for your websites and applications by analyzing all traffic and only allowing legitimate and authorized access. Simply:
WAF is designed to require zero-touch configuration, and to continue getting smarter as it is used. Traffic is constantly analyzed to profile behavior, detect inconsistencies, and determine reputation, leveraging advanced intelligence algorithms and expert security analysts. Every attack makes our WAF smarter and even more secure from emerging threats
WAF runs in all of our edge locations around the world, providing your websites and applications global security in one single service
WAF automatically protects against Layer 7 DDoS attacks, the largest and most common types of attacks. The WAF measures and analyzes all traffic coming through it; if a domain threshold, burst threshold, or sub-second burst threshold (all of which can be customized) is exceeded the WAF suspects an attack and challenges traffic to verify it is coming from a human
Predefined thresholds can be configured per domain, allowing protection to be customized to the domain’s acceptable traffic profile
Known legitimate traffic sources, like search engines, are allowed through even during a DDoS attack
Get real-time insights into your web application security events
It provides information about the country and organization your visitors are coming from
You don’t need to be a security expert to analyze your web application security events, full details about each event are available within the WAF event management
Information about the top threat actions, origins and the most active rules provide an extra layer of info that will help you get more insights about the malicious traffic that was blocked