Top 8 Ways We Support Our Next-Gen WAF Customers
We designed the Fastly Next-Gen WAF (powered by Signal Sciences) to be intuitive, frictionless and easy for you to deploy without relying on significant operations management. Because of this design, over 90% of our customers run our next-gen WAF in full blocking mode. But it doesn’t stop there. Whether it’s integration or ongoing training, we’re always thinking of how to best support our customers with every step of their journey. In this article, we take a deeper dive into the eight key ways we offer support to our customers beyond deployment.
1. User experience
Our management user interface was designed with customer adoption in mind. Templated rules, signals dashboards, events, and corp overview pages provide you with examples of how to build towards a more mature set of security controls – which is done by surfacing anomaly and attack data that is directly relevant to your security teams. We believe that in order to provide you with an industry-leading user experience, enablement must be built into the product's core functionality rather than offered separately.
View of a customizable Signals Dashboard tracking various signals such as SSO failure, broken links, password resets and much more.
With Fastly, you will never be short of helpful resources. We equip you with comprehensive guides, including templates for rollouts in every type of deployment configuration that we support. We’ve also assembled simple but complete API documentation with example code snippets and Postman collections with different requests in an easily convertible format for many scripting languages. For GitHub, we’ve created repositories that show you how to use Puppet, Chef, Ansible, or Terraform if you prefer to use your configuration management tooling. We also produced public repositories with examples of Go and Python API clients you can use as templates for rolling out as you see fit. We furnish the source code for our modules for customers who prefer to compile their code. We also provide public Docker images so that customers can quickly test and deploy our agents.
3. Tooling and integration
Rather than requiring you to learn new tools, we’ve built integrations for a broad range of industry-standard tools, allowing your team to get more use out of their existing tools. We support you by creating regular health check reports. Health checks provide a high-level look into your configuration and traffic.
Fastly’s quarterly health check report provides a high-level view of your Corp and insights into your traffic.
4. Fastly Security Labs and Research Team
Earlier this year, we launched Fastly Security Labs, a new program that lets you be the first to test new detection and security features — ultimately shaping the future of security at Fastly. This program also provides you with an open line of communication directly to the Security Product team and bolsters our feedback loops for the Fastly Next-Gen WAF, helping us create stronger products. We use the program to test a wide range of features from new Signals and Templated Rules to new inspection protocols.
In addition to this program, Fastly has a dedicated Security Research Team that proactively identifies solutions to emerging threats, such as enabling us to rapidly roll out CVE templated rules when exploits surface – as well as bring additional functionality that solves real customer problems in the hands of security professionals. We strive to build constant awareness of threats to our customers by analyzing our own data and collaborating with third parties to improve our product mitigation and detection capabilities.
5. WAF efficacy framework
The big question in most customers’ minds: Is my WAF effective? We can help answer that. Anyone can use our public WAF testing framework tool to test payloads of any kind against their (or our) WAF to determine the effectiveness or identify false positives or negatives.
Every implementation package covers next-gen WAF deployment with a Fastly Security Solutions expert, helping you quickly roll out into production and transition into blocking mode. This also includes recommendations for rules and configurations tailored to your workload.
7. Fastly Academy
As a part of every yearly service offering, you can access our expert-led training courses, live or on-demand through Fastly Academy. Content includes a variety of topics such as how to enable and configure our Templated Rules to enhance visibility and protection against numerous real-world attack scenarios.
Get ready to learn with Fastly Academy. Never play the guessing game on what you’ll get out of each course. We ensure everyone understands the objectives and value this will bring when using our Next-Gen WAF.
8. CSOC and RSS
Our Response Security Service (RSS) is for next-gen WAF customers that need the best response SLA and ongoing adoption support. RSS provides you with enhanced access to our Customer Security Operations Center (CSOC) team – a team that delivers help to any customer that requests it, including helping customers with questions about solving the security challenges and threats they face. With RSS, you have access to a periodic consultation with a Designated Security Specialist for strategic security solutions reviews and planning. Together, Fastly’s CSOC team and its Designated Security Specialists support the design, implementation, and maintenance of your Fastly security solutions by assisting with initial configuration, requested maintenance, and attack support.
Discover the best support for you
We know that being supported is key to a successful WAF deployment, and that’s why we’ll always continue to innovate and provide industry-leading support for our customers. If you’re currently a next-gen WAF customer and aren’t yet taking advantage of all our support and adoption solutions, we invite you to contact your account manager to explore your options and find what’s best suited for your needs. Not yet a next-gen WAF customer? Reach out and we will be happy to show you how easily our WAF can fit in your environment.