logo is an open-source application delivery solution based on its infrastructure-independent, ZeroOps platform designed for Kubernetes-based cloud environments. Major brands and government agencies trust to host their websites on its Lagoon platform with up to 99.99% SLAs for uptime. Developers focus on code, while ensures a secure, reliable infrastructure and operations layer.
Industry: Digital Publishing, Software & Services
Location: Zurich, Switzerland & Global
Customer since: 2019

Favorite features
Next-Gen WAF
Surrogate key purge
Customizable VCL
Fastly Fiddle
Enterprise support
Platform TLS

99.99% uptime guaranteed thanks to Fastly's Next-Gen WAF and network services's customers count on its ZeroOps platform to work seamlessly, keeping infrastructure out of sight and out of mind. The company relies on Fastly's CDN and Next-Gen WAF in the same way. "With Fastly, everything just works," says Technical Account Manager Sean Hamlin. "We just don't have to think about it." has been a Fastly CDN customer since 2019, and as their customer base expanded, so did their need for other Fastly solutions, like Platform TLS for certificate management and Enterprise Support. The Next-Gen WAF was a natural next step for the ZeroOps platform, especially as more and more high-profile customers used Lagoon for business-critical applications with stringent security demands.

Next-Gen WAF minimizes false positives without constant tuning

"The concept of the Fastly Next-Gen WAF is groundbreaking," Hamlin said. Before implementing the Next-Gen WAF, false positives and alert fatigue were frequent sources of irritation. Other WAFs tend to leave users with untenable options: block every incoming request that matches a regex rule—which ends up blocking plenty of legitimate traffic, turn off entire WAF rules and increase the security risk, or expend lots of resources tuning and re-tuning the WAF.

By contrast, Hamlin reports even though the Fastly Next-Gen WAF does require tuning, it has all the building blocks needed to do this, in the UI. What he likes best is that rather than relying on regex, the next-gen WAF’s SmartParse technology, developed by Signal Sciences, takes a contextual approach to determine how signals are attached to traffic, and it is up to you to decide what to do with that information. That's especially important for, given the transient nature of IPs. Bad behavior gets blocked automatically, but if an IP starts behaving normally again it regains regular access to a given website. Because supports government websites, blocking legitimate traffic can lead to serious headaches. "With Fastly, that's managed before I even see it." Hamlin said. 

Low-maintenance web application security technology creates big customer wins

One of's major customers has an active bug bounty to encourage developers and ethical hackers to find and report vulnerabilities. As a result, people scan the site every second of the day. Before using the Fastly Next-Gen WAF, the platform had to upsize that customer's database cluster dramatically just to deal with the load from security researchers. Since deploying the Next-Gen WAF, up to 80 percent of traffic is blocked before the application sees it, which enables to reduce infrastructure costs and pass on cost savings for their customers. 

Fastly’s CDN and Next-Gen WAF have become a selling point for's platform by adding value for its users in multiple ways. For some of its customers, compliance is a primary concern, especially in the case of government agencies. For others, downtime—especially the reputational risk and loss of revenue—is a major threat. "For some customers, we're actually saving their lives on a daily basis," Hamlin said. "We have a broad range of use cases."

Fastly's Next-Gen WAF and CDN are essential, enabling to offer some of its biggest clients 99.99% uptime. At less than 5 minutes of unscheduled downtime per month, it's a very aggressive SLA. "We can offer that because of Fastly. We couldn't do it otherwise," Hamlin said. 

Self-service tools keep in charge

When it comes to its own infrastructure, the team needs the flexibility to make changes without much ado. For example, wanted to permit their customers to purge a single domain from a service—not the whole service, just one domain and every asset under that service. The team capitalized on Fastly's Surrogate Key Purge, adding them for every site on their platform in a VCL fetch hook and rolling out the feature globally. "We can solve problems specific to our needs without using our time and resources getting a professional services team involved," Hamlin said. "That makes us more agile, and our solutions are tailored to our customers’ needs." also takes advantage of Fastly Fiddle, a testing sandbox that allows the team to try out a proposed solution before actually putting it into production. "Pushing that button to implement a change can be quite scary," Hamlin said, "especially when you have 1,000 requests a second hitting a site. The Fiddle has been great for testing out weird and wonderful things and getting the assurance that they will play nicely."

Fastly Enterprise Support beats ticketing systems hands down

Self-service doesn't mean going it alone, however. Enterprise-level support makes it easy for to get help when the team needs it.  Rather than submitting a ticket and waiting for triage, the team can reach out in a dedicated Slack channel and get an answer "lickety-split," according to Hamlin. Just as important, if an issue needs to be escalated, Fastly is on it.

A fast, expert response was crucial when one of's government sites experienced a subdomain takeover issue. "Fastly treated this problem extremely seriously and acted very quickly to put a solution in place," Hamlin said. "When we need Fastly to step up, they are right there, and we can pass that confidence on to our customers."

"Dealing with false positives is my number one frustration. Since we implemented Fastly's Next-Gen WAF, I don't have to spend any time dealing with that. Problem traffic gets black-holed, and I never have to worry about it."

Sean Hamlin
Technical Account Manager

"Fastly Next-Gen WAF has created some really big wins for both and our customers. Without it, they have a bad time; with it, they have a good time. That's as simple as I can put it."

Sean Hamlin
Technical Account Manager

"We've been able to do a lot of cool things with the Fastly Next-Gen WAF, like plugging it into our dedicated Kubernetes clusters so we can enhance our offerings for our larger customers with more complex or stringent security needs."

Sean Hamlin
Technical Account Manager

"If I had to choose a favorite thing about Fastly, it's that if you need a tool, you can build a tool. We aren't waiting for someone to bless us with a feature next quarter or next year. Fastly is customizable and flexible enough that you can be the master of your own destiny."

Sean Hamlin
Technical Account Manager

"The support team at Fastly is really on point and so much better than raising tickets in a ticketing system and waiting to see what happens. The chat-based support is a huge positive—and the answers come from the people that really know their stuff."

Sean Hamlin
Technical Account Manager

"We can offer our most demanding customers very aggressive SLAs because of Fastly's CDN and Next-Gen WAF. Without them, it's just not possible."

Sean Hamlin
Technical Account Manager

Ready to get started?

Get in touch or create an account.