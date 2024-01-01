PPG trades up to Fastly's Next-Gen WAF for usability, visibility, and reliable blocking

The challenge

Managing cybersecurity for a company the size of PPG is hard. The last thing anyone needs is a security solution that makes work more difficult. But that was the situation PPG’s security team found itself in with a prior vendor. The team manages a disparate set of applications deployed across multiple regions, both on-prem and in the cloud. PPG needed a solution that would make it easier to manage security throughout the network.

Unfortunately, their initial solution wasn't working as needed. "It wasn't giving us the benefit we thought we'd see out of the gate," said Dan Connelly, security architect at PPG. "It was complex to use. It needed a lot of attention and gave us too many false positives." The team was stuck in logging mode, unable to use blocking mode, for an intolerably long time. That left Connelly with two challenges: find a better solution and make the case to PPG executives that it was smart to switch horses midstream.

The Solution

To make migration to a new vendor worthwhile, PPG needed a solution that could be implemented quickly and deliver value immediately, especially in regards to the blocking capabilities that its current solution didn’t deliver. The super-fast rollout of the Fastly Next-Gen WAF made it an ideal choice. "Right away, we were able to deploy Fastly, enable it, and turn it on for blocking," said Connelly. Now, Fastly is a critical part of PPG's security strategy.

PPG blocks with confidence using Fastly Next-Gen WAF

Many legacy WAFs are difficult to use in blocking mode—they require constant tuning to avoid false positives that prevent legitimate users from reaching your site. As a result, many enterprises just don't feel confident enough to use full blocking mode. However, blocking is essential to a global business like PPG which needs to restrict traffic from certain regional hotspots in addition to stopping malicious actors.

The Fastly Next-Gen WAF uses SmartParse, a proprietary detection technology, which has been a game changer for PPG. "Before, we were very cautious about turning on blocking, but now we're confident," Connelly said. False alarms are a thing of the past, and PPG's security team can focus on other critical tasks.

Visibility streamlines communication and problem solving

Managing complexity is a lot easier when you have a clear view of what's happening in your network. Connelly makes heavy use of Fastly's custom tags (Signals) capability to quickly drill into traffic data. "The ability to create custom tags is the feature I like most right now," Connelly said. "I create custom tags according to different information I want to collect, and that provides a visual approach to finding traffic I want to examine." As a result, PPG can find and fix problems before they affect user experience.

That visual representation also helps communicate important information about traffic to a wide range of stakeholders, especially those in management or C-suite positions who may not be as technical. "I can share screen captures of the information, and it really gives people clear insight about what they're viewing," Connelly said. "I don't have to go over things in detail and overly explain—the information is all there."

Fastly's responsive listening secures PPG a trustworthy partner

So how did Connelly convince PPG to move to Fastly after already investing in a different application security vendor? According to Connelly, a big part of getting approval was the Fastly team's resourcefulness and cooperation—something PPG found lacking with its previous WAF vendor. "We were sold on Fastly because of its willingness to listen and act as a partner to us," Connelly said. "I can bring them requests or ideas that I think might be beneficial to the platform, and they take those seriously."

PPG also takes advantage of Fastly's professional services, including the support of a dedicated Technical Account Manager (TAM) and Response Security Services. The company has enhanced access to Fastly's Customer Security Operations Center and enjoys regular consultations with specialists who provide guidance on implementation, configuration, maintenance, and optimization of the Next-Gen WAF, as well as support during an attack.

Key takeaway

The ease, clarity, and responsiveness of Fastly's security solutions allows PPG's small team to secure its network with confidence. "We can deploy, manage, and support this solution with a very small resource load," said Connelly. "As we consider more and more use cases, Fastly's Next-Gen WAF is transformative for our organization."