Hi Fastly customers + friends,
This quarter our teams concentrated on Fastly Next-Gen WAF, Cloud WAF, and Image Optimizer capabilities. Along with our Next-Gen WAF edge deployment reaching general availability (GA) in the Essentials package, customers can also enjoy the additions of CVE signals and Log Sampling Time Series improvements. Our integration with AWS Lambda enables developers to start a Lambda function to activate the Fastly Next-Gen WAF agent. Our next-gen WAF cloud deployment now supports multi-origin workspace and will continue to do so for all new instances moving forward. Fastly’s Image Optimizer continues to reduce infrastructure costs and improve end-user experience by supporting AVIF format, a new image format meant for compression and lightning quick delivery.
Table of Contents
Multiple improvements have been made to our next-gen WAF edge deployment to reach GA. Most notably, origin syncing has been improved between Varnish and the edge security service and new API calls have been added to deprovision edge deployment and associated delivery services. Customers can distinguish between Edge, Core, and Cloud WAF deployment types with a new slider and Agent called EdgeSecurity on the Agents page. The Edge deployment method allows customers to add our next-gen WAF as an edge security service onto our edge cloud platform without needing to make any modifications to their hosting environment.
Fastly Next-Gen WAF Essential plan customers can configure Common Vulnerability and Exposures (CVE) signals through the web interface Signals menu or templated rules section of the API. Quickly apply virtual patches with our next-gen WAF's SmartParse technology or through templated rules. Customers can stay informed of new CVE rules by subscribing to virtual patch announcements in your account.
Our Next-Gen WAF has upgraded log sampling with a new Request Logging Menu where customers can opt to enable (Sampled) or disable (None) logging for matched requests in the rule builder. Regardless of whether logging is enabled or disabled requests that match custom rules will be represented within the time series graphs. For new rules, logging is enabled by default, but you can disable logging for a rule by setting the Request Logging menu to None. Now, you no longer have to create a custom signal to log requests that match a rule’s criteria. Existing rules that have a custom signal will continue to log matching requests, and existing rules that do not have a custom signal will not log them.
Our Next-Gen WAF deployment has been expanded to include protection for serverless and Function-as-a-Service (FaaS) traffic by integrating with AWS Lambda. An AWS Lambda function can activate our Next-Gen WAF agent to protect web applications from bad actors with minimal impact to performance and latency. Supporting serverless environments has been one of the most requested features from our customers looking to grow their web applications without supporting extensive infrastructure or provisioning servers.
Cloud WAF Multi-Origin Workspace Deployment (MOWD) is now GA. Multiple origins and workspaces can now be managed within a single Cloud WAF instance. Streamlining efficient management of Cloud WAF is particularly valuable for customers with more complex deployments. Customers with multiple origins can now quickly add additional workspaces to their existing Cloud WAF instances.
Image Optimizer now supports the AVIF format in GA. AV1 image output format (AVIF) is an image format derived from the AV1 video bitstream that was built for compression efficiency. Combined with our powerful Image Optimizer, AVIF allows for high performance and low costs while maintaining quality images. Image Optimizer simplifies image creation and delivery, automates the image delivery workflow, and reduces infrastructure and cloud costs, all of which improves customer web performance. To utilize this feature and the highest image optimization and delivery standards consider upgrading your Image Optimizer package to the Professional.