Three key points for WAF savings

Security teams turn to Fastly’s Next-Gen WAF for better protection of their applications, APIs, and microservices wherever they live, but that’s not all. Unlike other WAFs, the Fastly Next-Gen WAF doesn’t have hidden costs that unexpectedly inflate your total cost of ownership.

Eliminate hidden costs other WAFs require

WAF users frequently report that they discover significant hidden costs that make their WAF far more expensive than initially budgeted for. While evaluating any WAF product, organizations of all sizes should consider the following hidden cost centers to uncover the true total cost of ownership. Customers consistently choose Fastly because of the significant cost savings in the following three areas.

Time to value

How fast can a WAF be installed? How long will it take your staff to get trained to gain security value from it? The time of Security, DevOps, and Development engineers is a massive cost for companies of any size. Stakeholders should consider the time and resources required to properly install and maintain the WAF and the personnel and opportunity cost incurred if they choose a product that is difficult to use and requires dedicated staff to create and maintain regular expression rulesets necessary to run it in full blocking mode.

Fastly installs fast

WAF implementation times vary widely across vendors. Our global average install time is three days, with most installs occurring in an hour or less. In contrast, other WAFs require three to six months to install, with most of the time spent on rules tuning or ensuring that the WAF does not negatively impact apps and APIs in production.  Every day spent in implementation creates opportunity costs as faster implementation leads to more quickly realized security benefits.

Fastly doesn’t cost you political capital

A WAF project, and security projects in general, often cost practitioners extensive political capital to get deployed. Deploying a WAF is a cross-functional effort requiring resources from teams who are already stretched thin. While it's likely they’ll dedicate time to help with implementation, consider the political damage if their resources are required regularly for maintenance. Unlike some technologies that are difficult to use and cost political capital to maintain, Fastly customers gave our Next-Gen WAF an average of 5 stars on Gartner Peer Insights, and 97% said they would recommend it to others. Where utilizing other WAFs may detract from your political capital, Fastly’s Next-Gen WAF will likely enhance it.

Service fees

Required service fees are common among some WAFs to cover routine maintenance, support, core rule creation, and tuning against false positives. The Fastly Next-Gen WAF is built to run out of the box, meaning the need for service fees is greatly reduced and never required, thus reducing total contract costs significantly.

Fastly eliminates the significant and ongoing cost of rule-tuning 

Other WAF products require costly ongoing labor-intensive rules tuning to eliminate false positives because they rely on regular expression pattern matching rules for attack detection. In contrast, Fastly’s Next-Gen WAF takes a fundamentally different approach. Our proprietary detection method, SmartParse, eliminates rules tuning by evaluating the context of web requests and how they would actually execute if they reached the app or API endpoint. This cost-effective ability enables our highly accurate detections without tuning.

Fastly does not charge for security updates

Other WAF vendors commonly add additional fees for new versions. While we regularly release new versions of our WAF, there are never additional fees charged for the update (Figure 1). When evaluating vendors, consider that for some, it may require tradeoffs like skipping updates that maintain your security for adherence to an approved budget.

Internal labor costs 

The longer installation periods and ongoing ruleset maintenance that common WAF vendors require means you must dedicate full-time staff to the installation project and ongoing rules maintenance. If you don’t have experienced IT staff with the bandwidth to handle this work, you will instead need to pay WAF vendor fees just to begin using the WAF and later drive value (use it in blocking mode). 

Fastly reduces labor costs for installation and ongoing maintenance

For organizations accustomed to other WAFs, switching to Fastly can represent a massive shift in resourcing. For example, a global media conglomerate had allocated three full-time staff just to maintain their previous WAF as an ongoing maintenance cost. After deploying the Fastly Next-Gen WAF, they discovered it required less than a single full-time headcount dedicated to WAF management, which resulted in roughly $500K in savings that could be repurposed to other projects (Figure 2).

Lower your total cost of ownership with Fastly’s Next-Gen WAF

WAFs represent an integral investment in your organization’s application security posture, but with some vendors, they can quickly exceed what you’ve budgeted for. Hidden costs in key areas like time to value, service fees, and increased internal labor can quickly add up and impact the budget allocated for other security initiatives. Fastly’s Next-Gen WAF minimizes these hidden costs to increase your security posture without increasing your bill. Contact us to learn more.