This article explains the legacy version of WAF Essential that will undergo end-of-life on June 30, 2021. Our new version of WAF Essentials expands upon all of the capabilities offered by the legacy version of WAF Essential with a simplified and centralized setup. Please upgrade to the latest version of WAF at your earliest convenience.
The following information is only applicable for the WAF Essential product. This security offering provides limited Web Application Firewall and Rate Limiting functionality.
WAF Essential allows customers with basic security needs to leverage our powerful security solutions to protect their origin servers. WAF Essential allows you to create up to 2 profiles, 1 instance, and 3 rate limiting rules at any given time. This is sufficient to set up a dual WAF configuration through which you may validate a new WAF configuration without compromising the security of your origin servers.
WAF Essential cannot be configured via our APIs. However, you may leverage our APIs to retrieve WAF and Rate Limiting event log data.
Enterprise customers typically find the above limitations too constrictive when tailoring security to fit their business needs. Additional profiles, instances, and rate limiting rules provide the flexibility to tailor your security configuration by traffic profile.
Please contact your CDN account manager to upgrade to the full version.
WAF Essential provides a layer of security between many of these security threats and your external web infrastructure. It increases security by inspecting inbound HTTP/HTTPS traffic against reactive and proactive security policies and blocks malicious activity in-band and on a real-time basis. It also prevents your web servers from being overloaded by providing control over the rate at which your content may be requested.
The following diagram highlights how traffic is screened before it is processed for delivery. The distributed nature of our worldwide network provides an additional layer of protection to origin servers.