ナビ付きでトピックを開く

 

Configuration

Applies To:
HTTP LargeThis platform has been optimized to cache and deliver static content (e.g., HTML, CSS, JavaScript, ISO, multimedia, and software downloads, etc.) over HTTP or HTTPS.
HTTP SmallLegacy. If you are currently serving traffic over this platform, then you may continue to do so. However, we recommend that you serve your traffic over our more robust HTTP Large platform.
ADNThe Application Delivery Network platform has been optimized to deliver dynamic content (e.g., login credentials, account information, etc.) over HTTP or HTTPS. Typically, user-specific and database-driven content are served over this platform.
WAF Essential (Legacy)WAF Essential (Legacy) provides basic protection against DDoS, application layer attacks, and volumetric attacks. Consider using WAF for a more robust solution.

This article explains the legacy version of WAF Essential that will undergo end-of-life on June 30, 2021. Our new version of WAF Essentials expands upon all of the capabilities offered by the legacy version of WAF Essential with a simplified and centralized setup. Please upgrade to the latest version of WAF at your earliest convenience.

The following information is only applicable for the WAF Essential product. This security offering provides limited Web Application Firewall and Rate Limiting functionality.

ClosedShould I upgrade from WAF Essential to the full version of Web Application Firewall and Rate Limiting?

WAF Essential allows customers with basic security needs to leverage our powerful security solutions to protect their origin servers. WAF Essential allows you to create up to 2 profiles, 1 instance, and 3 rate limiting rules at any given time. This is sufficient to set up a dual WAF configuration through which you may validate a new WAF configuration without compromising the security of your origin servers.

WAF Essential cannot be configured via our APIs. However, you may leverage our APIs to retrieve WAF and Rate Limiting event log data.

Enterprise customers typically find the above limitations too constrictive when tailoring security to fit their business needs. Additional profiles, instances, and rate limiting rules provide the flexibility to tailor your security configuration by traffic profile.

Please contact your CDN account manager to upgrade to the full version.

The configuration of WAF Essential consists of the following steps:

Step Name Description

1

Create Profile

Define a security policy for inbound HTTP/HTTPS traffic that defines the:

2

Create Instance

Determine how the above security profile will be enforced.

An instance defines:

  • A profile that may be applied to production traffic.
  • How potential threats are handled.
  • A profile that may be used to audit production traffic.

3

Activate Instance

Define both of the following items through Rules Engine:

  • The type of requests that should be secured by Web Application Firewall.
  • The instance that identifies the profile(s) that may be used to secure/audit site traffic.

4

Create Rate Limiting Rule

Optional. Limit the rate at which your content may be requested.

After configuring WAF Essential, near-real-time threat monitoring may be performed through the WAF and Rate Limiting Dashboards.