Glossary
Last updated 2024-10-01
| Term | Definition |
|---|---|
| Admin | A user role that can access the Next-Gen WAF control panel. Users with this role have limited access to corp (account) configurations, can edit specific sites (workspaces), and can invite users to sites (workspaces). |
| Agent | One of the main components of the Next-Gen WAF architecture. The agent receives requests from modules and quickly decides whether those requests contain attacks or not. The agent then passes their decision back to the module. |
| Agent alerts | Custom alerts that trigger notifications whenever:
|
| Agent mode (Protection mode) | Determines whether to block requests, not block requests, or entirely disable request processing. |
| Allow | An agent decision to allow a request through. |
| Anomalies | Abnormal requests that, although not attacks, may still be notable. Examples include malformed request data and requests originating from known scanners. |
| API access tokens | Permanent tokens used to access the Next-Gen WAF API. Users can connect to the API using their email and access token. |
| Attacks | Malicious requests containing attack payloads designed to hack, destroy, disable, steal, gain unauthorized access, and otherwise take harmful actions against your sites (workspaces). |
| Audit log | An audit of activity, changes, and updates made to a site (workspace) or corp (account). |
| Blocking | An agent mode (protection mode) that blocks subsequent attacks from a flagged IP address after it has been identified as malicious. Blocking mode still allows legitimate traffic through if the requests do not contain attacks. |
| Cards | Visual charts of data that can be monitored and customized on site (workspace) dashboards. |
| Cloud engine | One of the main components of the Next-Gen WAF architecture. The cloud engine collects metadata to help improve agent detections and decisions. |
| Configurations | A set of features that users can customize to meet their business needs. Configurations include: rules, lists, signals, alerts, integrations, site (workspace) settings, and user management. |
| Corp (Corporation or Account) | A company hub for managing and monitoring sites (workspaces), users, and corp (account) configurations. Users are authenticated against a corp (account) and can be members of different sites (workspaces) in that corp (account). |
| Dashboards | The corp (account) and site (workspace) homepages. The site dashboard in the Next-Gen WAF control panel and the Fastly control panel give visibility into specific types of attacks and anomalies. The corp dashboard in the Next-Gen WAF control panel gives a snapshot of all top site (workspace) activity including which sites (workspaces) have the most attack requests, blocked requests, and flagged IP addresses. |
| Events | Actions that Next-Gen WAF takes as the result of regular threshold-based blocking, templated rules, site alerts (workspace alerts), and rate limit rules. This includes any occurrence that happens on the Events page, such as a flagged IP address. Events are automatically system generated. |
| Flagged IP addresses | An IP address that has been flagged for exceeding thresholds. |
| Header links | External data like Kibana or Datadog that connects with request data from the Next-Gen WAF. |
| Integrations | DevOps toolchain apps that send activity notifications to users. Examples include Slack, Datadog, PagerDuty, mailing lists, and generic webhooks. |
| IP Anonymization | IP addresses are converted to anonymous IPv6 addresses so that the Next-Gen WAF will not know the actual IP address, which causes the IP address to appear anonymous in the dashboard. |
| Lists | Sets of custom data used in rules, such as a list of countries your company doesn't do business with. Lists include sets of countries, IP addresses, strings, and wildcards. |
| Log | In not blocking mode (logging mode), requests that would have been blocked are logged and allowed to pass through instead. |
| Module | One of the main components of the Next-Gen WAF architecture. The module receives and passes requests to the agent. It then enforces the agent's decisions to either allow, log, or block those requests. |
| Monitor | To observe and keep watch over corp (account) and site (workspace) events. |
| Monitor view | The site dashboard in the Next-Gen WAF control panel in a TV-friendly format. |
| Next-Gen WAF | The overall platform that protects your sites (workspaces). |
| Not blocking (Logging) | The default agent mode (protection mode). In this mode, attacks are logged but not blocked and the site (workspace) is not actively protected. |
| Notification | Any product message sent internally or externally. External notifications are sent through integrations when activity happens (e.g., a Slack notification is sent when a new site (workspace) is created). |
| Observer | A user role that can access the Next-Gen WAF control panel. Users with this role can view sites (workspaces) they are assigned to but cannot edit any configurations. This role is equivalent to the user or billing roles in the Fastly control panel. |
| Off | An agent mode (protection mode) that stops sending traffic to the Next-Gen WAF and disables all request processing. |
| Owner | A user role that can access the Next-Gen WAF control panel. Users with this role have access to all corp (account) configurations, can edit every site (workspace), and can manage users. This role is equivalent to the superuser role in the Fastly control panel. |
| Rate limit rule | A type of rule that allows you to use the Advanced Rate Limiting feature to define arbitrary conditions and automatically begin to block or tag requests that pass a user-defined threshold. |
| Redactions | Sensitive data that is not sent to the Next-Gen WAF backend for privacy reasons. Next-Gen WAF redacts some sensitive data by default, such as credit card numbers and social security numbers. In addition to the default redactions, users can specify their own custom redactions. |
| Request rule | A type of rule that allows you to define arbitrary conditions to block, allow, or tag requests. |
| Requests | Information that is sent from the client to the server over the hypertext transfer protocol (HTTP). Next-Gen WAF protects over a trillion production requests per month. |
| Response time | The amount of time between when a request was received by the server and when the server generated a response. |
| Role | Every user account for the Next-Gen WAF control panel is assigned one role that defines what the account has authorization to access and the permissions associated with that access level. |
| Rules | A configuration that defines conditions to block, allow, or tag requests or exclude built-in signals. |
| Sampling | The act of taking a random sample of certain types of requests to be stored and available in the control panel. |
| Signal | A descriptive tag about a request. |
| Signal exclusion rule | A type of rule that allows you to define arbitrary conditions to exclude a specific system signal (such as XSS). |
| Site (Workspace) | A single web application, bundle of web applications, API, or microservice that Next-Gen WAF can protect from attacks. Users can monitor events, set up blocking mode to block attacks, and create custom configurations on sites (workspaces). |
| Site alerts (workspace alerts) | A custom alert that allows users to define thresholds for when to flag, block, or log an IP address. |
| Suspicious IP addresses | IP addresses that are approaching thresholds, but have not yet met or exceeded them. |
| Templated rule | A type of partially pre-constructed rule that, when filled out, allows you to block, allow, or tag certain types of requests. |
| Thresholds | A limit either that must be exceeded for a certain event to happen. For example, suspicious IP addresses must exceed a certain threshold to become flagged. |
| User (role) | A user role that can access the Next-Gen WAF control panel. Users with this role can edit site (workspace) configurations on sites (workspaces) they are assigned to. This role is equivalent to the engineer role in the Fastly control panel. |
| Users | All of the people who manage, edit, or just observe activity. A user belongs to a particular corp (account) and is identified by an email address and password. A user can be a member of one or more sites (workspaces). |
| Virtual Patch | A virtual patch prevents attacks of a known vulnerability in a module or framework by not allowing the attacks to reach the web app. This buys time to fix the underlying vulnerability while the virtual patch is protecting the app. |
Do not use this form to send sensitive information. If you need assistance, contact support. This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
