LOG IN SIGN UP
Documentation

WAF Management Package

  Last updated June 21, 2018

Fastly’s WAF Management Package provides your organization with enhanced professional maintenance of your WAF by Fastly. The WAF Management Package also improves visibility into application layer threats and strengthens your overall security posture. The WAF Management Package includes ongoing tuning and configuration services designed to help protect you against critical threats. To protect against WAF bypass attacks, it also includes authenticated TLS to origin.

For more information about the WAF Management Package, contact support@fastly.com.

WAF Management Package features

Fastly’s WAF Management Package is a service offering for the term of your contractual agreement which includes the following features.

Ongoing tuning and configuration

At your request, Fastly will provide you with one report per service protected by the Fastly WAF. Fastly will schedule periodic calls with you to review the reports.

Up to once per quarter, at your request, Fastly will tune previously provisioned WAF services as follows:

Up to three times per quarter, at your request, Fastly will provide on-demand rule enablement (if available) for critical vulnerabilities.

Proactive notifications

We may notify you of available Fastly rules to help address critical vulnerabilities that we identify.

Authenticated TLS to origin

To mitigate WAF bypass attacks, Fastly will configure client-authenticated connections to your origin server for each service running WAF. This is an additional layer of security on top of network-level ACLs. This service requires a customer-provided TLS certificate, matching private key, and CA certificate or certificate chain.

Fastly will update the certificate on your behalf prior to expiration. Here’s how it works:


Back to Top