Next-Gen WAF
These articles explain how to use the Fastly Next-Gen WAF (powered by Signal Sciences).
What's new
Learn about recently released features and products.
Announcing gRPC proxy deployments The Signal Sciences agent can now act as a proxy for gRPC traffic to allow inspection of protobuf-based…
Read moreGetting started
These articles provide basic information about the Next-Gen WAF product and architecture.
These articles describe key features of the Next-Gen WAF web interface controls.
- About the web interface controls
- About the Corp Overview page
- About the Corp Rules menu
- About the Corp Manage menu
- About the My Profile Menu
- About the Site Overview page
- About the Requests page
- About the Agents page
- About the Signals page
- About the Monitor menu
- About the Rules menu
- About the Manage menu
- Viewing agent details
Welcome! This guide provides a high-level overview of the steps needed to set up and configure the Next-Gen WAF product. Guided by our Sales…
Read moreThe Next-Gen WAF is an application security monitoring system that proactively monitors and protects your web application from malicious…
Read moreInstall guides
These articles explain how to install and configure the Next-Gen WAF.
These articles describe how to install, configure, and update the Signal Sciences agent.
- Getting started with the agent
- Accessing agent keys
- Agent end-of-support policy
- Configuring the agent
- Creating agent alerts
- Installing the agent on Alpine Linux
- Installing the agent on Amazon Linux
- Installing the agent on Debian
- Installing the agent on Red Hat
- Installing the agent on Ubuntu
- Installing the agent on Windows
- Upgrading the agent
These articles describe the module-agent deployment options.
- Java module overview
- NGINX module overview
- About module-agent deployment
- Apache Module Overview
- Alpine Apache Module Install
- Module configuration
- Amazon Linux Apache Module Install
- Debian Apache Module Install
- Red Hat Apache Module Install
- Ubuntu Apache Module Install
- Windows Apache Module Install
- Upgrading the Apache module
- Alpine Linux NGINX 1.15.3+
- Amazon Linux NGINX 1.10-1.14
- Amazon Linux NGINX 1.14.1+
- Amazon Linux NGINX 1.9 or lower
- Amazon Linux NGINX-Plus
- Debian NGINX 1.10-1.14
- Debian NGINX 1.14.1+
- Debian NGINX 1.9 or lower
- Debian NGINX-Plus
- .Net module install
- .Net Core module install
- Golang module install
- HAProxy module install
- HAProxy SPOE module install
- IBM HTTP Server
- IIS module install
- Installing the Java Module with Dropwizard
- Installing the Java Module as a Jetty Handler
- Installing the Java Module as a Netty Handler
- Installing the Java Module as a Servlet Filter
- Installing the Java Module on Weblogic
- Kong plugin install
- Working with multiple Lua scripts in NGINX
- Node.js module install
- Red Hat NGINX 1.10-1.14
- Red Hat NGINX 1.14.1+
- Red Hat NGINX 1.9 or lower
- Red Hat NGINX-Plus
- Ubuntu NGINX 1.10-1.14
- Ubuntu NGINX 1.14.1+
- Ubuntu NGINX 1.9 or lower
- Ubuntu NGINX-Plus
- Upgrading the NGINX module
These articles describe how to install the Next-Gen WAF on Kubernetes.
- Kubernetes installation overview
- Signal Sciences agent container image
- Kubernetes reverse proxy
- Kubernetes Agent + Module
- Kubernetes Agent + Ingress Controller + Module
- Kubernetes Envoy
- Kubernetes Istio
- Kubernetes Ambassador
- Agent scaling and running as a service
- Kubernetes startup probe
- Pivotal Container Services (PKS) setup
- AWS Elastic Container Service (ECS) setup
- Example helloworld test web application
- Using the Next-Gen WAF core command line utility
Next-Gen WAF supports multiple installation methods. You can use Fastly’s Edge Cloud Platform , hosted Cloud WAF solution, or you can…
Read moreThe Edge deployment method allows you to add the Next-Gen WAF as an edge security service onto Fastly's Edge Cloud platform without needing…
Read moreWhen deployed in a self-hosted deployment, the Next-Gen WAF agent requires egress to multiple external endpoints to facilitate actions (e.g…
Read moreProcessors We support the following processors: Intel. All agent and module versions are compatible with Intel processors. AMD. All agent…
Read moreAgent The Signal Sciences agent supports different combinations of operating systems and architecture types. Download the latest version of…
Read moreUsing the Next-Gen WAF
These articles provide information about working with the Next-Gen WAF web interface.
Often the server being protected is behind a load balancer or other proxy. In this case, the server will see this load balancer or proxy IP…
Read moreHeader links facilitate cross-referencing Next-Gen WAF data with your own internal systems via a hyperlink. We currently support linking…
Read moreSite alerts monitor and handle requests from IP addresses that have been tagged with specific signals. Specifically, when the number of…
Read moreDeveloper
These articles explain how to work with the Next-Gen WAF API.
Our entire console is built API-first — this means that anything we can do, you can do as well via our RESTful/JSON API . We’ve seen…
Read moreNext-Gen WAF stores requests that contain attacks and anomalies, with some qualifications. If you would like to extract this data in bulk…
Read moreThis document demonstrates various data flows between the Module and Agent. While MessagePack is the serialization protocol, the data is…
Read moreX-SigSci- headers are added to incoming requests. The end user (your customers) can't see them. However, your internal application can use…
Read moreFAQ
These articles provide answers to frequently asked questions.
StatsD Metrics Metrics can be reported through StatsD to the service of your choice using the statsd-address agent configuration flag…
Read moreFastly Security Labs is a program that grants your corp access to in-development beta features. In addition to early access to these…
Read moreFastly provides full support for IPv6 in the product, including: Detection and decisioning: Requests are appropriately tagged and IPv…
Read moreTroubleshooting
These articles describe how to troubleshoot common problems.
My data is not showing in the console but the agent and module are running If both the agent and module are reporting as active within the…
Read moreSecurity-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security…
Read moreApache module fails to load ( The following information has been confirmed for RHEL/CentOS deployments using the default yum module…
Read moreReference
These articles provide reference information for Next-Gen WAF.
These articles provide information about agent and module releases.
- Agent release notes
- Apache release notes
- CloudFoundry release notes
- Dotnet Core release notes
- Dotnet release notes
- Golang release notes
- HAProxy release notes
- Heroku release notes
- IBM Cloud release notes
- IIS release notes
- Java release notes
- NGINX C Binary release notes
- NGINX release notes
- NGINX 1.10 Lua Module release notes
- NGINX 1.11 Lua Module release notes
- NGINX 1.12 Lua Module release notes
- ngwafctl release notes
- NodeJS release notes
Free Text In many cases, you can just enter a free-text query. Example Description /a/path/here sqli -7h Show all SQLI in last 7 hours with…
Read more