As the applications move to the Cloud at an increasing speed, the WAAP market also shifts towards an as-a-service model and Distributed Cloud WAAP is F5's answer to this new market demand. WAAP or "Web Application and API Protection" is a term coined by Gartner, covering a range of technologies that were previously thought of as separate products: WAF, API Security, Bot Protection and DDoS Mitigation.
"Nature is a mutable cloud, which is always and never the same." - Ralph Waldo Emerson
We might not wax that philosophically around here, but our heads are in the cloud nonetheless! Join the F5 Distributed Cloud user group today and learn more with your peers and other F5 experts.
F5 Distributed Cloud WAAP is built on top of Volterra's distributed cloud architecture, fusing together technologies such as F5's WAF and Shape's Bot Defense, augmented with AI/ML-enabled API security and DDoS Mitigation modules. The distributed cloud architecture enables these technologies to protect applications deployed anywhere on the Internet: on-prem, in public or private Clouds.
In this series of articles, we will introduce the main technologies of the Distributed Cloud WAAP, starting with the Web Application Firewall.
First, it's worth noting that the Distributed Cloud WAAP shares its WAF engine with BIG-IP Advanced WAF and NGINX App Protect WAF. As such, it comes out-of-the-box with a comprehensive suite of WAF features ready to defend the protected applications against the most advanced threats found in the wild. We will demonstrate this with the help of the video below, showing the ease of configuration and the power of Distributed Cloud WAF in warding off one of the most serious attacks in recent history: Log4Shell.
As you could see, protecting an application with F5 Distributed Cloud WAF can be achieved by simply applying the WAF policy on the LoadBalancer front-ending your application, wherever it might be hosted, and the default settings are enough for the WAF policy to mitigate advanced attacks such as Log4Shell.
The timely signatures updates and Threat Campaigns feature ensure the WAF engine is up-to-date with the latest vulnerabilities, allowing for very low maintenance overhead and thus very simple self-service operation.