0 Shares 417 Views

How Medianova WAF scales to protect against attacks

What is a Web Application Firewall (WAF)?

As the adoption of online practices increases among major industries, web applications have become the core of any modern business. Over recent years their use has spread dramatically.

With growing popularity, the complexity of web applications has increased. Unfortunately, the potential attack surfaces have expanded alongside. Web applications and their important components like APIs have turned into one of the greatest attack targets for cybercriminals. These assets are more vulnerable to attacks since they are exposed to the internet.

Even one successful attack can cost businesses the loss of many important customers, money and reputation. For that reason, application and API security is not a thing that businesses can ignore. 

As the number and impact of attacks increase exponentially each year, services that can analyze and filter the HTTP/HTTPS traffic have become an urgent need for improving security.

Web application firewalls are the most effective solution for ensuring application and API security by preventing sophisticated attacks such as Cross-site-scripting (XSS), SQL injection and Remote Code Execution. 

Security without compromising performance

Our WAF is deployed on our global edge network that is distributed among 50+ data centers. Within this distributed cloud network, it filters out malicious requests at the edge by standing between the web application and end-users. That is a huge benefit, since it screens out and blocks attacks proactively -before they ever reach the origin- and passes only harmless traffic to the origin server. Thus, WAF acts as a security perimeter, holding malicious traffic outside of your application network. 

Medianova WAF runs on a container-based cloud-computing platform and leverages from our strong global edge network, which gives our customers greater protection capacity, scalability, high performance and reliability worldwide. It is natively integrated with our dynamic content delivery platform “Aksela” and works in conjunction with a wide variety of services such as Dynamic CDN, Anycast DNS and Load Balancing. So, Medianova offers application performance and security as an integrated solution.

Multiple Rulesets

OWASP (Open Web Application Security Project) is a non-profit organization that brings out the most recognized and trusted reports on web application security.  Medianova WAF offers rulesets that protect against vulnerabilities reported by OWASP in the “Top 10 Application Security Risks” list. Besides, the platform also allows the activation of platform-specific rules that are defined for popular CMS platforms.

But of course, application security can’t stay limited with the OWASP Top 10 list. Medianova WAF also provides a high level of flexibility for defining customized rules, which helps to enhance security while preventing false-positive cases.

How Medianova WAF scales to protect against attacks

Scalability is one of the most critical aspects to consider while examining WAF solutions.  Medianova WAF runs in our Kubernetes environment and it continuously monitors and determines request densities. Its auto-scale capability ensures that our customers are protected at all times, even during expected or unexpected high volumes of request traffic. 

More specifically, the auto-scale feature guarantees that new containers are deployed as the number of requests increase and harmful attacks are blocked without compromising performance at all critical moments. 

Likewise, containers are dropped when the number of requests decrease, so that resources are used at the optimum level to provide infrastructure cost savings. 

Load Test Results

The screenshot below includes a snippet of test results showing how Medianova scales to protect against attacks.

how Medianova WAF scales to protect against attacks

We ran a load test by using a well-known third party stress test tool (Locust) and sent approximately 6.000 requests per second to Medianova WAF. Even at such high load conditions (around 3.500.000 requests in 10-minute interval), the performance and capacity of Medianova WAF remained on the top with 0% failures being reported. On top of that, not even a slightest degradation in service or performance has been reported.  

As a result, it can be clearly seen that the CPU-optimized WAF platform running on top of Kubernetes environment ensures application security with enormous scalability without compromising performance.

Whether it is during the Super Bowl event for the Betting industry or Black Friday period for E-commerce, our customers always feel prepared and protected knowing that Medianova keeps their sites secure and fast.

 

You may be interested

The Ultimate CDN (Content Delivery Network) Guide 2022
CDN
4437 views
CDN
4437 views

The Ultimate CDN (Content Delivery Network) Guide 2022

medianova - February 8, 2022

The Ultimate CDN Guide - Everything About Content Delivery Network 2022 You probably know what CDN (Content Delivery Network) stands for. You may also be aware of…

The Essential CDN Glossary
CDN
10733 views
CDN
10733 views

The Essential CDN Glossary

Nadia Benslimane - November 21, 2019

Why Have We Decided To Create a CDN Glossary? Whether you are new to the world of CDN, or have been involved in it for years, there…

Medianova and Streaming Platform Jet-Stream Announce Partnership
Press
52 views
Press
52 views

Medianova and Streaming Platform Jet-Stream Announce Partnership

ulasgursoy - September 9, 2022

Medianova and Streaming Platform Jet-Stream Announce Partnership IBC - Amsterdam, September 9, 2022 Broadcasters get better scale and performance for OTT streaming in Europe, North Africa and…

How To Improve Your API Security
API Security
160 views
API Security
160 views

How To Improve Your API Security

ulasgursoy - August 25, 2022

Tips for Improving Your API Security Our relationship with applications is reaching to an advanced level as the possibilities for digital communication increase. However, for apps to…

Private CDN | Explained 
CDN
319 views
CDN
319 views

Private CDN | Explained 

ulasgursoy - August 11, 2022

Private CDN | Explained  Digital content providers face the daunting task of maintaining a high-quality delivery experience amidst a growing customer base. Consumers expect multimedia content, such…

Most from this category

The Essential CDN Glossary
CDN
10733 views
10733 views

The Essential CDN Glossary

Nadia Benslimane - November 21, 2019
API Security in Numbers 2022
security
326 views
326 views

API Security in Numbers 2022

Sıla Saltoğlu - May 24, 2022
API Caching Benefits for E-commerce
CDN
446 views
446 views

API Caching Benefits for E-commerce

Sıla Saltoğlu - May 9, 2022
How to Use Webinars to Boost Business Growth
How To
475 views
475 views

How to Use Webinars to Boost Business Growth

Sıla Saltoğlu - April 14, 2022