How Medianova WAF scales to protect against attacks

What is a Web Application Firewall (WAF)?

As the adoption of online practices increases among major industries, web applications have become the core of any modern business. Over recent years their use has spread dramatically.

With growing popularity, the complexity of web applications has increased. Unfortunately, the potential attack surfaces have expanded alongside. Web applications and their important components like APIs have turned into one of the greatest attack targets for cybercriminals. These assets are more vulnerable to attacks since they are exposed to the internet.

Even one successful attack can cost businesses the loss of many important customers, money and reputation. For that reason, application and API security is not a thing that businesses can ignore. 

As the number and impact of attacks increase exponentially each year, services that can analyze and filter the HTTP/HTTPS traffic have become an urgent need for improving security.

Web application firewalls are the most effective solution for ensuring application and API security by preventing sophisticated attacks such as Cross-site-scripting (XSS), SQL injection and Remote Code Execution. 

Security without compromising performance

Our WAF is deployed on our global edge network that is distributed among 50+ data centers. Within this distributed cloud network, it filters out malicious requests at the edge by standing between the web application and end-users. That is a huge benefit, since it screens out and blocks attacks proactively -before they ever reach the origin- and passes only harmless traffic to the origin server. Thus, WAF acts as a security perimeter, holding malicious traffic outside of your application network. 

Medianova WAF runs on a container-based cloud-computing platform and leverages from our strong global edge network, which gives our customers greater protection capacity, scalability, high performance and reliability worldwide. It is natively integrated with our dynamic content delivery platform “Aksela” and works in conjunction with a wide variety of services such as Dynamic CDN, Anycast DNS and Load Balancing. So, Medianova offers application performance and security as an integrated solution.

Multiple Rulesets

OWASP (Open Web Application Security Project) is a non-profit organization that brings out the most recognized and trusted reports on web application security.  Medianova WAF offers rulesets that protect against vulnerabilities reported by OWASP in the “Top 10 Application Security Risks” list. Besides, the platform also allows the activation of platform-specific rules that are defined for popular CMS platforms.

But of course, application security can’t stay limited with the OWASP Top 10 list. Medianova WAF also provides a high level of flexibility for defining customized rules, which helps to enhance security while preventing false-positive cases.

How Medianova WAF scales to protect against attacks

Scalability is one of the most critical aspects to consider while examining WAF solutions.  Medianova WAF runs in our Kubernetes environment and it continuously monitors and determines request densities. Its auto-scale capability ensures that our customers are protected at all times, even during expected or unexpected high volumes of request traffic. 

More specifically, the auto-scale feature guarantees that new containers are deployed as the number of requests increase and harmful attacks are blocked without compromising performance at all critical moments. 

Likewise, containers are dropped when the number of requests decrease, so that resources are used at the optimum level to provide infrastructure cost savings. 

Load Test Results

The screenshot below includes a snippet of test results showing how Medianova scales to protect against attacks.

We ran a load test by using a well-known third party stress test tool (Locust) and sent approximately 6.000 requests per second to Medianova WAF. Even at such high load conditions (around 3.500.000 requests in 10-minute interval), the performance and capacity of Medianova WAF remained on the top with 0% failures being reported. On top of that, not even a slightest degradation in service or performance has been reported.  

As a result, it can be clearly seen that the CPU-optimized WAF platform running on top of Kubernetes environment ensures application security with enormous scalability without compromising performance.

Whether it is during the Super Bowl event for the Betting industry or Black Friday period for E-commerce, our customers always feel prepared and protected knowing that Medianova keeps their sites secure and fast.