A10 Next-Gen WAF, Powered by Fastly

Overview

Organizations must guarantee their applications are consistently and securely accessible, no matter the location, to ensure end-user experience and productivity. The rise of application attacks and data breaches is putting businesses at greater risk. Complex deployments coupled with regular maintenance and tuning and limited resources dedicated to cybersecurity are exacerbating the risk further.

A10 Networks and Fastly are collaborating to provide a complete solution to ensure application availability, robust protection against a broad range of application attacks, and to accelerate content delivery. This solution reduces complexity and cost for IT and security operations, providing better business outcomes.

The Challenges

Organizations must guarantee their applications are always available and always protected. This includes ensuring workloads are efficiently distributed across all servers, monitoring application health, and maintaining operational integrity around-the-clock. Add in the need to protect against an ever-increasing number of bad actors while ensuring rapid access for legitimate requests, and it is clear that IT and security teams are stretched thin.

The A10 Networks and Fastly Joint Solution

A10 Networks is a recognized leader in providing highly scalable and high-performance application delivery controllers (ADCs) that ensure application availability and acceleration, thus enabling business continuity. Thunder ADC, the flagship product of A10 Networks, provides fast, responsive, secure, and efficient service across global data centers and multiple clouds. It delivers L4-7 load balancing and multiple layers of security through web and DNS application firewalls, single sign-on (SSO) authentication, and TLS offload with advanced PFS/ECC ciphers, ensuring optimal performance and protection. Built on A10’s Advanced Core Operating System (ACOS®) platform, Thunder ADC is capable of providing superior application performance and security for organizations of any size and in any environment. By consolidating point products for advanced load balancing, content delivery acceleration, authentication, and authorization for applications, as well as DDoS protection, Thunder ADC offers a complete application solution that significantly reduces network and management complexity, resulting in a substantial reduction in total cost of ownership (TCO).

Fastly’s Next-Gen WAF is a best-in-class solution that protects your organization’s entire application portfolio and provides the visibility that empowers DevOps teams to make their apps more resilient. It uses a token-based approach to attack detection, which is more accurate than rules or static signatures and requires virtually no tuning or maintenance.

A10 Thunder ADC, empowered by Fastly technology, offers customers a premier next-generation web application firewall solution running on high-performance hardware and virtual platforms. It provides an ideal solution for application delivery and security protection against a broad range of attacks beyond OWASP Top 10, DoS, account takeover (ATO), application abuse, bad bots, and more.

By offloading TLS transactions to the Thunder device, it effectively eliminates the decryption overhead associated with a next-gen WAF, reducing the need to purchase bigger security devices just to support resource-exhausting decryption and encryption functions. This joint solution not only delivers faster and more efficient performance but also enhances the security posture of the organization by reducing the attack surface and improving the overall security posture.

Features and Benefits

With the integration of A10 and Fastly, customers can now benefit from a highly effective, easy to manage next- generation web application firewall while also gaining the superior application availability, optimization, and analytics and management provided by A10 Thunder ADC. The joint solution offers superior performance, support, and protection compared to any other integrated web application firewall / application delivery controller solution, along with rapid ROI.

The joint solution can additionally supplement customers’ enterprise Zero Trust strategy. Offering a one-time deployment of a next-gen WAF agent on the Thunder ADC reduces complexity and converges security solutions under the A10 umbrella. This solution implements a non-intrusive identity and access management strategy by seamlessly integrating with IDPs. It enforces continuous monitoring and continuous authentication, which is crucial in a modern Zero Trust security framework without compromising user experience.

Simplify Deployment with Consolidation

• The A10 next-generation web application firewall is available with A10 Thunder ADCs, requiring no agents on servers and only minimal configuration changes to your topology. This allows for stress-free operation and avoidance of agent fatigue.
• A10 Thunder ADC offers a single point to process data center traffic and forward it to applications with advanced load balancing and a next-gen WAF running on a single platform.

Ensure Robust Protection

• Protect apps against a broad range of application attacks, including OWASP Top 10, ATO, bad bots and more with accurate, context-aware detection technology without a noticeable impact on performance.
• Consolidate an ADC, integrated DDoS protection, application access management (AAM) and next-gen WAF on a single platform.

Secure Apps with Confidence

• Fastly technology is proven: Gartner Peer Insights Customers’ Choice for WAF for the past five years and placement in Gartner Magic Quadrant for Web Application and API Protection (WAAP) as a Challenger.

Empower DevOps to Get Visibility in Real-time

• Easy integration for security alerts, data access, and analytics through your existing DevOps and SOC tools like Jira, Splunk, Microsoft Teams, and Grafana for easy reporting and faster investigation.

How it Works

A10 has partnered with Fastly to offer a next-generation web application firewall on A10 Thunder ADCs. The Fastly integration allows application delivery controllers to protect against advanced application attacks without impacting performance and to integrate with any DevOps toolchain.

Both the Thunder ADC and next-gen WAF lightweight modules run on A10’s Advanced Core Operating System (ACOS®) platform. Accurate detections and contextual decisions are made locally on ACOS and next-gen WAF to block attacks in real time before they hit applications and provide visibility into the requests that come in as well as server responses and anomalies that show how the application is behaving. If the request is legitimate and not blocked, the application delivery controller routes the requests to the apps as per the configuration. Blocking is done locally by the next-gen WAF module on Thunder ADC in real time and doesn’t depend on communication to the Fastly cloud. Communication between the ADC and Fastly is needed for managing configuration and analytics. Currently, next-gen WAF configuration, analytics, insights and reporting are available in Fastly’s unified management console.

Summary

Protect Your Applications from Advanced Threats with A10 Next-Gen WAF on Thunder ADC

With Thunder ADC’s superior performance augmenting Fastly’s context-aware detection technology, you can protect apps against all advanced threats with greater accuracy while gaining superior application availability and accelerating content delivery. By offloading TLS transactions to the Thunder device, you can effectively eliminate the decryption overhead associated with a next-gen WAF. And by consolidating point products such as ADC, integrated DDoS protection, AAM, and next-gen WAF, you can ensure service availability, strengthen customer trust and loyalty, and reduce business risk, complexity, and TCO.

Figure 1: A10 Next-Gen WAF, Powered by Fastly, on Thunder ADC

Next Steps

A10 Next-Gen WAF solution is offered on select Thunder form factors. To learn more about how the A10 and Fastly integration ensures application availability, high-performance application delivery, load balancing and protection with simplified deployment, please visit the:

• A10 Next-Gen WAF solution page
• A10 Next-Gen WAF product page
• A10 ADC and SLB solution page

About A10 Networks

A10 Networks (NYSE: ATEN) provides secure application services for on-premises, multi-cloud and edge-cloud environments at hyperscale. Our mission is to enable service providers and enterprises to deliver business- critical applications that are secure, available and efficient for multi-cloud transformation and 5G readiness. We deliver better business outcomes that support investment protection, new business models and help future-proof infrastructures, empowering our customers to provide the most secure and available digital experience. Founded in 2004, A10 Networks is based in San Jose, Calif. and serves customers globally.

For more information, visit A10networks.com and follow us @A10Networks.

About Fastly

Fastly’s powerful and programmable edge cloud platform helps the world’s top brands deliver the fastest online experiences possible, while improving site performance, enhancing security, and empowering innovation at global scale. With world-class support that consistently achieves 95%+ customer satisfaction ratings,* Fastly’s beloved suite of edge compute, delivery, and security offerings has been recognized as a leader by industry analysts such as IDC, Forrester and Gartner. Compared to legacy providers, Fastly’s powerful and modern network architecture is the fastest on the planet, empowering developers to deliver

secure websites and apps at global scale with rapid time-to- market and industry-leading cost savings. Thousands of the world’s most prominent organizations trust Fastly to help them upgrade the internet experience, including Reddit, Pinterest, Stripe, Neiman Marcus, The New York Times, Epic Games, and GitHub.

Learn more about Fastly at fastly.com and follow us @fastly.