Over the next six months, Akamai’s Web Application Protector (WAP) — which is designed to help you easily safeguard your web assets from DDoS and web application attacks — will get a range of new enhancements, and I wanted to give you a quick overview of what you’ll find:
- User interface improvements: The new and improved interface makes Web Application Protector more powerful and easier to use. The navigation has been simplified so that security protections and settings are more clearly organized and intuitive to use. (You'll see a banner at the top of the Web Application Protector summary page after your interface has been updated.)
- Configuration versioning: With this improvement, configuration versions can be managed with ease in the user interface; you’ll have the ability to roll back to previous configuration versions and view your detailed activation and version history.
- Expanded header-logging options: The new Advanced Settings tab in WAP will give you the option to customize the HTTP headers that are written to the security access logs.
- Ability to activate configurations on the Akamai Staging network: This enhancement provides you with the option of activating your security configuration on the Akamai Staging network before deploying it to the production network. This allows for functional testing of your site, application, or API with new security configuration changes before exposing them to your end users.
- Security protections:
- Network firewall: Ability to apply exclusions via network list to IP and GEO block controls
- DoS protection: Ability to apply different response actions within a single rate policy, for IPv4 and IPv6 traffic
- Web application firewall: Within Akamai’s web application firewall, you’ll see two specific enhancements:
- The penalty box can be put into “alert” mode in addition to the existing “deny” mode
- There will be enhanced exception criteria for attack groups, with support for wildcards in the match criteria and expanded header options
Akamai will begin rolling out these enhancements to Web Application Protector customers starting in late September. Your account team will contact you if any special handling is required prior to the migration.
Meanwhile, we will continue designing and building more improvements to make Web Application Protector even more robust for you.
Amol Mathur is a product line director at Akamai Technologies.