This content is part of the Essential Guide: Picking the best firewall software, hardware or application
News Stay informed about the latest enterprise technology news and product updates.

Verizon unveils cloud-based WAF

Verizon bolstered its cloud security presence with a new web application firewall. The cloud-based WAF puts the telecom giant in the growing cloud firewall market with Akamai, Imperva and others.

Verizon has entered the growing Web application firewall market with a new cloud-based WAF for its Verizon Digital Media Services' EdgeCast content delivery network.

Verizon's cloud-based Web application firewall (WAF) is currently in beta with a projected launch for general availability sometime in the fourth quarter of 2014. The product, which will be part of the Verizon Digital Media Services Defend product suite for its EdgeCast content delivery network customers, marks a major step in the telecommunications giant to bolster its cloud security offerings.

"We're really putting our stake in the ground for security," said James Segil, chief marketing officer for Verizon Digital Media Services. "It's a huge benefit to our CDN (content delivery network) customers."

The Verizon WAF comes with a host of features and components, most notably more than 19,000 specific rules for users to choose from that are designed to protect Web applications and websites from a wide range of cyberattacks. The rules come from a combination of two WAF rule sets -- the ModSecurity Core Rule Set from the Open Web Application Security Project and a commercial rule set from Trustwave -- which users can customize via a command-and-control interface.

Segil said the number of granular options for rules is a key differentiator for its WAF product.

The decision the customer needs to make is, 'Do I want to have this type of firewall in the cloud or do I want to add another appliance to the data center?'
James Segilchief marketing officer, Verizon Digital Media Services

New York-based Verizon's Digital Media Services Defend security product suite for EdgeCast customers already includes built-in protection against network-layer distributed denial-of-service attacks and origin-cloaking capabilities. But the cloud-based WAF extends its protection capabilities to customers' Web applications.

In addition, Segil said, Verizon's WAF more control for customers to determine what kind of content and traffic can be allowed through the WAF. The WAF's rules engine allows users to block certain file formats like JPEG or CCS files or develop specific rules for certain content and traffic types.

Segil said putting Verizon's WAF in the cloud rather than on premise delivers customers cost savings, superior scalability and faster on-demand service. For example, because Verizon's WAF is based in the cloud, the company claims it can push out software updates to all EdgeCast customers across the globe within five minutes.

"The decision the customer needs to make is, 'Do I want to have this type of firewall in the cloud or do I want to add another appliance to the data center?'" Segil said. "When you buy an appliance, you have to update the software and the security rules. But by bringing this to the cloud, we're constantly updating the firewall for you."

Verizon's WAF puts the company in the same competitive field as Akamai Technologies Inc. and its recently acquired Prolexic unit, Imperva Inc., and other security vendors. But Segil believes Verizon's size and integrated product suite gives the company an advantage over cloud-based WAF competitors.

"You see Akamai and Imperva and others in this space," Segil said, "but I don't think other companies have the kind of size and scale that we have."

Pricing for the Verizon WAF has not been announced, but the company said the service will feature a tiered monthly billing approach for EdgeCast customers based on the contracted volume (Mbps) or quantity of HTTP requests for each CDN platform deployed by the customer.

Dig Deeper on Cloud Security Services: Cloud-Based Vulnerability Scanning and Antivirus