Verizon Digital Media Services Launches Cloud-Based Web Application Firewall That Increases Defenses Against Cyberattacks

NEW YORK – In an initiative that constitutes a major advancement in the fight to protect websites and Web applications from cyberattacks, Verizon Digital Media Services is announcing the beta launch of a cloud-based Web application firewall.

The Verizon WAF sets a new standard for reaction time to attacks: Once a new exploit has been identified, WAF rule sets -- procedures that control access to websites -- can be selected and deployed worldwide within minutes. The Verizon WAF has more rule sets deployed to the cloud than other cloud alternatives. And a tightly integrated content delivery network and WAF command-and-control plane give customers more controls and tools to block and fend off attackers.

“In initial testing we found the Verizon WAF to be extremely intuitive with a level of control not seen in other cloud-based WAFs,” said Charles Hachtmann, chief technology officer of Novica, an online retailer of artisan-crafted gifts, decor and jewelry. “Furthermore, the integration of the WAF into the Verizon EdgeCast Control Center significantly reduced our learning curve.”

WAFs, an increasingly important security service needed to protect websites and Web applications, have traditionally been deployed on customers’ premises and have involved complex customizations to support the applications they protect. By contrast, a WAF deployed in the cloud offers customers cost savings, on-demand scalability, always-on capabilities and swift time-to-market benefits.

The Verizon Digital Media Services cloud deployed WAF service offers an affordable, CDN-integrated, always up-to-date solution for protecting websites and increasing their performance. It delivers a broad set of rules to combat a wide range of possible attacks.

This is accomplished by supporting a combination of WAF rule sets that work in tandem: the generalized ModSecurity Core Rule Set from the Open Web Application Security Project, known as OWASP, and the advanced, commercial rule set from Trustwave, a leader in Web security. Both rule sets, as well as the ModSecurity WAF the Verizon WAF is built on, are backed by Trustwave threat intelligence and research.

"In today's Web application-threat landscape, organizations should employ security in layers where it is more cost-effective to block easy-to-spot attacks in the cloud, in combination with deeper analysis at the customer location,” said Andy Bokor, general manager of Threat Intelligence and Research at Trustwave. "We applaud Verizon for using ModSecurity and the Trustwave commercial rules, as they are a perfect fit for Web application defense in a cloud architecture."

The level of control offered to the customer also is a significant step forward in cloud-based security. Updates can be pushed out in less than five minutes to all Verizon EdgeCast servers on a worldwide basis – up to 900 percent faster than competitive offerings.

The WAF is part of the Verizon Digital Media Services Defend product suite, which includes built-in protection against network-layer distributed denial of service attacks and origin-cloaking capabilities via Origin Shield. Learn more about Verizon EdgeCast’s Security capabilities by clicking on http://www.edgecast.com/services/security/.

Verizon Digital Media Services provides blazing-fast and secure websites, the highest-quality video and massive scale for exceptional multi-screen experiences -- all while reducing costs. The end-to-end platform removes the complexities of connecting an increasingly mobile world and enabling businesses to securely leverage the cloud. For more information about Digital Media Services, visit www.verizondigitalmedia.com.