Question: My company has a significant cloud services implementation, and we are looking at WAFs to help secure traffic for specific applications. Where do we start?
Akamai: Selecting a Web application firewall (WAF) can be very simple or very complex. Whatever you do, try to make sure it is cloud-agnostic.
Having a cloud-agnostic WAF, like something built on the edge, allows you to protect all of your applications – whether they're on-prem, in one cloud provider, or spread across multiple cloud providers – with the same solution.
This is a more architecturally elegant approach and one that allows your security team to scale – where you can protect applications regardless of where your developer teams are putting them and not have to manage multiple solutions or get in the way of your developers.
What do you advise? Let us know in the Comments section, below.