26
Feb
2015
Layer 7 Visibility - Beyond the Buzzword

As a website operator you’ve probably heard vendors, including Incapsula, mention the benefits of layer 7 visibility. However, you may not have ever received a clear explanation as to why it is important to your organization.

In this post, we’ll go beyond buzzwords and delve into the advantages of layer 7 visibility as a DevOps tool used for load balancing and DDoS mitigation.

Read more »

19
Feb
2015
Free IPv6 Support for All Incapsula Clients

With this upgrade, Incapsula can be used as a backward and forward-compatible IPv6-to-IPv4 gateway that supports all IPv6 communication scenarios.

Backward and forward-compatible IPv6-to-IPv4 gateway

This has two main benefits:

  • Free IPv6 for everyone – Adding to its security, availability and acceleration capabilities, Incapsula can now be used as a plug-and-play IPv6 compatibility solution.
    Any website operator in need of IPv6 support can now skip the resource and time-intensive upgrade by using Incapsula’s free Content Delivery Network (CDN) to seamlessly facilitate all IPv6-to-IPv4 communications.
  • Better Compliance – With its newly developed ability to handle end-to-end IPv6 communications, Incapsula is now fully compliant with regulatory demands calling for IPv6 support (e.g., DAE Action 89).
    This not only addresses a commonly expressed need for existing Incapsula clients, but also opens the door for new and existing business opportunities in government and enterprise sectors.

Read more »

11
Feb
2015
Introducing our New System Status Page

Today we are happy to announce the launch of our new system status page, which helps our clients track Incapsula network status worldwide, including server health and software updates.

This new system provides real-time visibility of the condition of Incapsula’s global network, offering our clients centralized updates on:

  • System Status – Allows you to confirm the availability of all Incapsula data centers and granularly observe the current status of the Incapsula management console and API on each and every Incapsula PoP.
  • Outages and Incidents – Helps keep track of major network events that may potentially impact your own service.
  • Patching and Maintenance – Provides information about Incapsula maintenance cycles and major security patches.

Incapsula’s enterprise clients can also subscribe to receive real-time network status notifications, available via SMS or Email.

Read more »

29
Jan
2015
New Data Center Goes Live in Zurich Switzerland. Total Network Capacity Surpasses 1Tbps.

This week we are happy to announce the activation of Incapsula’s 21st data center in Zurich, Switzerland. With this deployment Incapsula achieves a firm local presence that enables clients to comply with the strict demands of Swiss privacy laws and Swiss federal data protection regulations (DPA).

The Zurich deployment culminates an extensive network-wide upgrade, during which we expanded the capacity of existing data centers to further improve Incapsula's resilience against large-scale DDoS attacks.

With the conclusion of 2014’s upgrade cycle, and with the additional muscle provided by this new Zurich facility, Incapsula’s overall network capacity now surpasses 1Tbps.

Read more »

22
Jan
2015
2014 Bot Traffic Report

Load balancing is a critical function for online organizations needing to cost-effectively scale their operations. This technology distributes traffic and application loads across multiple servers, while also ensuring business continuity via automatic failover processes.

Solutions are abundant, and evaluating which one best fits your infrastructure, availability, and growth requirements is no simple matter. Incapsula’s new How to Choose a Load Balancing Solution guide helps you with this process. It addresses several key questions, including:

  • What are the essential characteristics of today’s load balancing technologies?
  • What are the key criteria for selecting a load balancing solution?
  • Which distribution methods are best suited for your IT environment?
  • Which solutions offer cost-effective scalability, and at what trade-off degree?
  • Which solutions are most compatible with hybrid or cloud environments?

Written by industry experts, Incapsula offers you the 18-page document as a free download, with the intention of helping you reach an effective data-driven purchase decision.

Read more »

18
Dec
2014
2014 Bot Traffic Report

As Incapsula’s prior annual reports have shown, bots are the Internet’s silent majority. Behind the scenes, billions of these software agents shape our web experience by influencing the way we learn, trade, work, let loose, and interact with each other online.

Bots are also often designed for mischief, however. In fact, many of them are used for some kind of malicious activity—including mass-scale hack attacks, DDoS floods, spam schemes, and click-fraud campaigns.

For the third year running, Incapsula is publishing our annual Bot Traffic Report—a statistical study examining the typically-transparent flow of bot traffic on the Web. This year we build upon our previous findings to report year-to-year bot traffic trends. We also dig deeper into Incapsula’s database to reveal an even more substantial data sample, providing new insights into bot activity.

Read more »

10
Nov
2014
Shellshock - 28 and some days later

As any security researcher will tell you, zero-days never die young. The reason is simple. Even when rapidly released, official patches are only useful for containment. Left unattended, some resources will remain vulnerable. . These might be some old WP templates using an older version of TimThumb or, in the case of Shellshock, a home router having an outdated Linux installation. One way or another, there are always stragglers for attackers to prey on.

Today, more than thirty days after Shellshock was officially disclosed, there are still plenty of them roaming around...

Read more »

31
Oct
2014

On Thursday, the Drupal Security Team issued a PSA on the Drupal 7 SQL injection vulnerability (SA-CORE-2014-005). The announcement underscores the importance of updating your server to Drupal 7.32.

Incapsula issued an update to our WAF rules on October 15 to protect against SA-CORE-2014-005. Customers who have the WAF enabled are protected against this vulnerability. To confirm SQL injection protection is on, log into your Incapsula account, go to Settings > WAF, and confirm that SQL Injection is set to Block Request.

Read more »

30
Oct
2014
New Data Center Goes Live in Stockholm Sweden

Today we are pleased to announce the activation of Incapsula’s latest data center in Stockholm, Sweden—located in the lucrative Telecity STO1 facility.

With this new point-of-presence (PoP), we’ve expanded our portfolio of connectivity routes to provide better performance to visitors in the Nordic region, Baltic countries, and Eastern Europe.

Read more »

21
Oct
2014
Deprecating SHA-1 Hash Algorithm. Why, What and When.

As some of you may already know, in September Incapsula began the process of replacing all SHA-1 SSL certificates with the more secure SHA-2 version. This transition is on schedule and will be completed within the following week. In addition, all new SSL certificates issued by Incapsula will use the SHA-2 algorithm.

Our decision to discontinue SHA-1 support is in line with the industry trend, which acknowledges the potential weakness of the SHA-1 cryptographic algorithm.

In November 2013 Microsoft was the first to announce its timetable for phasing out SHA-1 certificates. According to this timetable, MSN platforms will stop supporting SHA-1 as of January 1, 2017.

More recently, Google and Mozilla announced that their browsers will no longer trust SHA-1 encrypted SSL certificates with expiration dates past December 31, 2016...

Read more »