The future of business starts with developers

Learn more
Company The team behind better online experiences Network Map A new architecture for the modern internet Industry Analyst Relations See what industry analysts say about Fastly News Recent updates and announcements Platform The platform behind better, faster and more secure digital experiences Customer Stories See how the best of the web succeed Events Connect with Fastly at an event Careers Join the team that's building a better internet

The Fastly Edge Cloud Platform

See All Products
Content Delivery (CDN) Deliver fast, personalized experiences globally Live Streaming Deliver seamless live streaming experiences Streaming Video (VoD) Deliver exceptional on-demand video experiences Media Shield Optimize multi-CDN deployments On-the-Fly Packager Dynamically package on-demand video content in real time Image Optimization Rapid image processing at the edge Load Balancer Granular control over routing decisions TLS Encryption Reduce the complexity of TLS management Origin Connect Connect directly to Fastly IP Addresses Easily manage IP addresses HTTP/3 & QUIC Modern protocols Domain Research API Instant, accurate domain name discovery Object Storage Get direct access to large files at the edge with zero egress fees
Next-Gen WAF Modern web app and API security, anywhere Bot Management Detect and mitigate bot attacks DDoS Protection Automated mitigation of disruptive and distributed attacks API Security Secure your API endpoints Client-Side Protection Defend against client-side attacks AI Bot Management Stop AI bots from scraping website content
Edge Compute Take your apps to the edge — our instant platform helps you build amazing experiences for your users Key Value Store The fastest key value store you can get, but as easy to use as your familiar database tools Websockets & Fanout Real-time messaging, at global scale, with complete personalization and easy setup Developer SDKs Program the same services we use to build Fastly products Enterprise Serverless The most powerful serverless platform, built on open standards and integrated with Fastly’s full suite of products AI Accelerate your AI workloads and improve efficiency with semantic caching Object Storage Get direct access to large files at the edge with zero egress fees Programmable Cache Get full programmatic access to the same legendary caching that powers our CDN. MCP Server AI-powered control for your Fastly services.
Real-time Logging Stream and analyze logs in real-time Edge Observer Explore live and historical traffic data Domain Inspector Assess domain level insights Origin Inspector View complete origin to edge insights Alerts Create notifications for service-related metrics Log Explorer & Insights Interact with actionable insights

Extraordinary services for exceptional results

See All Services
Professional Services Expert help to migrate or optimize your delivery service Live Entertainment Services Live streaming experiences that scale with your audiences Support Plans World class support from start to finish Managed CDN Maximized control and flexibility Managed Security Expertly managed web application protection Customer Support Fastly Support helping you grow better, together

Innovative digital solutions

See all our solutions
Streaming Media Deliver stellar live and on-demand streaming Emerging Media High performance for emerging media brands Digital Publishing Real-time journalism with improved reader experiences eCommerce Fast, personalized experiences at scale Financial Services Integrated security to protect customer data High Tech Instantly scale your performance as you grow Travel & Hospitality Online tailored experiences for your guests and visitors Online Education Deliver secure learning experiences at scale Gaming Fuel your players’ next win with ultra-fast, secure game downloads
Infrastructure Savings Achieve lower, more predictable cloud spend Multi-cloud Optimization Reduce complexity and unify cloud resources Customer Trust Learn more about Fastly’s Customer Trust initiatives Privacy Enablement Learn how to protect your user's data Sustainability Dashboard See your electricity use and GHG emissions for the Fastly platform

Empowering every developer to build incredible experiences

Try Fastly Free
Developers Build something amazing today Fast Forward Creating a more trustworthy internet Dev Tools Dev tools built for teams - with an edge Developer SDKs Program the same services we use to build Fastly products Community Join developers around the world Sign up Create a free developer account

Help build a fast, safe, and engaging internet with Fastly

Why Partner with Fastly Help deliver safe, fast and engaging experiences Cloud Partners Learn about the benefits of combining Fastly with your cloud services Channel Partners Enhance your offerings & capabilities with Fastly products Technology & Integration Partners Explore our partner ecosystem
Partner Portal Login Access all your Fastly partner resources Become a Partner Enhance your business by reselling or referring Fastly products Find a Partner Let us help connect you with the right partner for your needs

Get Help with Fastly

Documentation Get the most out of Fastly Resource Library Explore data sheets, reports, and more Fastly Academy Hands on learning with Fastly products Learning Center Learn about Internet technology Blog Our latest thoughts and ideas Security Research Stronger security through research Fastly's POV Explore expert and industry insights
Support Center How can we help? Contact Us Get in touch today

Fastly Next-Gen WAF Agent Performance Benchmarks

The Fastly Next-Gen WAF engineering team developed an agent performance testing framework to determine CPU and memory utilization in various host configurations.

The Fastly Next-Gen WAF engineering team developed an agent performance testing framework to determine CPU and memory utilization in various host configurations. The resulting benchmarks represent what our customers routinely see in their production deployments: that our lightweight agent requires few host resources, will not create significant latency yet remains performant.

Introduction

From inception, the Fastly Next-Gen WAF agent was designed to be as lightweight and efficient as possible wherever our customers run their apps and APIs. We provide the agent performance metrics in this document based on internal performance testing to prove out that our agent is lightweight, requires few host resources, and will not create significant latency once installed1. When evaluating web application and API protection solutions, we know performance is top of mind for development and operations teams: businesscritical applications must be performant and available to drive your business. Additionally, legacy WAF and other application and API protection solutions typically lead to significant performance and reliability issues that do not occur with the Next-Gen WAF.

Example Performance Benchmark Scenario

To report on the benchmarks presented in this document, our engineering team analyzed our agent usage metrics across multiple typical customer configurations. Below we focus on one test scenario our team chose because it reflects a common host configuration we see across our customer base. Most acronyms used in this document will be known to development, operations, and security professionals, but to be clear, “RPS” stands for “Requests Per Second”: 1,000 web requests per second per server is well over the average request volume of even large scale web apps and APIs experience in production. As the data below proves, even with significant request traffic load, our agent decision remains fast and performant, which is why it’s trusted by some of the largest scale companies on the Internet. Before moving on to the benchmark results, two factors influence the resulting agent performance metrics in our test scenario:

  • Request rate (RPS) and size impact performance results most.

  • The larger the request volume, the bigger the request size, and thus, the more CPU and memory resources are required.

Typical Test Scenario

1,000 RPS on compute instance with eight (8) cores running at 3.6GHz: running the benchmark test on a host with this configuration, the following findings result:

  • Median agent decision time required: under one millisecond. Larger requests take longer, but the agent still decides to block or allow the request in an average of 1.43ms for requests over 7KB in size.

  • CPU utilization on average: up to 35% for medium-sized requests.1

  • Agent memory utilization: around 40MB of available host memory1 — memory utilization is dependent on volume and size.

RPS Simulated

Request Size (bytes)

Median Agent Decision Time (Milliseconds)

Avg. Agent CPU Utilization % (out of 100%)

Avg. Memory Usage (bytes)

1,000

None (0)

0.2

7.61

31MB

1,000

Small (560)

0.33

10.95

35MB

1,000

Med (7,320)

0.98

34.54

31MB

NOTE: The resulting metrics do not include overhead potentially generated by the module. The Next-Gen WAF's module resource consumption is highly dependent on the application itself. However, typical applications add very little overhead.

1 Performance can vary by environment so you may not see similar results.

Related Resources

  • Fastly Response Security Service
    Fastly Response Security Service

    Learn how you can prepare for and respond to suspected attacks with industry-leading support from Fastly security experts.

  • Fastly Managed Security Service

    Explore how Fastly’s global security experts can continuously monitor and proactively mitigate attacks 24/7 so you can maximize protection and focus efforts elsewhere.

    Learn more

  • Fastly Security Professional Services

    Learn how our team of application security experts is here to help every step of the way.

    Learn more

Our network map

A more powerful global network

We built our network with intention. By design, we run fewer POPs than our competitors, but they’re much more powerful so we can cache more and serve it faster. Our network is fully software defined. We can do anything, and do it faster.

Take a closer look
An illustration with a grayscale globe covered by red location pins

  • On average

    150 ms

    purge time with Instant Purge™

    1

  • More than

    1.8 trillion

    Daily requests served

    2

  • Almost

    90%

    Of customers run Next-Gen WAF in blocking mode

    3

  • Key Fact

    427 Tbps

    Edge Capacity

  • Up to

    32%

    faster time to first byte (TTFB) than other CDNs

    5

Ready to get started?

Get in touch
Talk to an expert