Introduction
The rise of ARM-based platforms is transforming the landscape of on-premises and cloud computing with increasing adoption from small to large-scale deployments. ARM architectures are gaining traction across Kubernetes, Docker, and traditional Linux environments, with many businesses transitioning from x64/x86 to ARM. As ARM platforms host a growing number of scalable web applications and APIs, the need for robust security solutions like Web Application Firewalls (WAFs) becomes essential.
Modern WAF solutions for ARM platforms must protect against known and unknown threats (“zero-day” attacks) while integrating seamlessly with cloud-native environments like Kubernetes and Docker.
Responding to this growing demand, open-appsec team is excited to announce upcoming support for ARM platforms in our WAF solution. This addition addresses a key request from our user community, eager to see open-appsec WAF deployed on ARM-based Kubernetes, Docker, and Linux platforms.
Why Are ARM-Based Platforms Gaining Popularity?
ARM-based platforms are increasingly favored for their energy efficiency, cost-effectiveness, and balanced performance, making them ideal for a wide range of applications. ARM’s reduced instruction set computing (RISC) architecture requires fewer transistors, reducing power consumption and heat generation compared to traditional x86 architectures.
The lower cost of ARM-based instances on major cloud platforms is a significant driver of this shift:
AWS Graviton: Amazon Web Services (AWS) offers Graviton processors, which are custom-built ARM processors designed by AWS to provide high performance at a lower cost. AWS Graviton instances are optimized for a variety of workloads, including containerized applications, microservices, and web servers. The Graviton series (Graviton, Graviton2, and the latest Graviton3) delivers up to 40% better price-performance compared to traditional x86 instances.
Azure Ampere Altra: Microsoft Azure's Ampere Altra ARM-based virtual machines offer a highly scalable, energy-efficient solution for workloads like web servers, databases, and AI/ML applications. These instances provide predictable performance and superior price-performance benefits, making them ideal for developers building on ARM architectures.
Google Cloud Tau T2A: Google Cloud offers ARM-based Tau T2A instances, built on Ampere Altra processors. These instances are designed for general-purpose workloads and deliver an impressive combination of performance and cost savings, making them suitable for various applications, including web hosting, development environments, and microservices.
These ARM-based instances from AWS, Azure, and Google Cloud provide businesses with cost-effective, scalable solutions without compromising performance. The scalability and flexibility of ARM enable companies to adapt these instances for anything from low-power IoT devices to high-performance computing needs.
The Need for a Modern WAF Solution for ARM Platforms
ARM-based instances, such as AWS Graviton, Azure Ampere Altra, and Google Cloud Tau T2A, provide cost-effective and scalable computing for cloud and on-premises environments, making them suitable for diverse applications. A significant use case is hosting web applications and APIs on ARM, particularly on Kubernetes and Docker platforms. To secure these deployments, a robust WAF solution is essential.
open-appsec WAF offers automatic, low-maintenance protection against known and unknown threats, seamlessly integrating with modern cloud-native environments like Kubernetes, Docker, and GitOps CI/CD flows. Unlike traditional, signature-based WAFs, open-appsec WAF uses machine learning to provide proactive defense without the need for constantly updated threat signatures, addressing a major gap in traditional security models.
Announcing Support for open-appsec WAF on ARM Platforms
open-appsec WAF is engineered with a modern Threat Prevention engine built entirely on machine learning, providing advanced protection against both known and zero-day attacks while minimizing administrative overhead and false positives.
Recognizing the expanding role of ARM platforms in cloud-native environments, open-appsec is thrilled to announce upcoming support for ARM-based platforms. This support will include Kubernetes, Docker, and Linux-embedded environments, with releases starting in an “Early Availability” phase.
open-appsec Configuration Management: Local and Central
open-appsec WAF offers flexible management options, including a central WebUI (SaaS) for easy, centralized control. Alternatively, it supports local, declarative configurations through custom resources in Kubernetes or configuration files in Docker and Linux, making it compatible with CI/CD and GitOps workflows.
Even when managing open-appsec locally, you can still connect to the central WebUI in a read-only mode for configuration visibility, deployment monitoring, and access to security logs with comprehensive reports and dashboards.
Sign up for a free WebUI tenant here: https://my.openappsec.io
Sign Up for Early Availbility!
Interested in the new open-appsec for ARM? Sign up here and we will contact you soon with more details.
open-appsec is an open-source project that builds on machine learning to provide pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks. It simplifies maintenance as there is no threat signature upkeep and exception handling, like common in many WAF solutions.
To learn more about how open-appsec works, see this White Paper and the in-depth Video Tutorial. You can also experiment with deployment in the free Playground.