The Instart WAF is integrated into our core service and is therefore distributed across the entire global acceleration network. As a result, it will block attacks using the massive networking and processing surface area of the Instart service, soaking up the largest attacks, and stopping them before they can ever reach customers' origin servers.
This is important, as many attacks seen on the Internet today can easily overwhelm the more limited connection and appliance capacity that customers typically maintain between their data centers and the Internet.
For example, even if a customer has a 10GB link between their datacenter and the Internet, it is common to find attacks that would exceed this rate and easily saturate these types of connections. The WAF integrated into the Instart service is able to soak up attacks many times this size with ease, allowing legitimate traffic to continue on to the customer's origins.
This integrated service gives customers much higher levels of traffic protection than is cost effective when using WAF appliances and internet transit provisioned to a datacenter.