HAProxy Enterprise 2.9 Raises the Security Bar in Application Delivery

0
HAProxy Technologies unveiled HAProxy Enterprise 2.9 during the RSA Conference 2024. This significant release marks a new benchmark in application delivery security.

The world’s leading companies and cloud providers trust HAProxy Technologies to protect their applications and APIs. HAProxy Enterprise 2.9 advances its security solution with next-generation WAF and bot management capabilities. This release also extends HAProxy Enterprise’s legendary performance and flexibility to support real-time applications that use the UDP transport protocol that powers much of the modern web. Supported by industry-leading benchmark results, these landmark features offer customers a powerful solution to security, latency, and scale challenges.

“The application delivery market is poised for disruption, and we’re eager to play that role,” said Dujko Radovnikovic, CEO, HAProxy Technologies. “Too often, application teams are forced to compromise between security, performance, and simplicity. With the launch of HAProxy Enterprise 2.9, we’re delivering secure application delivery without compromise. This is the fastest, simplest, and most secure solution on the market.”

Early Adopters Highlight Incredible Value

Customers who participated in an early adopter preview of HAProxy Enterprise 2.9 shared their feedback on the new features, highlighting the value of low-latency security and load balancing at scale.

“The next-generation HAProxy Enterprise WAF protects our public APIs and user portal and makes a valuable improvement to our overall application security posture,” said Andro Galinović, Chief Information Security Officer at Infobip. “Other on-premises solutions didn’t scale well with our global scope and huge API traffic load, but the new HAProxy Enterprise WAF keeps latency and resource use low, while having a very low false positive rate.”

“HAProxy Technologies demonstrated great commitment and support throughout our rigorous vendor selection process, including a successful proof of concept, functional and non-functional performance testing, and optimizing security rules for our unique use case,” said Juraj Ban, Security Architect, Infobip. “The stability and maturity of the product and the support gives us confidence in our ability to scale and secure our services.”

“The new HAProxy Enterprise UDP Module works efficiently and quickly to load balance our RADIUS servers with minimal latency overhead,” said Mikel Cranfill, IT Server Administrator II, Hendrick Health. “Enabling high availability on our authentication servers is a great relief to our network team. Additionally, with HAProxy Fusion Control Plane integrating centralized monitoring with Grafana, we have experienced a substantial increase in observability and easier troubleshooting. HAProxy Enterprise has considerably improved our load balancing infrastructure. Great customer support (with quick response and thorough resolution), easy maintenance, and robust security allow us to focus on serving our customers instead of our load balancers.”

Key Features and Performance of HAProxy Enterprise 2.9

HAProxy Enterprise 2.9 simplifies application delivery, enhances security, and boosts scalability. Key features include a next-generation WAF, bot management, and UDP load balancing for time-sensitive applications.

Web Application Firewall

  • A web application firewall is crucial for protecting applications from attacks such as SQL injection, cross-site scripting (XSS), and remote file inclusion (RFI) that can cause downtime, data loss, fraud, and more.
  • The next-generation HAProxy Enterprise WAF powered by the unique Intelligent WAF Engine brings industry-leading efficacy and performance, helping customers protect their business and reputation, simplify security, and reduce the impact on application performance and user experience. The Intelligent WAF Engine is a single low-latency process based on the company’s unique data science, security analytics, and real-world datasets. It identifies security threats using a non-signature-based detection system capable of blocking emerging and zero-day threats without requiring users to create and manage long or complex lists of rules.
  • HAProxy Enterprise WAF protects application traffic, provides optional OWASP Core Rule Set compatibility, reduces false positives, and minimizes latency. In testing based on open source WAF benchmark data, it scores a balanced accuracy of 98.53% (compared to the industry average which is below 90%) with latency below measurable thresholds for the majority of attack payloads. The OWASP CRS compatibility mode provides an incredibly low false positive rate of 1.78% at paranoia level 2 (compared with 28.36% for the ModSecurity WAF at the same paranoia level).

Bot Management

  • Organizations with websites and web applications must protect against the effects of malicious bots, which can include DDoS attacks, ad fraud, content scraping, vulnerability scanning, and API abuse.
  • The HAProxy Enterprise Bot Management Module brings fast, reliable, and flexible management of automated traffic. It empowers customers to protect their business and reduce the resource cost of serving requests from unwanted bots.
  • The HAProxy Enterprise Bot Management Module identifies bot traffic reliably and with low latency. Detection, processing, and enforcement are done locally on each HAProxy Enterprise instance, with no reliance on an external connection. This keeps customers’ data local and secure, enabling compliance with privacy and data protection regulations.
  • Flexible integration with HAProxy Enterprise’s suite of other powerful security layers (including the next-generation HAProxy Enterprise WAF and Global Rate Limiting) allows customers to tailor their protection and enforcement options based on the context provided by the HAProxy Enterprise Bot Management Module and the other security signals available in HAProxy Enterprise.

UDP Proxying and Load Balancing

  • UDP is a connectionless protocol used for time-sensitive applications such as DNS lookups, streaming video, playing online games, and transporting log data. Load balancing is critical to providing reliable and performant application delivery.
  • HAProxy Enterprise provides unified load balancing with support for a broad range of protocols. HAProxy Enterprise 2.9 extends HAProxy Enterprise’s performance and reliability to UDP applications (such as those using DNS, NTP, RADIUS, or Syslog).
  • The HAProxy Enterprise UDP Module provides best-in-class UDP performance, enabling customers to scale higher, eliminate performance bottlenecks, reduce resource utilization on servers and cloud compute, and decrease overall costs.
  • In a performance benchmark of Syslog throughput with a log line message size of 1,472 Bytes, a single instance of HAProxy Enterprise 2.9 processed 3.8 million Syslog messages per second (46Gb/s) – 4.6X faster than the nearest enterprise competitor. When sending Syslog messages to log servers with a bandwidth of 40Gb/s, HAProxy Enterprise 2.9 achieved a very high delivery rate of 99.2% – 4X more reliable message delivery than the nearest enterprise competitor. UDP does not perform error correction, so reliable message delivery is critical to providing high quality of service.

An Enterprise Platform with Robust Open Source Foundations

HAProxy Technologies provides the world’s most trusted load balancing solution, leading G2’s Grid Reports with a Satisfaction Score of 97. This is a testament to HAProxy Technologies’ powerful enterprise platform and robust open source foundations.

The release of HAProxy Enterprise 2.9 reinforces HAProxy Technologies’ position as the industry leader in application delivery and security. It significantly advances the company’s flagship enterprise product with even better performance, flexibility, and security. The enterprise suite, which includes HAProxy Fusion for centralized management, monitoring, and automation of the proxy layer, provides a secure application delivery platform for modern enterprises and applications.

Customers continue to benefit from the combination of HAProxy’s open source core and robust peer review with HAProxy Technologies’ authoritative support and high-performance modules focused on the needs of today’s enterprises. HAProxy Enterprise 2.9 incorporates the features and enhancements previously announced in version 2.9 of the community version, which further extends HAProxy’s performance, flexibility, and observability.

HAProxy Technologies is setting the new security standard for application delivery. High-performing teams delivering mission-critical applications and APIs need the most secure, reliable, and efficient application delivery engine available. HAProxy Enterprise’s no-compromise approach to secure application delivery empowers organizations to deliver next-level enterprise scale and innovation.

See HAProxy Technologies and HAProxy Enterprise 2.9 at RSA Conference 2024

HAProxy Technologies is a sponsor at RSA Conference 2024. Attendees can learn more about HAProxy Enterprise 2.9 by joining the session “Don’t let bots get you down: better bot management for stronger enterprise security” presented by Nenad Merdanovic, Principal Solutions Architect and by watching the on-demand session “Beating the Top 3 Challenges Facing the Critical WAF Security Layer” presented by Jakub Suchy, Director, Solutions Engineering.

Upgrade to HAProxy Enterprise 2.9

Existing customers can upgrade to HAProxy Enterprise 2.9 at the website.

Application teams using another load balancer or application delivery controller can request a free trial that includes all features of the HAProxy Enterprise suite with no performance limitations. Our experts will guide users through the trial process and seamless upgrade to the full license at the end of the trial period with no traffic interruptions.

Related News:

IGEL Ready Developer Program and Toolkit Announced

Bugcrowd AI Pen Tests Introduced to Improve Confidence in AI Adoption

Share.

About Author

Taylor Graham, marketing grad with an inner nature to be a perpetual researchist, currently all things IT. Personally and professionally, Taylor is one to know with her tenacity and encouraging spirit. When not working you can find her spending time with friends and family.