Incapsula Launches Cloud-Based Web App Firewall

A Redwood Shores, Calif.-based startup called Incapsula is trying to democratize web site security and performance by utilizing the distributed, yet centralized, nature of cloud computing. In some ways, its namesake product, available today, is the epitome of a cloud service because it utilizes both crowdsourcing and centralization to create, hopefully, the best-possible experience for all users.

Incapsula is a web application firewall that gathers threat information from across the network of customers and then stores them in a central server that disseminates that information to everybody else. It also speeds downstream traffic for sites by caching content in Incapsula’s servers, which are distributed across three continents, and then serving it by connecting directly with the Internet backbone instead of locally housed content’s usual course of traveling from the customer’s last-mile network to the nearest network hub, and then to the backbone. It’s able to do all of this, Incapsula Co-Founder Marc Gaffan said, because users point their sites to Incapsula via DNS, resulting in all site traffic being routed through Incapsula’s servers. The service isn’t exactly an Akamai-class CDN, but as part of the larger security-centric service, it probably doesn’t need to be.

Gaffan said Incapsula also provides customers with lots of analytics that should give them the insights they need to proactively adjust their security and performance practices. For example, he explained, web sites receive lots of machine traffic, of which most is benign, but some might be advanced hacking attempts. Incapsula will let users spot the malicious traffic, determine where it came from and what it was trying to do, and then to act accordingly.

The company’s goal, Gaffan said, is to provide Fortune 500 technology at a low price, which is why the cloud service model is ideal. It means that customers get a product that’s easy to use and that they can pay for based only on how much they use. The idea isn’t completely new — cloud-based security software is now fairly common, at least when it comes to protecting networks and devices — but web applications firewalls still generally are installed software or appliances, and Incapsula’s unique security-plus-performance spin and web site focus might strike a chord among SMBs that don’t have large, well-trained security teams and IT budgets that can accommodate CDN services.

From Incapsula’s standpoint, though, the real issue might be how long it will be until the market is loaded with options. Its parent company, Imperva, most likely won’t compete by offering a cloud-based version of its web application firewall, but competitors such as Citrix and Art of Defence certainly might. Businesses looking to decrease their IT budgets and complexity are already consuming applications from CRM to databases to systems management as cloud services, so it seems plausible that web application firewalls will be next. As we’ve seen in those areas, the early leaders are never alone for long.