Testing Varnish performance after patching for Meltdown & Spectre

2018 started with a bang!

Read More

1/24/18 1:00 PM
by Arianna Aondio

Introducing Varnish Total Encryption

It seems like security is now more important than ever in our industry. And just when we think we have things under control, vulnerabilities like Meltdown pop up, forever changing the security landscape as we know it. When we think about what we can do to prevent these vulnerabilities, writing perfect code and designing perfect systems would be great. Obviously that is not always possible, or realistic to expect. It is for these reasons that we design countermeasures. Things like firewalls, WAFs, advanced compilers, static analysis, SSL/TLS, and encryption, these are all examples of countermeasures that can greatly enhance the overall security of our systems. When used properly, these measures can neutralize entire classes of security vulnerabilities and security risks. It is with this in mind that we designed Varnish Total Encryption.

Read More

1/18/18 1:00 PM
by Reza Naghibi

Edge Logic: Securing Varnish with per-user JSON data

When using a traditional CDN or caching system, creating user-centric security and access policies can be a complex and performance challenging undertaking. Not only do you have to pull user data from a backend, but you then have to apply the security policies from that data onto the request. VCL is an excellent candidate for the latter problem of applying security policies to requests. This leaves the problem of how you get user data (JSON) into VCL? How do you do that on a user-by-user basis? And how do you do that in a way where you keep backend communication to an absolute minimum, or put another way, serve as much data from cache as possible?

Read More

10/25/17 3:00 PM
by Reza Naghibi

Varnish Software Blog

The Varnish blog is where our team writes about all things related to Varnish Cache and Varnish Software...or simply vents.


Recent Posts

Posts by Topic

see all