Greetings and Welcome, Before going to the teachable on WAF on CE. I would like to give a brief introduction on F5 Distributed Cloud Services. 

F5 Distributed Cloud Services or F5 XC are SaaS-based security, networking, and application management services that enable customers to deploy, secure, and operate their applications in a cloud-native environment wherever needed-data center, multi-cloud, or the network or enterprise edge.

F5 XC Global Infrastructure consists of Point of Presence with their own highly meshed backbone are used to provide customer services. These PoPs can be used to expose customer services to the public internet and also used to run customer application.

These Point of Presence or PoPs are also known as Regional Edge. 

These PoPs are spread across different geographical locations throughout the globe so that they are closer to end consumer on public Internet or their distributed application locations.

Customer Edge or CE is a Kubernetes based integrated software stack, which is managed centrally via the SaaS console and can be instantiated in public cloud, On-premises Data Centers, and at the edge as well.

Both PoPs or REs and the CEs can deliver a comprehensive range of solution to securely deliver customer applications wherever they are located.

In this teachable, we will focus on the Web Application Firewall in F5 XC, which has evolved to include broader capabilities and turned into a broader category called WAAP which is Web Application and API Protection. Which includes WAF, DDoS, Bot Defense and API security.

F5 XC Global Network can be utilized into 3 kinds of infrastructure, at first, we have WAAP on RE. In this case application is either run on RE or connects to data centre or public cloud near to RE.

2nd type of infra is WAAP on RE + CE, which includes traffic flowing through the F5 Global Network with RE and to the CEs connected to those RE. This extends the F5 XC global network towards the customer premises and connects application network to XC global network through CE.

Finally, we have WAAP on CE, where traffic alone is made to pass to a Node deployed near to the Customer premises and users' traffic is directly passed to CE but not F5 XC Global Network. This use case provides feasibility to the customer to interconnect multiple networks using CE and also provides ability to not to share the traffic to F5 XC global network.

In this teachable, we consider the case WAF on CE, by enabling one of the WAAP feature capability called WAF or Web Application Firewall on CE deployed in AWS Public cloud platform.