HAProxy Enterprise 2.9 is now available and we’re quite excited about this one. This release includes next-generation web application firewall (WAF) and bot management capabilities, and extends HAProxy Enterprise’s legendary performance and flexibility to support applications using the UDP transport protocol. Supported by industry-leading benchmark results, these landmark features offer customers a powerful solution to the challenges of security, latency, and scale.

Recently, we added powerful new K8s features to HAProxy Fusion Control Plane—enabling service discovery in any Kubernetes or Consul environment without complex, technical workarounds. We've covered the headlining features in our HAProxy Fusion Control Plane 1.2 LTS release blog. But while service discovery, external load balancing, and multi-cluster routing are undeniably beneficial, context helps us understand their impact.

HAProxy Kubernetes Ingress Controller 1.11 is now available. For our enterprise customers, HAProxy Enterprise Kubernetes Ingress Controller 1.11 is coming soon and will incorporate the same features. In this release, we enhanced security through the adoption of rootless containers, graduated our custom resource definitions to v1, made them easier to manage, and introduced support for the QUIC protocol.

Software load balancers and load balancing appliances have become indispensable components within a healthy application infrastructure. Scalability, security, observability, and reliability are more critical than ever as companies push harder towards 99.999% availability. Accordingly, traffic management is key to protecting servers and ensuring uptime. Vendors have offered load balancers in different form factors to serve evolving infrastructure needs.

CitrixBleed, or CVE-2023-4966, is now an infamous security vulnerability affecting Citrix NetScaler that allows attackers to hijack user sessions by stealing session authentication tokens. Unfortunately, it has affected many NetScaler customers including Xfinity, which lost data for 36 million customers as a result of CitrixBleed. There is no way to protect against CitrixBleed by configuring the NetScaler WAF to detect and block it.

Every day, organizations face external threats as a consequence of exposing their services over the internet. An estimated 2,200+ attacks occur in a 24-hour period—or one attack every 39 seconds. Add the fact that an average data breach (one of many potential consequences of poor security) costs companies $4.45 million, and the need for strong security is impossible to ignore. Web application and API security is key to protecting your infrastructure, data, and users.

Managing incoming web traffic for your applications is essential to ensuring optimal performance, preventing abuse, and maintaining the security of your cloud infrastructure. To accomplish this, one of the tools HAProxy Enterprise users have at their disposal is rate limiting—the practice of preventing clients from making too many requests and using system resources unfairly.