SKUDONET Enterprise Edition 10.1.4 is now available, consolidating the improvements introduced in version 10.1.3 and adding critical fixes and enhancements to ensure greater stability, more accurate security processing, and better control over threat mitigation.
This release responds directly to issues identified after the previous version, delivering a more refined and reliable platform for production environments .
In addition to resolving bugs, version 10.1.4 introduces a key evolution of the Fail Fast capability, giving administrators full control over how and when malicious traffic is blocked.
What’s new in SKUDONET EE 10.1.4
Full control of Fail Fast with SKD_FAIL_FAST
Version 10.1.3 introduced the concept of Fail Fast within the IPDS engine. Now, version 10.1.4 takes it a step further.
A new variable, SKD_FAIL_FAST, allows administrators to enable or disable early-stage request blocking during rule evaluation.
What does this mean in practice?
- Malicious requests can be blocked earlier in the inspection pipeline
- Security decisions are applied before full rule processing completes
- Unnecessary processing of suspicious traffic is reduced
Why it matters
In high-traffic or attack scenarios:
- Reduces CPU and memory consumption
- Improves response time under attack
- Prevents backend overload
This gives teams granular control over security behavior, allowing them to adapt protection strategies depending on performance or security requirements.
Improved OWASP CRS rule processing
The handling of OWASP Core Rule Set (CRS) rules has been improved to ensure they are evaluated in the correct processing phases.
Problem
Incorrect rule evaluation phases can lead to:
- False positives
- Missed detections
- Inconsistent behavior
Solution
- Rules are now executed in their intended phases
- Detection accuracy is improved
- Alignment with OWASP standards is reinforced
This results in a more reliable WAF behavior, especially in environments with:
- APIs
- Complex payloads
- Custom security rules
Improved WAF validation in HTTP/S farms
Version 10.1.4 introduces enhanced validation and consistency checks for WAF rulesets applied to HTTP/S farms.
Impact
- Ensures correct rule configuration
- Prevents misconfigurations before deployment
- Improves reliability of applied security policies
For administrators, this means fewer unexpected behaviors and more predictable WAF enforcement in production.
Bug fixes for production stability
This release includes critical fixes that address issues detected in previous versions:
Improved WAF reload behavior in HTTP/S farms
- WAF reload processes now ensure a more consistent application of changes
- Configuration updates are applied in a more reliable and predictable way
- Improved consistency across running farms during policy updates
This enhancement provides administrators with greater confidence when applying changes to active environments, reducing variability and ensuring smoother WAF policy updates in production.
Key improvements introduced in 10.1.3 (included in this release)
Version 10.1.4 also includes all improvements from 10.1.3, ensuring a consolidated and stable release.
System performance optimizations
System-level tuning improves:
- Resource management
- Service scheduling
- Overall responsiveness
This allows the ADC to maintain stability under high traffic loads and intensive processing scenarios.
Improved service management in the GUI
The services view now includes a permanent sorting option, making it easier to:
- Navigate large service lists
- Manage multiple farms
- Operate complex infrastructures
A small UX improvement with a big operational impact.
Introduction of Fail Fast in IPDS
Version 10.1.3 introduced the Fail Fast concept, enabling:
- Immediate blocking of malicious requests
- Reduced unnecessary processing
- Faster response to automated threats
Version 10.1.4 builds on this by adding control through SKD_FAIL_FAST.
Why Fail Fast changes application security
Fail Fast is not just a feature — it’s a change in how security is applied at the ADC level.
Traditional approach
- Requests are fully processed
- Security rules are evaluated step by step
- Malicious traffic consumes resources before being blocked
Fail Fast approach
- Malicious patterns are detected early
- Requests are dropped immediately
- Backend and ADC resources are preserved
This is especially critical in:
- DDoS-like scenarios
- Bot attacks
- API abuse
Fail Fast turns the ADC into a more proactive and efficient security layer.
Why this update matters for production environments
This release directly impacts three key areas:
Stability
Fixes ensure predictable behavior in WAF and routing-related operations.
Security accuracy
Better OWASP CRS handling and validation improve detection quality and reduce false positives.
Performance efficiency
Fail Fast and system optimizations reduce resource usage and improve response times under load.
If you work with SKUDONET Enterprise Edition or want to stay up to date with the latest technical updates, visit our Timeline.
If you’d like to experience these improvements firsthand, try the SKUDONET Enterprise Edition 30-day trial.
