Skip to main content

WAF Tier Calculator

Security is built in, not optional

Every project hosted on UNIQCloud is required to have WAF protection. Security is one of UNIQCloud's core objectives — our platform is designed so that every workload, regardless of size or sensitivity, benefits from baseline web application protection from day one. The question is not whether you need a WAF, but which tier best matches your risk profile and budget.

Use this calculator to get an indicative recommendation for the WAF tier that best fits your project. It is intended for customers evaluating their own needs and for presales conversations during onboarding.

The recommendation is based on six risk dimensions — data sensitivity, business criticality, threat exposure, application complexity, compliance, and security requirements — plus a short list of hard requirements (PCI, HIPAA, custom rules, WAF-level uptime SLA) that automatically require the Enterprise tier.

"SLA" in this calculator means the WAF-level SLA

The hard requirement and tier capabilities below refer to the WAF service SLA (uptime and support guarantees offered by the WAF provider). This is not the same as the UNIQCloud platform SLA, which depends on the underlying service tier you purchase.

How it works

  • Each group contributes a weighted score; higher means more protection needed.
  • Score totals map to tiers: 0–15 Free · 16–35 Pro / Business · 36+ Enterprise.
  • Any ticked Hard requirement forces the Enterprise recommendation regardless of score.
  • The calculator recommends a tier, not a provider — the specific WAF solution is selected during the security architecture review based on customer-specific factors (jurisdiction, pricing model, feature parity, existing integrations).
Loading calculator…

Tier summary

TierTypical fitKey capabilities
FreeStatic marketing sites, blogs, low-risk informational sitesDefault managed rules, shared CDN, basic DDoS protection, signature-based detection
Pro / BusinessCMS sites, small e-commerce, customer portals, internal appsFull managed rulesets, bot management, behavioral WAF, IP reputation, rate limiting
EnterpriseSaaS platforms, regulated data, large e-commerce, mission-critical portalsCustom WAF rules, API security, threat intelligence, WAF-level SLA-backed support, SIEM integration, dedicated account management
note

If you need a formal security assessment of your architecture for UNIQCloud onboarding, please contact UNICC Cloud Services Engineering at [email protected].