WEB APPLICATION FIREWALLS (WAF)
Block web application attacks, remain compliant, and keep your web properties highly available.
Hybrid Security Model
To defeat new, unpublished exploits, a positive-model policy engine that understands permissible user-app interactions automatically blocks all traffic falling outside this scope. As a complement, a negative model engine uses attack signatures to guard against known threats to applications.
- Stop DDoS attacks hidden in encrypted traffic
- Stop DDoS protection from active DDoS campaigns based on IP reputation
Our App Firewall not only blocks common threats that can be adapted for attacking XML-based apps (e.g., cross-site scripting, command injection), but also incorporates a rich set of XML-specific protections, including comprehensive schema validation and the ability to thwart related application-layer DoS attacks (e.g., excessive recursion).
Advanced Protection for Dynamic Elements
Multiple, session-aware protections secure dynamic application elements such as cookies, form fields and session-specific URLs, thereby thwarting attacks that target the trust relationship between client and server (e.g., cross-site request forgery).
Tailored Security Policies
- An advanced learning engine automatically determines the expected behavior of enterprise web applications and generates human-readable policy recommendations.
- Administrators can then tailor the security policy to the unique requirements of each application to avoid false-positive detection events.
Intelligence Feed Protection
- Continuously armed with the latest, global, threat intelligence from the Security & Engineering Response Team (SERT)
Our Web App Firewall is ICSA Certified and enables enterprises to comply with data security mandates such as the PCI DSS v3.1, which explicitly encourages the use of WAFs for public-facing applications that handle credit card information. Detailed reports can be generated to document all protections defined in the firewall policy that pertain to PCI mandates.
The industry’s highest-performing web application security solution delivers 12+ Gbps of comprehensive protection without degrading application response times. The net result is an ideal solution that delivers unparalleled web protection along with a high-definition application experience for today’s demanding users.