Menu
Web Application Firewall
Web Application Firewall
WAF-Scan protects web servers against web application based attacks including SQL and XSS injections. It allows IT administrators have a wide range of options for blocking and logging traffic as it passes through the WAF rules system. The rules system offers the possibility to define both positive and negative security models. The engine also allows for the real-time installation of emergency virtual patches at the gateway, to immediately detect and prevent any specific security issues.
Features:
- High performance rules engine capable of millions of rule-checks per second.
- Database of 6,000+ rules combined with a signature database to identify several million threats.
- Rules updated in real-time using PUSH technology.
- Up to 15,000 fully analyzed transactions per second.
- OWASP Top-Ten Protection.
- Protection against common attacks.
- Form field meta data validation.
- Adaptive security.
- Granular policies for HTML/HTTP elements
- Protocol limit checks
- File upload control
- Blocking based on Client IP Reputation
Response Control:
- Block client.
- Reset connection.
- Redirect.
- Log as suspicious.
Outbound data theft protection:
- Credit card numbers.
- Social Security numbers.
- Custom pattern matching (regular expression).
WAF-Scan can offer protection for two application models:
Standard Applications
Apache, IIS, Joomla, Drupal, Mediawiki, WordPress
Custom Applications
Tailor made software that has been specially developed for a specific organization or specific user.
Web Application Firewall (WAF)
– Uses a database of over 6,000 rules combined with a signature database to identify several
million threats
– Up to 15,000 fully analyzed transactions per second
– Supports standard and custom applications
