What is Web Application Firewall?

A Web Application Firewall is a device with ability to analyse Layer 7 application traffic. Unlike generic firewalls, a WAF is specifically ‘tuned’ to monitor only the target applications, inspecting all inbound and outbound application traffic, including encrypted traffic (https traffic).

Due to the dynamic nature of web applications, WAF’s need to be continuously managed and regularly tuned in order to recognize and monitor appropriately traffic. This often calls for trained manpower for ensuring a balance between availability and security.

How is WAF different from Firewall and IPS?

Web Application Firewall is designed to protect from attacks against Web Applications and Servers.

It is specifically designed to protect specifically from inbound attacks.

It has ability to analyse Layer 7 application logic traffic

WAFs are essentially highly customized reverse proxies that can filter out bad websites requests and content.

It works by examining HTTP Requests of the traffic hitting customer websites/applications.

We have partnered with leading solutionsproviders to provide cloud based and on premises WAF solution.

Benefits.

  • PCI certified Web Application Firewall
  • Easy and quick implementation – usually no rule tuning is required
  • Bot mitigation using  advanced client classification technology
  • Backdoor Protection to identify and quarantine backdoors planted on your website
  • Custom security logic
  • Granular access controls based on IPs, URLs, location and client type
  • Seamless implementation of two-factor authentication
  • Real-time dashboard for traffic monitoring and event analysis
  • REST API and SIEM integration of access and security logs

What is a firewall?

  • Firewall is a dedicated Network Security Device
  • Protects network from L3 and L4 based attacks
  • Rules are created to protect based on allow/block IP Address or Service/Port
  • Cannot block Application based attacks
  • Cannot decrypt SSL traffic to inspect for attacks
  • Does not provide Application Signature based protection

What is an Intrusion Prevention System (IPS)?

  • It can protect few application based attacks using signatures
  •  Standard IPS device has around 2000 application based signatures for protecting all applications + services like web, ftp, email, telnet etc.
  • Every web application is different and vulnerabilities related to them, IPS cannot do profile against them and protect it.
  • IPS cannot protect from unknown or emerging web based attacks like SQL injection, cross site scripting etc.
  • IPS cannot protect against Data Leakage
  • IPS does not meet PCI standards

How is WAF different from Firewall and IPS?

  • Web Application Firewall is designed to protect from attacks against Web Applications and Servers.
  •  It is specifically designed to protect specifically from inbound attacks.
  •  It has ability to analyse Layer 7 application logic traffic
  •  WAFs are essentially highly customized reverse proxies that can filter out bad websites requests and content.
  •  It works by examining HTTP Requests of the traffic hitting customer websites/applications.

What are Web Application Vulnerabilities?

  • Web applications like Email, Mobile Application, SAP, Oracle etc. for a critical part of every organisations setup
  • Increased risk of vulnerabilities. Eg. web sites defacement, phishing, e-fraud, etc
  • Web applications are very high source of vulnerabilities targeted by hackers
  • Targeted applications attacks are typically missed by firewalls, IPS, IDS
  • Web applications are unique to each application which leaves organization vulnerable
  • Hackers exploit these applications vulnerabilities to extract sensitive data from corporate databases

Why we need Web Application Firewall?

Web Application Firewalls alone detect application attacks!

  • Firewall is a dedicated Network Security Device
  • Protects network from L3 and L4 based attacks
  • Rules are created to protect based on allow/block IP Address or Service/Port
  • Cannot block Application based attacks
  • Cannot decrypt SSL traffic to inspect for attacks
  • Does not provide Application Signature based protection

Features of Web Application Firewall.

  • Protection against OWASP Top 10 threats including SQL injections, Cross-site scripting(XSS), Cross site request forgery (CSRF), broken authentication, session management and security misconfiguration
  • Dynamic profiling and automated detection of protected applications and user behavior
  • Virtual patching of applications through vulnerability scanner integration
  • Protocol validation assisting compliance with HTTP standards
  • Zero-day attack prevention
  • Online updates of Web Defenses
  • SSL Offloading to inspect encrypted HTTP payload