Logo of NSFOCUS
English Version Chinese Version Japanese Version
Products & Solutions Services Support Reaserch Careers About Us
Products
Solutions
Web Application Firewall
View Flash versionOverview
Based on years of research on Web application attack prevention technology, NSFOCUS develops Web Application Firewall (WAF) appliance, to deal with the Web application security issues and derived maintenance and management problems for various organizations. NSFOCUS WAF constructs the NSFOCUS Proactive and Reactive Security (NPRS) model based on the sequence, to ensure the integrity and availability of Web application in each cycle when security events occur:
  • Scan Web application vulnerability before the event;
  • Prevent various Web application attacks and DDoS attacks such as hack intrusion, SQL injection, and cross-site scripting (XSS) in realtime;
  • Provide diagnosis function for popular security issues like webpage tamper and webpage Trojan reduces security risks and keeps public credibility of websites.
NPRS model
NPRS model
Key Features and Benefits
  • Advanced Web Application Vulnerability Scanning
    Web application security problems comes from the security risk remained in the development of Web application programs. Integrated with the Web application scanning technique, NSFOCUS WAF detects Web application vulnerability (SQL injection and XSS, etc.) efficiently and accurately, discovers and resolves problems for customers completely, and reduces customers’ maintenance and operation cost.

  • Preventing SQL Injection, XSS Attack and Application Layer DDoS Attack
    As one of the most severe challenges faced by Web application, SQL injection may disclose sensitive information, damage database content and structure, and even compromise the server operating system through the extented function of the database.
    NSFOCUS WAF integrates both Negative Security Mode and Positive Security Mode detection techniques, fights against all kinds of popular Web application threats including SQL injection, XSS, application DDoS and so on, ensuring the integrity and availability of Web application.
    NSFOCUS WAF handles various threats effectively
    NSFOCUS WAF handles various threats effectively


  • Solution on Webpage Tampering
    Webpage defacement will endanger many websites, especially be exploited by malicious business competitors, and destroy the reputation of enterprises or organizations. NSFOCUS WAF measures the balance between cost and security effectively and provides solutions to ensure security before the event, during the event, and after the event.
    • Before the event,NSFOCUS WAF performs webpage vulnerability scanning to discover bugs and offer technical support for problem resolution.
    • During the event, NSFOCUS WAF detects and prevents main attack vectors (SQL injection and XSS, etc.) adopted by webpage tamper based on the intelligent characteristic analysis technique, and powered by NSFOCUS professional security research team, optimizes prevention technique in real-time and fights against the newest attacks for users.
    • After the event, NSFOCUS WAF detects webpage tamper timly and provides emergent protection and real-time alarm to stop illegal webpage post, ensure the integrity of Web applications, and reduce security risks for customers.

  • Active Trojan Diagnosis
    The direct victim of Webpage Trojan is end user. Web servers are exploited as a tool to spread Webpage Trojans. Yet for Web servers, the most severe trouble is that the attackers do not use apparent webpage tamper due to economical reasons though the website is actually intruded.
    NSFOCUS WAF provides the webpage Trojan diagnosis function to check malicious code on the website, ensures the integrity of website application, and effectively avoids websites from being used as a way for distributing and spreading malware.
Typical Application Scenario
NSFOCUS WAF Online Deployment
NSFOCUS WAF Online Deployment
Pre-Sale Consultation
Contact NSFOCUS sales:
overseas@nsfocus.com
  ©2010