Logo of NSFOCUS
English Version Chinese Version Japanese Version
Products
NSFOCUS WAF
NSFOCUS ADS
NSFOCUS NTA
NSFOCUS NIPS
NSFOCUS RSAS
NSFOCUS WebSafe
Solutions
SP MAN Core Network
SP Netbar and Dedicated Internet Access
MAN IDC
NSFOCUS Web Application Firewall
Data from Gartner shows 75 percent of Internet-based attacks are targeted at Web applications. These attacks pose a threat to your company’s efficiency, reputation and bottom line. NSFOCUS’s Web Application Firewall (WAF) appliance helps you secure your web applications and data, ensuring the highest level of business continuity and availability. It also enables you to meet a full range of government and industry compliance regulations, such as the PCI Data Security Standard (PCI DSS) requirements.
 
Features and Benefits
Minimum Security Risks

NSFOCUS’s WAF appliance provides world-class protection across all phases of an attack.  It ensures web application uptime, while minimizing your security risks.

  • Before Attacks: WAF can integrate automatic web application scanning tools to carry out accurate and efficient "black box" tests.
  • During Attacks: WAF effectively blocks attacks such as defacement, leeching, data leakage and DDoS, safeguarding website security and integrity.
  • After Attacks: WAF provides diagnosis and remediation, reducing the impact caused by webpage defacement, web-based malware, information leakage, etc.

Bi-directional HTTP/HTTPS Content Sanitization
  • Addresses the full range of threats associated with web application services, including SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), leeching, malicious scanning, crawler, malformed HTTP validation packets, fingerprinting, cookie poisoning, and denial of service (DoS) attacks;
  • Keeps invalid, malicious and illegal packets from damaging your web applications, avoiding data leakage and potential reputation loss.


Transparent Proxy Architecture

Superior to traditional proxy mechanisms, NSFOCUS’s WAF can be easily deployed in transparent mode without requiring any modification or reconfiguration to your current network topology or web applications.


Regulatory Compliance Fulfillment

Security vulnerabilities inherent in many web applications can make code review and recoding hard to implement in live production environments. The NSFOCUS WAF appliance helps you meet PCI DSS and other industry-standard regulations, such as those that recommend deploying a Web Application Firewall or conducting periodic code reviews as a way to ensure compliance.


Application-layer DDoS Prevention

NSFOCUS WAF provides a solid defense against the most prevalent HTTP and TCP DDoS attacks, ensuring that your website stays up and running, even when others are trying to take it down.

User-friendly interface

NSFOCUS’s WAF provides a wide variety of monitoring functions and multi-dimensional statistical reports at a granular level.  Security operators can easily monitor the current or historic running status of the website and rapidly locate emerging security incidents. And the sooner you can find potential trouble spots, the sooner you can deal with them, before they get to be a major problem.


 
Application Scenario



 
Specifications

Functional Specification

 

Description

Security

 

 

 

 

 

 

 

 

HTTP Validation

HTTP Validity Verification

SSL Support

SSL (HTTPS) encrypted session analysis

Web Application Attack Prevention

Prevents against:
SOL injection, XSS, CSRF,  leeching, malicious scanning, crawler, malformed HTTP validation packets, fingerprinting, cookie poisoning, denial of service (DoS) attacks, buffer overflows, CGI scanning, directory traversal, more.

Webpage Defacement Prevention

Webpage pre-fetch, webpage content recovery, time management, offline server takeover

Content Security

Filters malicious code and customizes sensitive keywords

Anti-DDoS

TCP/HTTP Flood Prevention

Network Layer Security

ARP Spoofing

 

L4 ACL

Rule Set Update

Regularly updates rule set to tackle the latest attacks and quickly respond to emergencies

Deployment and management

 

 

Deployment Mode

Transparent proxy, inline mode, bypass mode, multi-link prevention

Management

Supports B/S, console interface and SSH terminal services
Asterisk wildcard URL configuration
Export/import configuration files
Restore point of configuration

Log/Alert

Records, backs up, stores, categorizes logs; alerts via SNMP, email

Self-security
and Reliability

 

 

Bypass

 Built-in fail-open; hardware bypass and software bypass

HA

Active/Standby, inline HA and bypass HA, emergency mode

Self-security

Management communication, strong SSL encryption, redundant backup, log cache, user privilege classification, user account audit

Pre-Sale Consultation
Contact NSFOCUS sales:
international-business@nsfocus.com
  ©2010