 Data from Gartner shows 75 percent of Internet-based attacks are targeted at Web applications. These attacks pose a threat to your company’s efficiency, reputation and bottom line. NSFOCUS’s Web Application Firewall (WAF) appliance helps you secure your web applications and data, ensuring the highest level of business continuity and availability. It also enables you to meet a full range of government and industry compliance regulations, such as the PCI Data Security Standard (PCI DSS) requirements. |
| |
| Features and Benefits |
 Minimum Security Risks |
|
NSFOCUS’s WAF appliance provides world-class protection across all phases of an attack. It ensures web application uptime, while minimizing your security risks.
- Before Attacks: WAF can integrate automatic web application scanning tools to carry out accurate and efficient "black box" tests.
- During Attacks: WAF effectively blocks attacks such as defacement, leeching, data leakage and DDoS, safeguarding website security and integrity.
- After Attacks: WAF provides diagnosis and remediation, reducing the impact caused by webpage defacement, web-based malware, information leakage, etc.
|
| Bi-directional HTTP/HTTPS Content Sanitization |
- Addresses the full range of threats associated with web application services, including SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), leeching, malicious scanning, crawler, malformed HTTP validation packets, fingerprinting, cookie poisoning, and denial of service (DoS) attacks;
- Keeps invalid, malicious and illegal packets from damaging your web applications, avoiding data leakage and potential reputation loss.
|
| Transparent Proxy Architecture |
Superior to traditional proxy mechanisms, NSFOCUS’s WAF can be easily deployed in transparent mode without requiring any modification or reconfiguration to your current network topology or web applications. |
| Regulatory Compliance Fulfillment |
Security vulnerabilities inherent in many web applications can make code review and recoding hard to implement in live production environments. The NSFOCUS WAF appliance helps you meet PCI DSS and other industry-standard regulations, such as those that recommend deploying a Web Application Firewall or conducting periodic code reviews as a way to ensure compliance. |
| Application-layer DDoS Prevention |
NSFOCUS WAF provides a solid defense against the most prevalent HTTP and TCP DDoS attacks, ensuring that your website stays up and running, even when others are trying to take it down.
|
| User-friendly interface |
NSFOCUS’s WAF provides a wide variety of monitoring functions and multi-dimensional statistical reports at a granular level. Security operators can easily monitor the current or historic running status of the website and rapidly locate emerging security incidents. And the sooner you can find potential trouble spots, the sooner you can deal with them, before they get to be a major problem.
|
| |
| Application Scenario |
|
| |
Specifications
|
Functional Specification |
|
Description |
Security |
HTTP Validation |
HTTP Validity Verification |
SSL Support |
SSL (HTTPS) encrypted session analysis |
Web Application Attack Prevention |
Prevents against:
SOL injection, XSS, CSRF, leeching, malicious scanning, crawler, malformed HTTP validation packets, fingerprinting, cookie poisoning, denial of service (DoS) attacks, buffer overflows, CGI scanning, directory traversal, more. |
Webpage Defacement Prevention |
Webpage pre-fetch, webpage content recovery, time management, offline server takeover |
Content Security |
Filters malicious code and customizes sensitive keywords |
Anti-DDoS |
TCP/HTTP Flood Prevention |
Network Layer Security |
ARP Spoofing |
|
L4 ACL |
Rule Set Update |
Regularly updates rule set to tackle the latest attacks and quickly respond to emergencies |
Deployment and management |
Deployment Mode |
Transparent proxy, inline mode, bypass mode, multi-link prevention |
Management |
Supports B/S, console interface and SSH terminal services
Asterisk wildcard URL configuration
Export/import configuration files
Restore point of configuration |
Log/Alert |
Records, backs up, stores, categorizes logs; alerts via SNMP, email |
Self-security
and Reliability |
Bypass |
Built-in fail-open; hardware bypass and software bypass |
HA |
Active/Standby, inline HA and bypass HA, emergency mode |
Self-security |
Management communication, strong SSL encryption, redundant backup, log cache, user privilege classification, user account audit |
|
|
|
|
|
Pre-Sale Consultation |
Contact NSFOCUS sales:
international-business@nsfocus.com
|
|
