Web Application Firewall

OVERVIEW

Network Box’s WAF-Scan is a multi-level Web Application Firewall that provides comprehensive protection for web servers and web applications. It effectively mitigates attacks and vulnerabilities at the web application layer, while simultaneously providing a load-balanced, fault-tolerant production environment.

As a standard, WAF-Scan is preconfigured with rules to protect against the OWASP Top 10. It is highly-customizable with the ability to add/create rules to protect against attacks that target specific web applications. In addition, WAF-Scan is tightly integrated with our Anti-DDoS module, enabling it to track usage patterns and identity attack sources.

WAF-Scan includes a Secure Socket Layer (SSL) proxy that allows certificate validation policy to be performed and enforced at the gateway. SSL traffic is transparently identified, decrypted and then subjected to policy control and other such security functions. Without SSL Proxy technology, it is impossible to scan SSL encrypted data streams for malware, spyware, and other undesirable content.

Network Box’s WAF-Scan has built in full IPv4/IPv6 translation capabilities. You can set up your servers with a public IPv6 IP address without having to change any settings on the servers themselves.

FEATURES

  •   Built-in protection against OWASP Top 10
  •   Request and response analysis
  •   Protocol validation and policy restriction
  •   Response filtering
  •   Client authentication
  •   Internal and external load balancing
  •   SSL Scanning and Offloading
  •   Support for major Content Management Systems, including Joomla, Drupal, and WordPress
  •   IPv4/IPv6 compatibility and bi-directional translation

ADVANTAGES

  •   Identifies, decrypts, and scans SSL traffic, subjecting it to security functions (e.g. anti-malware protection, content filtering, and organizational policy enforcement)
  •   Granular policy management (e.g. ability to place restrictions on user, path, URL, etc.)
  •   High performance rules engine capable of millions of rule-checks per second
  •   Allows certificate validation policy to be performed and enforced at the gateway
  •   Immediate installation of emergency virtual patches at the gateway
  •   Full-integration with Anti-DDoS module
  •   IPv4/IPv6 bi-directional translation

 

SSL Offload and Upgrade

The system can be configured as a terminator for SSL traffic, offloading cryptographic computation workload onto the WAF-Scan, relieving web content servers of significant CPU stress. In addition to the standard SSL Offload feature, Network Box middleware software uses an up-to-date and actively maintained SSL software infrastructure, effectively upgrading a client’s secure website to the latest, most secure protocols.

  •   Reduces CPU workload
  •   Up-to-date and actively maintained SSL protocols
  •   Administrative control over SSL connection properties

Multilayered Protection

Network Box’s WAF-Scan supports five security models:

  •   Vulnerability Protection
  •   Outbound Protection
  •   DoS/DDoS Protection
  •   Negative Security Model
  •   Positive Security Model