Web application firewall

Unmatched protection for web-based applications

What is Web Application Firewall?

Web Application Firewall is a feature on the firewall that protects a customers web based applications from cyber security intrusions. This firewall is also able to protect business applications made available to remote staff and customers.

Web Application Firewall (WAF) provides centralized protection of your web applications from common exploits and vulnerabilities. Web applications are increasingly targeted by malicious attacks that exploit commonly known vulnerabilities. SQL injection and cross-site scripting are among the most common attacks.

Attributes of Web Application Firewall?

Advanced Web Protection combines advanced analysis capabilities such as JavaScript emulation, behavioral analysis, and origin reputation to protect against modern, multi-stage web attacks.

Pharming protection guards against phishing and pharming attacks by overriding corrupt host file or DNS lookups.

HTTPS scanning deep scans encrypted traffic for threats and compliance.

Potentially unwanted app control protects your network from cryptomining and cryptojacking embedded in websites as well as a variety of other unwanted web borne applications.

Labs, the global, round-the-clock threat research operation, identifies thousands of newly infected websites and instances of web malware, ensuring you have the best malicious site database protecting your network and users.

Features

SQL-injection protection.

Cross-site scripting protection.

Protection against other common web attacks, such as command injection, HTTP request smuggling, HTTP response splitting, and remote file inclusion.

Protection against HTTP protocol violations.

Protection against HTTP protocol anomalies, such as missing host user-agent and accept headers.

Protection against crawlers and scanners.

Detection of common application misconfigurations (for example, Apache and IIS).

Configurable request size limits with lower and upper bounds.

Exclusion lists let you omit certain request attributes from a WAF evaluation. A common example is Active Directory-inserted tokens that are used for authentication or password fields.

Create custom rules to suit the specific needs of your applications.

Geo-filter traffic to allow or block certain countries/regions from gaining access to your applications.

Protect your applications from bots with the bot mitigation ruleset.

Benefits

Protection
  • Protect your web applications from web vulnerabilities and attacks without modification to back-end code.
  • Protect multiple web applications at the same time. An instance of Application Gateway can host up to 40 websites that are protected by a web application firewall.
  • Create custom WAF policies for different sites behind the same WAF.
  • Protect your web applications from malicious bots.
Monitoring
  • Monitor attacks against your web applications by using a real-time WAF log. The log is integrated with monitoring systems to track WAF alerts and easily monitor trends.
  • The Application Gateway WAF is integrated with you firewall dashboard. This provides a central view of the security state of all your resources.
Customisation
  • Customise WAF rules and rule groups to suit your application requirements and eliminate false positives.
  • Associate a WAF Policy for each site behind your WAF to allow for site-specific configuration
  • Create custom rules to suit the needs of your application

Our pricing options

We have a few pricing options to suit any size company

Block Hours
A tried and tested method of contracting IT services. Infraplex can assess how many critical of hours your environment requires. Hours not used in one month can be carried forward. Infraplex will regularly assess the requirements to ensure you’re paying just the right amount.

Per Application

Chat to a consultant to quote you on your WAP needs.

Interested?

Let’s talk about how Infraplex can be your ICT partner.