Web Application Firewall

Organizations have traditionally employed Web Application Firewalls (WAFs) as one of their primary defense components. WAFs are designed to protect web applications/servers from web-based attacks, enhancing an organization’s web presence.

Overview

WAFs interrogate potential attacks, by analyzing their returns to its requests. Through this inspection, WAFs pick up on unexpected patterns in incoming traffic. By way of their functioning, not only do WAFs detect attacks that are known to occur in web application environments, but also detect/prevent new, unknown types of attacks. For example, if a WAF detects an application that returns much more data than it is expected to, it can block it and trigger an alert.

Characteristics

Our WAF solutions share the following minimum characteristics:
Optimal Protection
Protection of productive web applications on the application level with minimal effort and without having to change the application itself
Highly Effective
Capability to align WAF access policy/protection directly with organizational cybersecurity policy, thus enabling swift and effective deployment of organizational security frameworks
Simplified Management
Incorporated centralized administration ensures across-the-board changes and reduces management costs
Instrumental Reporting
Capability to generate purpose-built reports useful both for internal audit as well as for mandatory compliance
Deployment Flexibility
The deployment model of the WAF solution is designed to fit the organizational needs of the existing environment, as a multi-vendor solution

Features

Dynamic Application Profiling
Ability to learn all aspects of web applications, including the directories, URLs, parameters, and acceptable user inputs to detect attacks with exceptional accuracy, while eliminating impact to legitimate customers
Advanced Correlation Engine
Powerful Correlation Engine that distinguishes attacks from unusual, but legitimate, behavior by correlating web requests across security layers and over time. This capability examines multiple attributes to accurately alert on or block attacks with the lowest rate of false positives
Virtual Patching
Ability to perform ‘virtual patching’ for your web applications via vulnerability scanner integration. Instead of leaving web applications exposed until vulnerable code is fixed, virtual patching actively protects them, thus reducing the window of exposure, and minimizing the costs of emergency fix cycles until patching
Central & Powerful Management
Centralized management system aggregates data across organizations’ security defenses and enables cybersecurity teams to respond quickly. Hence, a centralized system enables organizations to view, deploy and control all WAF activity through a single pane of glass
High Availability
The key feature in achieving high availability and resilience is the use of WAF active-passive clustering mechanism. Active-passive clustering offers uninterrupted operations during system updates and maintenance

Deployment

Drawing from our ever-growing expertise, developed through our Technology Risk Solutions and Managed Security Services (MSS) divisions, we first assess your organization’s needs based on your existing infrastructure, network architecture, applications and systems setup. Once we have a well-rounded understanding, we proceed by proposing the best-suited WAF solution that fits your environment.

Remaining Secure

Our suite of post-deployment services is designed to offer further enhancements to your network, systems and applications, as follows:

Maintenance & Support

Integration with ClearSkiesTM NG SIEM-as-a-Service

Full-fledged 24/7 Managed & Security Log monitoring

This solution comprises part of the “Test & Assess’’, ‘’Design & Implement”, ‘’Monitor & Respond’’ and ‘’Consulting’’ phases of our Information Security Continuum (ISC).