Web Application Firewalls 2018-01-12T17:44:18+00:00

Web Application Firewall Service Icon


Block Web Application Attacks, Remain Compliant, and Keep Your Web Properties Highly Available. No Need to Buy Hardware, Get Pricing on WAF Protection Now.

Hybrid Security Model

To defeat new, unpublished exploits, a positive-model policy engine that understands permissible user-app interactions automatically blocks all traffic falling outside this scope. As a complement, a negative model engine uses attack signatures to guard against known threats to applications.

Checklist Icon

Ssl Decryption Icon

SSL Decryption

  • Stop DDoS attacks hidden in encrypted traffic
  • Stop DDoS protection from active DDoS campaigns based on IP reputation

XML protection

Our App Firewall not only blocks common threats that can be adapted for attacking XML-based apps (e.g., cross-site scripting, command injection), but also incorporates a rich set of XML-specific protections, including comprehensive schema validation and the ability to thwart related application-layer DoS attacks (e.g., excessive recursion).

Web Security Icon

Fingerprint Scan Icon

Advanced Protection for Dynamic Elements

Multiple, session-aware protections secure dynamic application elements such as cookies, form fields and session-specific URLs, thereby thwarting attacks that target the trust relationship between client and server (e.g., cross-site request forgery).

Tailored Security Policies

  • An advanced learning engine automatically determines the expected behavior of enterprise web applications and generates human-readable policy recommendations.
  • Administrators can then tailor the security policy to the unique requirements of each application to avoid false-positive detection events.

Control Sliders Icon

Brain Icon

Intelligence Feed Protection

  • Continuously armed with the latest, global, threat intelligence from the Security & Engineering Response Team (SERT)

Ensured Compliance

Our Web App Firewall is ICSA Certified and enables enterprises to comply with data security mandates such as the PCI DSS v3.1, which explicitly encourages the use of WAFs for public-facing applications that handle credit card information. Detailed reports can be generated to document all protections defined in the firewall policy that pertain to PCI mandates.

Icsa Certified Logo

Shoe Icon

Zero-Compromise Performance

The industry’s highest-performing web application security solution delivers 12+ Gbps of comprehensive protection without degrading application response times. The net result is an ideal solution that delivers unparalleled web protection along with a high-definition application experience for today’s demanding users.