Web Application Firewall
 
WAF-Scan protects web servers against web application based attacks including SQL and XSS injections. It allows IT administrators have a wide range of options for blocking and logging traffic as it passes through the WAF rules system. The rules system offers the possibility to define both positive and negative security models. The engine also allows for the real-time installation of emergency virtual patches at the gateway, to immediately detect and prevent any specific security issues.  
   
Features:
- High performance rules engine capable of millions of rule-checks per second.
- Database of 6,000+ rules combined with a signature database to identify several million threats.
- Rules updated in real-time using PUSH technology.
- Up to 15,000 fully analyzed transactions per second.
- OWASP Top-Ten Protection.
- Protection against common attacks.
- Form field meta data validation.
- Adaptive security.
- Response control:
+ Block client.
+ Reset connection.
+ Redirect.
+ Log as suspicious.
- Outbound data theft protection:
+ Credit card numbers.
+ Social Security numbers.
+ Custom pattern matching (regular expression).
- Granular policies for HTML/HTTP elements
- Protocol limit checks
- File upload control
- Blocking based on Client IP Reputation
 
   

WAF-Scan can offer protection for two application models:
 

Standard Applications
Apache, IIS, Joomla, Drupal, Mediawiki, Wordpress

 

Custom Applications
Tailor made software that has been specially developed for a specific organization or specific user.