Web Application Firewall (WAF) Deutsche Telekom AG International Carrier Sales and Solutions

Transcription

1 Web Application Firewall (WAF) Deutsche Telekom AG International Carrier Sales and Solutions

2 Web Application Firewall (WAF) Control, flexibility and visibility over your defense systems We protect your web applications and user data with an enterprise-grade Web Application Firewall (WAF). Enterprise-grade protection Protects against key OWASP Top 10 attacks, such as SQL injection, cross-site scripting and remote file inclusion Rate limiting functionality to protect against HTTP flood attacks IP reputation database to automatically block bad actors before they reach your website Extensive rule definitions ModSecurity-based WAF with the latest version of the OWASP Core Rule Set (CRS) Additional commercial rule set from Trustwave SpiderLabs with 16,000+ rules Virtual patching to protect against zero-day vulnerabilities in common server software, such as oscommerce, SharePoint and Joomla Customizability and control Easy-to-use management console with a wide array of self-service options Highly granular security controls that can be easily customized to your particular needs Flexible profile configurations that allow you to segment your web traffic and apply different security rules to different types of requests White glove support 24 x 7 x 365 phone support with NOC engineers based in the U.S., not call-center operators Expert WAF managed services augment your staff with dedicated security experts in times of need

3 Solution Features Cloud-based application security Select a feature-rich Web Application Firewall (WAF) that helps protect your website from a multitude of attacks and allows you to customize your defenses according to your specific needs and requirements. Protection against Layer 7 (application level) attacks Deep inspection of inbound HTTP/S traffic to your website Automatic identification and mitigation of malicious payloads and attack patterns Country/IP geo-blocking capabilities to block attackers at the source Protection against a wide range of application-level attack methods: SQL injection (SQLi) Cross-site scripting (XSS) Remote file inclusion (RFI) Local file inclusion (LFI) HTTP floods URL encoding abuse Path traversal Protocol violations PHP injection attacks LDAP injection attacks Known worms and bots Session hijacking Cookie tampering And many more! ModSecurity Commercial Rules from Trustwave Spiderlabs Complements and integrates OWASP core rules 16,000+ rules and signatures IP reputation database to automatically protect against known bad actors Up-to-date ModSecurity rule coverage ModSecurity-based detection engine Latest version of industry-standard OWASP ModSecurity Core Rule Set (CRS) version Protects against key OWASP Top 10 threats

4 Built-in protection for common server application software Automatic virtual patching of common enterprise server applications vulnerabilities, such as: Microsoft SharePoint WordPress oscommerce and many more! Joomla Drupal cpanel HTTP (Layer 7) rate limiting Limit the number of HTTP requests sent to website Protect against HTTP flood attacks (GET and POST) Limit requests based on true global rate for entire website, not just an individual server Ability to control rate on a per-client basis Define rate limits by variables, such as IP address, URL, user agent and hostname Globally distributed infrastructure Integrated into core CDN software stack for maximum reliability and performance Worldwide network of 90+ Super PoPs for global scale and reliability Massive network capacity to absorb even the largest volumetric attacks Fast propagation of global WAF configuration updates within <5 minutes Flexible security rules Keep granular control r individual security rule and conditions Profiles allow the defining of distinct security configurations with different rules and settings Sophisticated global setting definitions to configure legitimate traffic patterns WAF entirely configurable via API access, allowing it to interface with third-party monitoring systems and services

5 Version: 05/2016 Subject to change. Errors excepted ICSS - Enabling global communications beyond imagination. For more information, see Publisher Deutsche Telekom AG International Carrier Sales & Solutions (ICSS) Bonn, Germany