REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL



Similar documents
REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL

AVX SERIES VIRTUALIZED APPLIANCES

CENTRAL MONITORING AND MANAGEMENT. CMX SERIES DATASHEET CENTRALIZED MANAGEMENT

AVX SERIES VIRTUALIZED APPLIANCES

Load Balancing Security Gateways WHITE PAPER

The Application Delivery Controller Understanding Next-Generation Load Balancing Appliances

Integrating Barracuda Web Application Firewall

Background. Industry: Challenges: Solution: Benefits: APV SERIES CASE STUDY Fuel Card Web Portal

The Hillstone and Trend Micro Joint Solution

MOVE AT THE SPEED OF BUSINESS. a CELERA DATASHEET WAN OPTIMIZATION CONTROLLERS

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET

Extreme Security Threat Protection G2 - Intrusion Prevention Integrated security, visibility, and control for next- generation network protection

USG6600 Next-Generation Firewall

The Key to Secure Online Financial Transactions

Symantec Enterprise Firewalls. From the Internet Thomas Jerry Scott

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET

White Paper A10 Thunder and AX Series Load Balancing Security Gateways

Content-ID. Content-ID URLS THREATS DATA

USG6300 Next-Generation Firewall

NSFOCUS Web Application Firewall

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks

APV9650. Application Delivery Controller

Scalable. Reliable. Flexible. High Performance Architecture. Fault Tolerant System Design. Expansion Options for Unique Business Needs

Symantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

Healthcare Security and HIPAA Compliance with A10

Huawei Eudemon200E-N Next-Generation Firewall

IBM Security Network Intrusion Prevention System

Web application security Executive brief Managing a growing threat: an executive s guide to Web application security.

Barracuda Web Application Firewall vs. Intrusion Prevention Systems (IPS) Whitepaper

Scalable. Reliable. Flexible. High Performance Architecture. Fault Tolerant System Design. Expansion Options for Unique Business Needs

Cisco Application Networking for IBM WebSphere

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS

Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance

Cisco ASA 5500 Series IPS Solution

Information Technology Policy

Application Security Testing

APV x600 Series. Application Delivery Controller APV1600, APV2600, APV4600, APV5600, APV6600, APV8600, APV9600

Next-Generation Firewalls: Critical to SMB Network Security

Ovation Security Center Data Sheet

Application Firewall Overview. Published: February 2007 For the latest information, please see

WanVelocity. WAN Optimization & Acceleration

Passing PCI Compliance How to Address the Application Security Mandates

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

FINAL DoIT v.8 APPLICATION SECURITY PROCEDURE

Barracuda Web Site Firewall Ensures PCI DSS Compliance

Protecting Your Organisation from Targeted Cyber Intrusion

IREBOX X. Firebox X Family of Security Products. Comprehensive Unified Threat Management Solutions That Scale With Your Business

Contemporary Web Application Attacks. Ivan Pang Senior Consultant Edvance Limited

McAfee Network Security Platform A uniquely intelligent approach to network security

Devising a Server Protection Strategy with Trend Micro

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET

Mingyu Web Application Firewall (DAS- WAF) All transparent deployment for Web application gateway

Intro to Firewalls. Summary

IBM QRadar Security Intelligence April 2013

F5 Silverline Web Application Firewall Onboarding: Technical Note

Deployment Guide May-2015 rev. a. APV Oracle PeopleSoft Enterprise 9 Deployment Guide

Imperva SecureSphere Appliances

Devising a Server Protection Strategy with Trend Micro

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Delivers fast, accurate data about security threats:

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS ADMINISTRATION TOOLS NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS NETWORK SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Protecting against DoS/DDoS Attacks with FortiWeb Web Application Firewall

Security Policy JUNE 1, SalesNOW. Security Policy v v

Security Information & Event Manager (SIEM)

IBM Security Network Intrusion Prevention System

Firewall Migration. Migrating to Juniper Networks Firewall/VPN Solutions. White Paper

PANORAMA. Panorama provides centralized policy and device management over a network of Palo Alto Networks next-generation firewalls.

SECURITY OVERVIEW FOR MY.ENDNOTE.COM. In line with commercial industry standards, Thomson Reuters employs a dedicated security team to protect our

NitroView. Content Aware SIEM TM. Unified Security and Compliance Unmatched Speed and Scale. Application Data Monitoring. Database Monitoring

Basic & Advanced Administration for Citrix NetScaler 9.2

Ovation Security Center Data Sheet

Intel Network Builders: Lanner and Intel Building the Best Network Security Platforms

SERENA SOFTWARE Serena Service Manager Security

WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8

VALIDATING DDoS THREAT PROTECTION

Data Sheet. VLD 500 A Series Viaedge Load Director. VLD 500 A Series: VIAEDGE Load Director

End-to-End Application Security from the Cloud

How To Secure Your System From Cyber Attacks

MatriXay WEB Application Vulnerability Scanner V Overview. (DAS- WEBScan ) The best WEB application assessment tool

F5 and Microsoft Exchange Security Solutions

White Paper Secure Reverse Proxy Server and Web Application Firewall

Web Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks

Cisco Application Networking for BEA WebLogic

SURVEY OF INTRUSION DETECTION SYSTEM

Content Scanning for secure transactions using Radware s SecureFlow and AppXcel together with Aladdin s esafe Gateway


Intelligent WLAN Controller with Advanced Functions

Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.

IBM Protocol Analysis Module

Semantic based Web Application Firewall (SWAF V 1.6) Operations and User Manual. Document Version 1.0

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

The McAfee SECURE TM Standard

Transcription:

REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL AWF Series Web application firewalls provide industry-leading Web application attack protection, ensuring continuity and high availability of Web applications, while reducing security risks. Array s AWF Series Web application firewalls extend beyond traditional firewalls and intrusion detection systems (IDSs) to provide comprehensive protection for business-critical Web applications. The AWF Series not only detects the complex Web application attacks of today, but also blocks the attack traffic in real time without affecting the normal flow of business data traffic. In addition, the AWF Series provides extremely fine-grained attack detection and analysis capabilities while protecting against the most common Web application threats including SQL injection attacks, Web page tampering, Web site malicious code, and disclosure of sensitive information.

Highlights & Benefits Next-generation Web application firewall operates on multiple levels to protect vital Web servers and applications Continuous scanning for Web application vulnerabilities and for SQL injection or cross-site scripting threats within the applications Active incident response including detection, blocking and prevention of intrusion and other attacks Post-incident diagnosis and analysis of security issues to reduce overall security risk and maintain Web site credibility Highly refined rules library includes sophisticated protections such as information disclosure protection, embedded Trojan detection and protection, protocol integrity detection, keyword filtering and much more Comprehensive Layer 1 through 7 protection for Web servers, including packet-filtering, URLbased access control, blacklist/whitelist and other protection functions Web page tamper-proofing through centralized management and control of all tamperproofing endpoints, with content monitoring, synchronization and publish functions Server load balancing assures high availability of Web application servers SSL offloading reduces burden on servers by offloading compute-intensive SSL processing, supporting improved user experience Guided configuration with exception rules to reduce installation complexity and errors Comprehensive management portal provides visualized monitoring at the system, hardware, attack and tamper-proofing levels Role-based authentication at the administrator level to secure configuration and data and allow for auditing Logging and log analysis with graphical representation and easy export of logs and statistics

As applications have increasingly moved to the Web, the servers that host critical business applications have become targets of malicious attacks, tampering and other security incidents that can compromise intellectual property, customer information and other sensitive business data. Arrays AWF Series Web application firewalls protect against the most widespread attack mechanisms while providing active incident response to halt hackers in their tracks, with post-incident analysis and diagnosis to provide guidance for strengthening servers against future attacks. Continuous Threat Scanning The AWF Series continuously scans Web application servers for known vulnerabilities, and scans the applications for the existence of SQL injection or cross-site script vulnerabilities as well. Active Incident Response During a security incident, the AWF Series effectively detects, blocks, and prevents further intrusion, SQL injection, cross-site scripting and other types of Web application attacks. Post-Incident Diagnosis and Analysis After a security incident, the AWF Series diagnoses for critical security issues such as Web site tampering and malicious code, allowing administrators to reduce security risk and maintain the Web servers credibility. Sophisticated Rules Library Based on years of network security research, the AWF Series highly refined rules library provides a wide variety of protections, including: Preventing attacks including SQL injection, cross-site attack, cookie injection, malicious code, buffer overflow and other variant Web server attacks Information disclosure prevention Web site embedded Trojan protection and detection Protocol integrity detection CSRF anti-stealing link Integrity inspection of HTTP RFC protocol Keyword filtering Comprehensive Server Protection The AWF Series includes key network firewall features to provide comprehensive Layer 1 through 7 protection for Web application servers. These features include packet filtering, blacklist/ whitelist, URL-based access control and other basic protection functions at the network layer. Web Page Tamper-Proofing To support Web page tamper-proofing, the AWF Series supports centralized management and control of all Web page tamper-proofing endpoints, and provides content monitoring, synchronization and publishing functions. Because it uses driverlevel folder protection technology, and uses and event-triggered mechanism, it occupies very few system resources. Each time a user accesses a protected Web page, such as a login page, the AWF Series checks the page integrity before permitting access, thus preventing access to contaminated pages. Server Load Balancing The AWF Series employs Array s industry-leading server load balancing technology to distribute load across multiple Web application servers, increasing overall availability, flexibility and user experience.

Depending on application load requirements the AWF Series can also work in conjunction with one or more Array APV Series application delivery controllers for server load balancing if desired. SSL Offloading and Acceleration The new 2048-bit SSL standard is five times more compute intensive than the previous standard, which can significantly impact server performance and throughput. With the AWF Series, compute-intensive SSL offloading functions can be offloaded from the Web servers, removing a significant processing burden from them. As a result, server efficiency and application performance are greatly improved. Guided Configuration Configuration of Web application firewalls has been notoriously more complex than that of network-level firewalls. The AWF Series provides configuration guidance in order to assist network administrators in accurately configuring and setting up the Web application firewall. For example, false alarms are frequently encountered during set-up. The AWF Series supports generation of exception rules, with a single click on the corresponding strategy that is generating the false alarm. of distinct roles can assist in meeting quality standards and audit needs of regulatory and other requirements. Logging and Log Analysis The AWF Series logging function records the admin, Web site access, attack, Web page tamperproofing, audit and other logs. For applications requiring high-volumes of logs or long-term logging, an external log server can be supported. The advanced log analysis system displays multiple types of logs in graphical format, and supports export of the logs in various formats to facilitate collection fo statistics. AWF Series Appliances AWF Series features three 1RU models to choose from, supporting from four to eight 1 Gbe or 10 GbE interfaces and from 800K to 2M concurrent connections, depending on model. The AWF appliances leverage next-generation processors and memory, high-performance SSL encryption, energy-efficient components and 10 GigE to create solutions purpose-built for scalable Web application security. Visualized Management The AWF Series powerful equipment monitoring functions allow administrators to monitor, in real time, the associated equipment s working condition, attack threats and other system information. This capability allows timely discovery and elimination of network problems, promoting stable operation. Role-Based Authentication Three separate administration roles are supported within the AWF Series: Administrator, account administrator and audit administrator. Assignment

Product Specifications AWF Series Model 1500 3500 5500 Fixed I/O 6x1GbE 6x1GbE N/A LAN Interface Options (1GbE Copper) LAN Interface Options (10GbE Fiber) Bypass Pair 2 2 (up to 4) 2 (up to 6) Max. Throughput per Second (One 32KB HTML page) L3 Maximum Throughput per Second (Mixed Traffic) Maximum Concurrent Connections Number of Protected Web Servers 600Mbps 1.2Gbps 5Gbps 2.5Gbps 3.8Gbps 9Gbps 800K/s 1,000,000/s 2,000,000/s 32 256 1024 Dimensions 1U: 17.7 W x 16.9 D x 1.75 H 2U: 17 W x 16 D x 3.5 H 2U: 17 W x 17.75 D x 3.5 H Maximum Power Draw 250W 350W 350W Power Supply Redundancy No Yes Yes Weight 6.6 lbs. 18.25 lbs. 25.25 lbs. Environmental Operating Temperature: 5º to 40ºC. Operating Humidity: 20% to 90%

1371 McCarthy Blvd. Milpitas, CA 95035 Phone: (408) 240-8700 Toll Free: 1-866-MY-ARRAY www.arraynetworks.com VERSION: APR-2015-REV-A-DRAFT 2015 Array Networks, Inc. All rights reserved. Array Networks and the Array Networks logo are trademarks of Array Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners. Array Networks assumes no responsibility for any inaccuracies in this document. Array Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information