REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL



Similar documents
REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL

NSFOCUS Web Application Firewall

AVX SERIES VIRTUALIZED APPLIANCES

Load Balancing Security Gateways WHITE PAPER

Web Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy

White Paper A10 Thunder and AX Series Load Balancing Security Gateways

ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy

Next Generation Firewall

AVX SERIES VIRTUALIZED APPLIANCES

Arrow ECS University 2015 Radware Hybrid Cloud WAF Service. 9 Ottobre 2015

Mingyu Web Application Firewall (DAS- WAF) All transparent deployment for Web application gateway

Web Application Firewall

MOVE AT THE SPEED OF BUSINESS. a CELERA DATASHEET WAN OPTIMIZATION CONTROLLERS

FortiWeb for ISP. Web Application Firewall. Copyright Fortinet Inc. All rights reserved.

Basic & Advanced Administration for Citrix NetScaler 9.2

USG6600 Next-Generation Firewall

Huawei Eudemon200E-N Next-Generation Firewall

CENTRAL MONITORING AND MANAGEMENT. CMX SERIES DATASHEET CENTRALIZED MANAGEMENT

Contemporary Web Application Attacks. Ivan Pang Senior Consultant Edvance Limited

USG6300 Next-Generation Firewall

The Hillstone and Trend Micro Joint Solution

NSFOCUS Web Application Firewall White Paper

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

The Application Delivery Controller Understanding Next-Generation Load Balancing Appliances

Creating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011

MatriXay WEB Application Vulnerability Scanner V Overview. (DAS- WEBScan ) The best WEB application assessment tool

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

2013 MONITORAPP Co., Ltd.

F5 Silverline Web Application Firewall Onboarding: Technical Note

FortiWeb 5.0, Web Application Firewall Course #251

Check list for web developers

STOPPING LAYER 7 ATTACKS with F5 ASM. Sven Müller Security Solution Architect

Swordfish

Where every interaction matters.

APV x600 Series. Application Delivery Controller APV1600, APV2600, APV4600, APV5600, APV6600, APV8600, APV9600

Networking and High Availability

Application Security Testing

10 Things Every Web Application Firewall Should Provide Share this ebook

Semantic based Web Application Firewall (SWAF V 1.6) Operations and User Manual. Document Version 1.0

IBM Security Network Intrusion Prevention System

Networking and High Availability

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS

WanVelocity. WAN Optimization & Acceleration

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Barracuda Web Application Firewall vs. Intrusion Prevention Systems (IPS) Whitepaper

Deployment Guide May-2015 rev. a. APV Oracle PeopleSoft Enterprise 9 Deployment Guide

APV9650. Application Delivery Controller

IJMIE Volume 2, Issue 9 ISSN:

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET

Are you fighting new threats with old weapons? Secure your Web applications with Web Application Firewalls.

Symantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations

Scalable. Reliable. Flexible. High Performance Architecture. Fault Tolerant System Design. Expansion Options for Unique Business Needs

Sample Report. Security Test Plan. Prepared by Security Innovation

Content Scanning for secure transactions using Radware s SecureFlow and AppXcel together with Aladdin s esafe Gateway

FINAL DoIT v.8 APPLICATION SECURITY PROCEDURE

PANORAMA. Panorama provides centralized policy and device management over a network of Palo Alto Networks next-generation firewalls.

Network Security Platform 7.5

Flexible Routing and Load Control on Back-End Servers. Controlling the Request Load and Quality of Service

Integrating Barracuda Web Application Firewall

Firewall Firewall August, 2003

Complete Protection against Evolving DDoS Threats

Firewalls P+S Linux Router & Firewall 2013

Information Technology Policy

Barracuda Web Application Firewall

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET

Content-ID. Content-ID URLS THREATS DATA

FortiWeb TM. Web Application Firewall. Unmatched Protection for Web Applications. Emerging Threats Create New Challenges

Keyword: Cloud computing, service model, deployment model, network layer security.

UTT Technologies offers an effective solution to protect the network against 80 percent of internal attacks:

Web application security Executive brief Managing a growing threat: an executive s guide to Web application security.

VALIDATING DDoS THREAT PROTECTION

Guidelines for Web applications protection with dedicated Web Application Firewall

Symantec Database Security and Audit 3100 Series Appliance. Getting Started Guide

Simple security is better security Or: How complexity became the biggest security threat

WatchGuard Training. Introduction to WatchGuard Dimension

Advanced Administration for Citrix NetScaler 9.0 Platinum Edition

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS NETWORK SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

How To Protect A Dns Authority Server From A Flood Attack

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

Powered by. Incapsula Cloud WAF

Panorama PANORAMA. Panorama provides centralized policy and device management over a network of Palo Alto Networks next-generation firewalls.

Web Application Vulnerability Testing with Nessus

Background. Industry: Challenges: Solution: Benefits: APV SERIES CASE STUDY Fuel Card Web Portal

Firewall Feature Overview

NSFOCUS Remote Security Assessment System. Overview

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

Web Application Firewall on SonicWALL SSL VPN

JOOMLA SECURITY. ireland website design. by Oliver Hummel. ADDRESS Unit 12D, Six Cross Roads Business Park, Waterford City

The Key to Secure Online Financial Transactions

Protecting against DoS/DDoS Attacks with FortiWeb Web Application Firewall

Chapter 8 Router and Network Management

Release Notes for Websense Security v7.2

VMware Workspace Portal Reference Architecture

SANS Top 20 Critical Controls for Effective Cyber Defense

Transcription:

REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL AWF Series Web application firewalls provide industry-leading Web application attack protection, ensuring continuity and high availability of Web applications while reducing security risks. Array s AWF Series Web application firewalls extend beyond traditional firewalls and intrusion detection systems (IDSs) to provide comprehensive protection for business-critical Web applications. The AWF Series not only detects the complex Web application attacks of today, but also blocks the attack traffic in real time without affecting the normal flow of business data traffic. In addition, the AWF Series provides extremely fine-grained attack detection and analysis capabilities while protecting against the most common Web application threats including SQL injection attacks, Web page tampering, Web site malicious code, and disclosure of sensitive information.

Highlights & Benefits Next-generation Web application firewall operates on multiple levels to protect vital Web servers and applications Continuous scanning for Web application vulnerabilities and for SQL injection or cross-site scripting and other threats within applications DDoS protection via brute force attacks mitigation Active incident response including detection, blocking and prevention of intrusion and other attacks, including zero-day detection by abnormal behavior analysis techniques Post-incident diagnosis and analysis of security issues to reduce overall security risk and maintain Web site credibility Highly refined rules library includes sophisticated protections such as information disclosure protection, embedded Trojan detection and protection, protocol integrity detection, keyword filtering and much more Web page tamper-proofing through centralized management and control of all Web tamperproofing endpoints, with content monitoring, synchronization and publish functions Customizable feature library and flexible configuration model to meet the needs of complex Web applications Guided configuration with exception rules to reduce installation complexity and errors Comprehensive management portal provides visualized monitoring at the system, hardware, attack and tamper-proofing levels Role-based authentication at the administrator level to secure configuration and data and allow for auditing Logging and log analysis with graphical representation and easy export of logs and statistics Comprehensive Layer 1 through 7 protection for Web servers at the network level, including packet-filtering, URL-based access control, blacklist/whitelist and other protection functions

Next-Generation WAF Protection As applications have increasingly moved to the Web, the servers that host critical business applications have become targets of malicious attacks, tampering and other security incidents that can compromise intellectual property, customer information and other sensitive business data. Array s AWF Series Web application firewalls protect against the most widespread attack mechanisms while providing active incident response to halt hackers in their tracks, with post-incident analysis and diagnosis to provide guidance for strengthening servers against future attacks. Preventing attacks including SQL injection, cross-site attack, cookie injection, malicious code, buffer overflow and other variant Web server attacks Information disclosure prevention Web site embedded Trojan protection and detection Protocol integrity detection CSRF anti-stealing link Integrity inspection of HTTP RFC protocol Keyword filtering Continuous Threat Scanning The AWF Series continuously scans Web application servers for known vulnerabilities, and scans the applications for the existence of SQL injection or cross-site script vulnerabilities as well. Active Incident Response During a security incident, the AWF Series effectively detects, blocks, and prevents further intrusion, SQL injection, cross-site scripting and other types of Web application attacks. Post-Incident Diagnosis and Analysis After a security incident, the AWF Series diagnoses for critical security issues such as Web site tampering and malicious code, allowing administrators to reduce security risk and maintain the Web servers credibility. Sophisticated Rules Library Comprehensive Server Protection The AWF Series includes key network firewall features to provide comprehensive Layer 1 through 7 protection for Web application servers. These features include packet filtering, blacklist/ whitelist, URL-based access control and other basic protection functions at the network layer. Web Page Tamper-Proofing To support Web page tamper-proofing, the AWF Series supports centralized management and control of all Web page tamper-proofing endpoints, and provides content monitoring, synchronization and publishing functions. Because it uses driverlevel folder protection technology, and uses an event-triggered mechanism, it occupies very few system resources. Each time a user accesses a protected Web page, such as a login page, the AWF Series checks the page integrity before permitting access, thus preventing access to contaminated pages. Based on years of network security research, the AWF Series highly refined rules library provides a wide variety of protections, including:

Guided Configuration Configuration of Web application firewalls has been notoriously more complex than that of network-level firewalls. The AWF Series provides configuration guidance in order to assist network administrators in accurately configuring and setting up the Web application firewall. For example, false alarms are frequently encountered during set-up. The AWF Series supports generation of exception rules, with a single click on the corresponding strategy that is generating the false alarm. Visualized Management The AWF Series powerful equipment monitoring functions allow administrators to monitor, in real time, the associated equipment s working condition, attack threats and other system information. This capability allows timely discovery and elimination of network problems, promoting stable operation. AWF Series Appliances The AWF Series features three models to choose from, supporting from four to eight 1 GbE or 10 GbE interfaces and from 800K to 2M concurrent connections per second, depending on model. The AWF appliances leverage next-generation processors and memory, energy-efficient components and 10 GigE to create solutions purpose-built for scalable Web application security. Available for common hypervisors, the vawf virtual appliances are ideal for organizations seeking to benefit from the flexibility of virtual environments, offer infrastructure services and new elastic business models or evaluate Array application delivery with minimal risk and up-front cost. Role-Based Authentication Three separate administration roles are supported within the AWF Series: Administrator, account administrator and audit administrator. Assignment of distinct roles can assist in meeting quality standards and audit needs of regulatory and other requirements. Logging and Log Analysis The AWF Series logging function records the admin, Web site access, attack, Web page tamper-proofing, audit and other logs. For applications requiring high volumes of logs or long-term logging, an external log server can be supported. The advanced log analysis system displays multiple types of logs in graphical format, and supports export of the logs in various formats to facilitate collection fo statistics.

Feature Specifications Topology and Networking Topology Bridge mode Transparent/reverse proxy mode (inline) Router mode Reverse proxy mode (inline) Passive mode Networking Management Static IP Bonding (Link Aggregation)/LCAP Bridge Trunk (802.1q) Policybased route ARP DNS server Security Web Security Protection against cookie injection, command injection, XSS, etc. Blocking invalid file upload, such as Web shell upload Filtering sensitive words in HTTP request and response body Blocking information leakage, malicious code, weak password attacks, etc. Limiting the action of Web crawler and scanner Traffic blocking: redirection to error page, TCP reset, redirect to URL; block source address, etc. HTTPS offloading and acceleration Support zero-day attack detection by abnormal behavior analysis technologies Support positive security model to configuration automatically by self-learning Support the protection of multiple virtual hosts on one server Strict protocol validation Brute force attacks mitigation Anti-DDoS Networking Security Access Control List IP blacklist/whitelist URL blacklist/whitelist Logging, Monitoring & Reporting Logging & Monitoring Structured system log SNMP (v2/v3) CPU usage Memory usage Disk usage HTTP CC number I/O usage Reporting Support log query by year, month and week Support log query by attack time, site, page, attack type and time, etc. Support report exported as.pdf,.html,.csv and.doc

Product Specifications AWF Series Model 1500 3500 5500 Fixed I/O 6x1GbE 6x1GbE 2x1GbE Optional LAN Interfaces (1GbE Copper) Optional LAN Interfaces (10GbE Fiber) 4 4 or 8 4 or 8 4xSFP 4xSFP, 8xSFP 4xSFP, 8xSFP, 2xXE Bypass Pair 2 2 (up to 4) 2 (up to 6) Maximum Throughput (Single 32KB HTML page) L3 Maximum Throughput (Mixed Traffic) Maximum Requests per Second (Keep-Alives Enabled) Maximum Concurrent Connections Number of Protected Web Servers 600Mbps 1.2Gbps 5Gbps 2.5Gbps 4Gbps 9Gbps 10,000 30,000 60,000 800K 1M 2M 32 256 1024 Dimensions 2U: 17.7 W x 16.9 D x 3.5 H 2U: 17.7 W x 16.9 D x 3.5 H 2U: 17.7 W x 16.9 D x 3.5 H Maximum Power Draw 250W 350W 350W Power Supply Redundancy No Yes Yes Weight 6.6 lbs. 6.6 lbs. 17.6 lbs. Environmental Operating Temperature: 5º to 40ºC. Operating Humidity: 20% to 90% Supported Hypervisors (64-bit only) Virtual Machine Requirements vawf vawf virtual application delivery controllers support all AWF features. VMware ESXi 4.1 or Later KVM 1.1.1-1.8.1 or later 2 Virtual CPUs 2GB RAM

1371 McCarthy Blvd. Milpitas, CA 95035 Phone: (408) 240-8700 Toll Free: 1-866-MY-ARRAY www.arraynetworks.com VERSION: NOV-2015-REV-A 2015 Array Networks, Inc. All rights reserved. Array Networks and the Array Networks logo are trademarks of Array Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners. Array Networks assumes no responsibility for any inaccuracies in this document. Array Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information