WANT PROTECTION THAT CAN STOP CYBER ATTACKS BEFORE THEY HAPPEN?
Complior can provide a Web Application Firewall (WAF), one of the many security measures we can set up to ensure the security of your organization’s IT environment.
WHAT IS A WAF?
A Web Application Firewall can be defined as a firewall for web applications; it is a way to protect network traffic on an application level using advanced traffic inspection. The WAF monitors and analyses web traffic and detect and deter web-based attacks such as SQL injections, cross-site scripting, parameter or URL tampering, session hijacking, and buffer overflows.
A WAF STOPS KNOWN ATTACKS AND PREVENTS UNKNOWN
A WAF allows you to, on a very detailed level, control access and decide what traffic should be blocked. The WAF provides additional protection against threats that an Intrusion Protection System (IPS) cannot prevent. We provide a secure WAF that not only stops attacks that are known to occur in web applications, but also detects and prevents new, unknown types of attacks. By monitoring traffic and the requests made for each incoming and outgoing packet, the WAF essentially creates a foundation of normal activity, and can then watch for any unusual patterns in traffic and defend against unknown attacks. A WAF is self-learning and offers companies flexibility since the settings can be changed over time.
WAF SOLUTION ALWAYS IN COMBINATION WITH LOAD BALANCER
Our Web Application Firewall is always combined with our Load Balancer (LB), which is a hardware-based load-balancing service with SSL acceleration. The WAF solution has to support failover and therefore works with load balancers to prevent disruption of service, so that we can always provide the highest availability of your protected applications. Both WAF and Load Balancers are critical for ensuring the security of a PCI environment.
WEB APPLICATION FIREWALL HELPS YOU FULFIL THE REQUIREMENTS IN PCI DSS
The Payment Card Industry Data Security Standard (PCI DSS 3.2) requirement 6.6 suggests “installing an automated technical solution that detects and prevents web-based attacks”. A WAF will help companies meet this PCI requirement.