NSFOCUS Web Application Firewall (WAF)

The WAF serves as an essential part of an intelligent hybrid security architecture by providing advanced inspection and specialized security for the web application layer. It also includes up to 1 Gbps of DDoS protection from other volumetric and application layer attacks, including TCP flood and HTTP/S GET/ POST floods. Additionally, if deployed in conjunction with a higher capacity NSFOCUS ADS Series Anti-DDoS appliance, the WAF can direct flows in real-time to the ADS to keep your servers running under the most extreme conditions. Features and Benefits Prevent Theft of Critical Data Data breaches are extremely complex and surprisingly frequent. The NSFOCUS WAF offers powerful protection against web attacks with a complete set of signatures for web vulnerabilities and the ability to detect unauthorized file uploads. WAF enforces access control policy from layer 4 through layer 7, to prevent access to data without proper authorization. In the later phases of an attack, WAF provides outbound data leakage detection, including illegal file download detection, web shell prevention, and filtering of sensitive information (such as credit card numbers and social security numbers). Ensure Website Availability The NSFOCUS WAF offers a built-in anti-DDoS module to protect against TCP flood attacks, HTTP/S GET/POST flood attacks and slow rate attacks up to 1Gbps. The WAF employs access rate thresholding, IP reputation and algorithm-based protection mechanisms. Coupled with the NSFOCUS ADS anti-DDoS product line, higher rate DDoS attacks can be thwarted. Close the PCI DSS Compliance Gap The NSFOCUS WAF provides reports for PCI audits as well as suggestions for policy tuning and configuration in order to help ensure compliance with PCI DSS. Protections like the cookie security feature within the WAF protects against cookie tampering and cookie poisoning in compliance with section 6.5.10 in the new PCI 3.2 standard.