WAF (Web Application Firewall)

Protecting Web Applications from Web Vulnerability and Attacks

WAF service monitors the traffic of websites to protect web applications from attacks that firewalls and IDS have failed to block. Http/https-based security threats which target website vulnerabilities are instantly detected and blocked.

Overview

  • Robust Detection/Block

    By monitoring the ports 80 and 443 traffic of user-registered IPs, hacking attempts are detected in real-time. Attacks are defined as injection, XSS, or web scanning and so on based on the web firewall event analysis, and the IP that tries an attack on a registered URL is immediately blocked.

  • Reliable Web Service Operation

    Updates on firmware and web firewall signature patterns help manage failure of web firewalls. New web threats including the OWASP (Open Web Application Security Project) Top 10 and zero-day attacks as well as hacking attempts are detected to support efficient and reliable web service operation.

  • Convenient Security Management

    Real-time monitoring on various attack events are notified to the customer to enable preemptive response to security threat. Details of detected events (IP/Port, target IP, detected time, etc.) are displayed on the dashboard.

01

04

Service Architecture

  • Web Service Users → Internet → WAF, DDOS Protection → IDS Agent - Web Server(VM), IDS Agent - Web Server(VM), IDS Agent - Web Server(VM) → Security Log Collection → Control System : Control/Analysis Expert → Monitoring/Detection
  • Web Service Users → Internet → WAF, DDOS Protection → Security Log Collection → Control System : Control/Analysis Expert → Monitoring/Detection

Key Features

  • Intrusion detection and analysis based on registered URL monitoring

    - Categorize attacks with web firewall event analysis
    (e.g. SQL Injection, XSS, file include, file up download, web scan, etc.)
    - Block IPs that attempt to attack registered URLs
    - Provide 24/7/365 event monitoring and issue a warning in case of event detection
    (Emergency event warning : within 1 hour; General: within 4 hours after confirmation)

  • Web firewall operation

    - Update OWASP attack detection patterns
    - WAF failure management

  • Dashboard and report screen (attack type, target IP, alarm list, etc.)

Pricing

    • Billing based on maximum monthly traffic by URL
    • 4 ranges : 100Mbps, 300Mbps, 500Mbps, or 1Gbps
    • Yearly subscription (monthly billing
Let’s talk

Whether you’re looking for a specific business solution or just need some questions answered, we’re here to help

Share KakaoTalk Facebook Twitter Linkedin Close Share Box