Web Application Firewall

A Web Application Firewall is critical for protecting your web presence. Web applications are popular targets and often under constant attacks.

Protect your website from the malicious attacks, including OWASP Top 10 protection, HTML injection, directory traversal, command injection, JSON validation, SQL injection and cross-site scripting.

We offer the following deliverables within this service:

  • Hotline Support: day to day troubleshooting and support
  • Professional Services: build and design a highly resilient WAF with integrated content scanning, or assessment of the existing configuration
  • Managed Services: either a fully managed WAF service delivered from thecloud, or a managed on-prem WAF service
  • Solutions: best of breed products integrated to fir your demands for a secure web app

Services

Hotline

When things get complicated, we will support you and provide direct access to the vendor support.

Hotline is available via email, phone and our customer portal.

Response time is defined by the SLA you attach to the agreement:

  • 8 x 5 x 4
  • 24 x 7 x 4

Professional

Analysis & Design
We have years of experiences implementing and reviewing existing WAF implementations. Take advantage of our Professional Services team that will support you achieving your classic architectural tasks such as:

  • Security Architecture refresh
  • Integrate threat detection tactics into your web presence, such as Honey Tokens
  • Build WAF and content scanning policy for your web presence
     

Implement & Configure
If you buy the solution, we can do more than a simple Rack & Stack. We will support throughout the deployment and deliver a detailed set of system documentation. Deployments are always performed by combining best practices from the vendor with our own experiences. Typically we can estimate deployments beforehand and are delivered using fixed pricing.

We have the following deployment options available:

  • Small: 15 hours
  • Medium: 50 hours
  • Large: 100 hours
     

Review & Assess
Optimizing the current configuration and rulebase. We offer the following:

  • Blue Coat ProxySG Configuration Assessment

Managed

We deliver managed services either on-premises or delivered as a cloud service.

On-Prem Blue Coat ProxySG
Secu Web Application FirewallNo hardware or software changes required, simply update the DNS record of your web application and a security profile is applied instantly.

Technical Capabilities:

  • SSL Offload
  • Virtual Patching
  • Web Based Malware Detection
  • Webshell/Backdoor Detection
  • Botnet Attack Detection
  • HTTP Denial of Service Attack Detection
     

Service Capabilities:

  • Monthly Availability Objective: 99.95%
  • Monthly Reporting
  • Email Alerts
  • Customer Portal access

Technologies

Symantic

Symantic’s next-generation content nature detection engines represent a fundamental shift in attack detection technology. The advanced signature-less engines understand the nature of the content, making them robust against obfuscation and new attacks. The new engines also require less frequent updating and are less prone to false positives.

Gemalto WAF Capabilities:

  • OWASP Top 10
    • Protects your website from attacks, including OWASP Top 10
       

Protect

  • Analyze and scan inbound executables and files for malware to protect your infrastructure from concealed and disguised attacks and threats. Protect web infrastructure by isolating origin servers from direct Internet access, and scale web farms by off-loading user authentication, SSL tunnels and web content optimization
  • Improve application performanceAccelerate delivery of web applications and content through integrated caching, stream splitting, bandwidth controls, threat analysis of inbound and outbound web content, and a flexible policy language with unmatched user authentication options
     

Monitor and alert

  • Perform health checks on HTTP, HTTPS, TCP, ICAP and ICMP in order to monitor web content servers and proxy-related devices for the purpose of alerting administrators, including strict HTTP/HTML protocol validation from the server and client
  • Secure user access to web applications by using ProxySG as an SSL termination point with re-encryption to web servers, or a man-in-the-middle (MITM) configuration. ProxySG provides both server- and client-side certificate support, with web services encryption and decryption, and digital signature verification
     

Control

  • Apply policy to inbound connections, based on IP address, user agent, client geo-location, and almost any other characteristic of the incoming request
     

Built on the industry-leading ProxySG platform (including ASG and Virtual SWG), Blue Coat Web Application Firewall offers full OWASP Top 10 protection, along with advanced policy, control, accountability and performance features in a Web Application Firewall solution. Virtual deployment is available on VMware, Hyper-V and Amazon Web Services.