Traditional web application security solutions do not provide the visibility and insights administrators need for effective protection of web applications. WAF network security has been around for a long time but appliance-based web application firewall (WAF) solutions are black boxes when it comes to delivering security insights about applications.
Enterprises need real-time insights into application-specific traffic, security, and user experience, to identify and protect against the most sophisticated attacks. Writing policies and rules for WAF network security is increasingly complex. Older web application firewalls can slow traffic and application performance. Companies that switch to web based applications need additional protections, but as many as 60 percent have security vulnerabilities because they haven’t found an easy security solution.
Avi iWAF Security Solution
Avi iWAF protects web applications from common security vulnerabilities as identified by Open Web Application Security Project (OWASP), such as SQL Injection and Cross-site Scripting (XSS), while providing the ability to customize the rule set for each application.
Avi’s Intelligent WAF leverages the architectural advantages of the Avi Vantage Platform, which uses its strategic location in the application traffic path to gain real-time application security insights. Avi extends this architectural advantage to WAF network security. Cloud WAF solutions are needed when enterprises migrate to the public cloud. Avi iWAF is an effective cloud WAF solution given the platform’s multi-cloud capabilities. Avi iWAF provides visibility to traffic flows that match security rules and simplifies policy customization and administration through central management.
Advantages of Avi’s Intelligent WAF Security
- Central management of all distributed WAF instances
- Point-and-click policy configurations with rule exceptions customizable for each application
- Granular application security insights on traffic flows
- Scalable WAF capabilities with per app deployments
- Input protection — SQL Injection, Cross-site Scripting (XSS), PHP code injection, path traversal and session fixation
- HTTP validation — Encoding bypass detection, HTTP response splitting and HTTP parameter pollution
- Data leakage protection— Protection against leakage of personally identifiable information such as credit card or SSN numbers
- Automated attack blocking— Scanner detection and blockage of brute force attacks.
IP protection — GeoIP blocking
- Application specific security— Drupal, WordPress, etc
- Analytics-driven security policies with automatic configurations
- High-performance web application firewall with per-app deployments
- Elastic scaling with closed-loop security analytics across data centers
- Security insights help elimination of false positives
Intelligent WAF Security with Point-and-Click Simplicity
The Avi iWAF is an important source of application security enforcement and intelligence. Learn more about iWAF benefits and how you can secure your web applications and achieve compliance:
- Point-and-click simplicity for policies with central control.
- Elastic scale with highly performant, automatic scale-out architecture.
- App insights on traffic flows and rule matches to enable precise policies.