While small and medium-sized businesses (SMBs) are increasingly adopting Web 2.0 applications, they often lack the in-house capabilities to keep up with the rapidly evolving challenges of Web security. More and more, Web 2.0 applications are becoming a target for criminal attacks such as SQL injection, parameter manipulation, cross-site scripting and Denial-of-Service (DoS). The SonicWALL® Web Application Firewall Service offers a complete, affordable, out-of-box compliance solution, leveraging your existing infrastructure as a licensable add-on module to the SonicWALL Secure Remote Access platform.

Balancing compliance and performance.

Regulatory compliance mandates make Web application attacks particularly onerous for financial, healthcare, and application service providers, as well as e-commerce businesses. Utilizing a dynamically updated signature database to detect sophisticated Web-based attacks and protect Web applications including SSL VPN portals, SonicWALL Web Application Firewall Service applies reverse proxy analysis of Layer 7 traffic against known signatures, denies access upon detecting Web application malware, and redirects users to an explanatory error page. Acceleration features include content caching, compression and connection multiplexing, and improve the performance of protected Web sites, significantly reducing transactional costs.

OWASP, HTTPS and more.

Open Web Application Security Project (OWASP) Top 10 Vulnerability Protection addresses leading security risks based on prevalence and severity of attacks, as included in PCI DSS 6.6 and other industry standards. HTTPS inspection can block attacks embedded into SSL-encrypted packets. Cross-site request forgery protection blocks this sophisticated type of Web site attack. Information disclosure protection can block access to Web sites containing administrator-defined keywords or phrases, preventing leakage of sensitive information.

Strong authentication and authorization.

Strong Authentication and Authorization to any internal or external Web site (e.g. e-commerce Web sites) supports compliance initiatives by preventing unauthorized access to your internal and external Web sites. Authentication support includes token-based two-factor authentication, client certificate authentication and tokenless one-time passwords. Granular Access Policies can authorize access to various Web servers based on Hostname, Subnet, IP Address, Port and URL Path.

Robust and easy-to-manage.

A robust dashboard provides an easy-to-use Web-based management interface featuring status page overview of all monitoring and blocking activities such as signature database status information and threats detected and prevented since boot-up. Automatic signature updates ensure up-to-date protection by enabling administrators to schedule automated updates for Web application malware signatures. Flexible Policy Settings enable administrators to apply signature settings based on threat severity as well as set Exclusion List per signature. Comprehensive audit log makes logging and reporting available for auditing, compliance and reporting purposes. Session management allows administrators to set global timeouts based on user inactivity. Anti-evasion measures normalize requests (e.g., standardizing encoded or suspect character sets or path names) prior to analysis.