A complete, affordable, out-of-box compliance solution, SonicWALL® Web Application Firewall Service leverages your existing infrastructure as a licensable add-on module to the SonicWALL Secure Remote Access platform.
At a Glance:
» Open Web Application Security Project
As Web 2.0 applications emerge as the platform of choice for businesses and consumers, they increasingly become a target for criminal attacks such as SQL injection, parameter manipulation, cross-site scripting and Denial-of-Service (DoS). While small- to medium-sized businesses (SMBs) are increasingly adopting a Web presence, they often lack the in-house capabilities to keep up with the rapidly evolving challenges of Web security. Regulatory compliance mandates make Web application attacks particularly onerous for financial, healthcare, and application service providers, as well as e-commerce businesses.
A complete, affordable, out-of-box compliance solution, SonicWALL® Web Application Firewall Service leverages your existing infrastructure as a licensable add-on module to the SonicWALL Secure Remote Access platform. Utilizing a dynamically updated signature database to detect sophisticated Web-based attacks and protect Web applications including SSL VPN portals, SonicWALL Web Application Firewall Service applies reverse proxy analysis of Layer 7 traffic against known signatures, denies access upon detecting Web application malware, and redirects users to an explanatory error page.
|» Open Web Application Security Project (OWASP) Top 10 Vulnerability Protection addresses leading security risks based on prevalence and severity of attacks, as included in PCI DSS 6.6 and other industry standards.||» Acceleration features include content caching, compression and connection multiplexing, and improve the performance of protected Web sites, significantly reducing transactional costs.|
|» Cross-site request forgery protection blocks this sophisticated type of Web site attack.||» Comprehensive audit log makes logging and reporting available for auditing, compliance and reporting purposes.|
|» Flexible policy settings enable administrators to apply signature settings based on threat severity as well as set Exclusion List per signature.||» Session management allows administrators to set global timeouts based on user inactivity.|
|» Anti-evasion measures normalize requests (e.g., standardizing encoded or suspect character sets or path names) prior to analysis.||» HTTPS inspection can block attacks embedded into SSL-encrypted packets.|
|» Strong Authentication and Authorization to any internal or external Web site (e.g. e-commerce Web sites). This supports compliance initiatives by preventing unauthorized access to your internal and external Web sites. Authentication support includes token-based two-factor authentication, client certificate authentication and tokenless one-time passwords. Granular Access Policies can authorize access to various Web servers based on Hostname, Subnet, IP Address, Port and URL Path.||» Robust dashboard provides an easy-to-use Web-based management interface featuring status page overview of all monitoring and blocking activities such as signature database status information and threats detected and prevented since boot-up.|
|» Information disclosure protection can block access to Web sites containing administrator-defined keywords or phrases, preventing leakage of sensitive information.||» Automatic signature updates ensure up-to-date protection by enabling administrators to schedule automatic updates for Web application malware signatures.|