What Does Cloud WAF Service Do?
Always-On Cloud-Based Web Application Firewall Service
Protecting web assets poses a daunting challenge. As the threat landscape rapidly evolves, attacks are growing in complexity and persistency, and zero-day attacks swiftly exploit newly-discovered vulnerabilities. This accelerated change of both attack vectors and assets rapidly renders any static web security solution obsolete. Successfully accommodating for rapidly evolving web security requires a new model: continuous readiness through automatic dynamic adaption.
Based on Radware’s ICSA Labs certified market-leading web application firewall, Radware's Cloud WAF service provides full coverage from all OWASP top-10 attacks. The service implements both negative and positive security models, by utilising its unique ability to automatically adapt to the continuously changing threat landscape and defendable on-line assets.
Built with state-of-the-art machine learning technologies, Cloud WAF Service automatically detects application domains, analyses potential vulnerabilities, and assigns optimal protection policies. The service continuously monitors and analyses application usage patterns, and generates granular baselines for legitimate traffic. This allows rapid detection and mitigation of zero-day attacks, and continuous fine-tuning of security policies due to changing application usage patterns.
What Makes Cloud WAF Service Better?
Peace of Mind is Just a Click Away
Activated through a simple DNS change, with no additional hardware or software installed, Cloud WAF Service is easily deployed and rapidly provides web security coverage. The service's portal provides unmatched ease-of-use and detailed visibility into real-time attack alerts and statistics to support future planning. Real-time attack alerts provides information about type of attack, assets at risk, and how Cloud WAF Service is responding. A team of web security experts, the Emergency Response Team, further supports mitigation of attacks, forensic analysis and future planning.
Fully Managed Security Service
Includes 24x7 support, proactive log review and analysis, system monitoring, and auto policy generation. The service gives organisations full support and service before, during and after attacks and is backed by Radware's Emergency Response Team (ERT).
Unmatched, Adaptive Web Application Protection
The Hybrid Cloud WAF Service is based primarily on Radware’s web application firewall – AppWall. It is ICSA Labs certified and the only WAF in the cloud that provides full coverage from the OWASP top - 10 attacks. It supports both negative and positive security models and the unique ability to generate policies automatically.
Easy, Flexible Model
The service is offered in a simple, OPEX-based model with three packages to choose from. Setup has no deployment process or download/install of items needed. Cloud-based customer portal gives visibility and insights into application security.
Unified, Hybrid Solution
The same market-leading WAF technology used by both on-premise appliances and as a cloud service, provides unified protection with no security gaps between on-premise and cloud-based applications and facilities quick and easy migration of applications to the cloud.
Preemptive Attack Intelligence
Continuously mining data in numerous Web and Darknet resources, Cloud WAF Service proactively provides preemptive attack intelligence and automatically raises defense levels before suspected attacks are launched.
Always-on DDoS Protection
Utilising DefensePro, Radware’s market-leading DDoS attack mitigation technology, the service includes anti-DDoS, Network Behavioral Analysis (NBA) and IPS technologies to protect from network and application downtime, application vulnerability exploitation, malware spread, network anomalies, information theft and other emerging cyber-attacks.
Cloud WAF Service Offering
Radware's Cloud WAF Service is available in three packages; with degrees of protection, customisation and support.
Offers a policy per domain where the policy is configured to secure against zero-day attacks on top of the attacks blocked in silver and gold levels (e.g. Application pages and parameters profiling, cookies protection, XML and web services configuration).
Offers a policy per domain, where the policy is configured to secure against data and access centric attacks in addition to the common web attacks (e.g. Application Access Control, Data Leakage Prevention, Login Page protection, Cross Site Request Forgery).
Offers a single policy per customer, where the policy is configured to secure against common web attacks (e.g. SQL injections, XSS).
DDoS protection of up-to 1Gbps of attack traffic is included in all packages. This includes behavioral network and application layer DDoS protection with network challenge-response. Added protection from volumetric DDoS attacks is available through Radware's DefensePipe– an in-the-cloud attack scrubbing service that protects the Internet pipe. The service is based on the amount of legitimate traffic and provides protection from unlimited attacks per month.