What is a Web application firewall?

Source: Internet
Author: User

The Web should use a fireproof wall is a set of Web defenseProtection, netpageWarrantyProtection,LoadBalanced,delivery should be used in One integrated web security protectionProtective Equipmenta piece ofProduction Products .

Web firewall products deployed in front of the Web server, serial access, not only on the hardware performance requirements, and can not affect the WEB services, so ha function, bypass functionality is necessary, but also with load balancing, Web cache and other Web servers before the common product coordination deployment.

Webshould bewith fire protectionWallis mainlytheThe addition of web-specific intrusion methodsStrongAnti-Protection, such asDDoS Defense ,SQL injection, XML injection, XSS, and so on.

Web should be with fire protection Wall the function

1, proactive defense, intelligent analysis Apply defects, block malicious requests, prevent web tampering, block application attacks, and protect Web applications in all directions .

2, the intelligent response, rapid p2dr modeling, fuzzy induction and positioning attacks, to prevent the spread of risk, the elimination of "security incidents" in the bud.

3, post-mortem behavior audit, deep excavation access behavior, analysis of attack data, improve the value of the application, to assess the security situation to provide detailed reports.

4, customer-oriented application acceleration, improve system performance, improve the Web Access experience.

5, process-oriented application control, refinement of access behavior, strengthen the application of service capabilities.

6. Service-oriented load balancing , expand service capacity, adapt to the rapid growth of business scale.

Features of the Web application firewall

Anomaly Detection Protocol

Web application firewall detects HTTP requests for exceptions to reject requests that do not conform to the HTTP standard. Also, it can only allow partial options for the HTTP protocol to pass, thereby reducing the scope of the attack. Even some Web application firewalls can strictly limit the options that are too loose or not fully developed in the HTTP protocol.

Enhanced input validation

enhanced input verification can effectively prevent web page tampering, information leakage, Trojan horse implantation and other malicious network intrusion behavior. This reduces The likelihood of the Web server being attacked.

Timely patches

Patching web security vulnerabilities is the biggest headache for Web application developers, and no one will know what kind of vulnerabilities the next second will bring to the Web application. Now the WAF can do the job for us--as long as there is a comprehensive vulnerability information WAF can block this vulnerability in less than one hours.


What is a Web application firewall?

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.