For a long time, websites in many units and departments have been infected by Trojans and often maliciously tampered with by hackers. As the website is the first facade of external communication, website security is always a sword hanging on the head of the Network Center Administrator!
Isn't website security really reassuring?
Of course!
A few days ago, leading network equipment and solutions provider ruijie Network launched the portal website security patron saint-RG-WG series ruijie webGuard application protection system, to make up for the traditional Website Security Protection Mechanism vulnerabilities, free network administrators from endless worries!
According to ruijie network outlet and security product manager, RG-WG series ruijie webGuard application protection system is ruijie network equipment designed specifically to solve the preceding web application security problems. Based on Two-way Detection and Analysis of HTTP/HTTPS traffic content, ruijie webGuard identifies and detects various types of web encoding, interaction technologies, URL parameters, and form input, provides real-time and dynamic active protection for web applications. The current RG-WG series has three models: RG-WG1000, RG-WG2000 and RG-WG3000, provide web Application Security Solutions for networks of different sizes.
In addition, compared with traditional web Application Security Protection Measures, ruijie webGuard performs real-time analysis, detection, and filtering of HTTP/HTTPS traffic-related content on inbound and outbound web servers, to precisely identify and prevent web application intrusions, block malicious access to web servers and illegal operations, and adapt to the Active Real-time Monitoring and filtering risk technology in the web era, instead of passively recovering from attacks. It can combine various factors, such as malicious code, unauthorized tampering, and application attacks, to prevent multiple web servers and maximize the security of web applications. It also prevents webpage content tampering, website database content leakage, password cracking, and System Administrator permission theft, prevent websites from being infected with Trojans, viruses, malicious code, and spyware, prevent user input information leakage, prevent account theft, prevent SQL injection, and prevent XSS attacks.
Main features:
High-performance product platform
RG-WG adopts multi-core hardware architecture, optimizes and rewrites the TCP protocol stack and supports multi-core RGOS, which is the technical guarantee of ruijie webGuard high performance.
The parallel multi-core controller identifies sessions and distributes data packets in a balanced manner based on a quintuple. It gives full play to the multi-core performance and achieves a processing performance of up to 10 Gigabit throughput.
Optimized and rewritten user-mode TCP Stack. TCP Stack is completely isolated from each other in process space, breaking the limitations of the traditional Kernel TCP Stack shared data lock.
Defense against web page tampering
RG-WG adopts the double-layer strategy of Defense beforehand and recovery afterwards. It can both prevent and recover pages before and after events.
The RG-WG parses web interaction information based on DDSE (deep decoding scanning engine), and filters the attack form Logic Based on decoding to realize HTTP deep recognition.
Website stealth prevents attackers from obtaining server information, preventing penetration scans before attacks, and exposing system architecture to web server error information, so as to prevent further attacks.
The virtual patch technology protects web application service platforms such as operating systems, databases, Apache, and IIS to avoid system risks caused by attacks on the web application service platform.
Dangerous File Download detection, blocking the download of dangerous files such as databases, prevent attackers from downloading sensitive internal information such as user passwords.
Compliance check
Meets the compliance check requirements for webpage tamper-proofing.
It not only recovers after the event, but also protects the event beforehand to defend against attacks detected by compliance checks.
Prevent website Trojans
Detects and filters embedded programs such as ActiveX, JAVA Applet, and iFrame, gets stuck with the attack source, and prevents websites without Trojans.
The website trojan detection engine monitors and diagnoses website pages, and promptly discovers websites that have been infected before webGuard is deployed.
Web Server Protection
Protect IDC hosting equipment rooms, various commercial and business servers, and protect various web servers, such as online banking, high-quality course servers, game servers, and enterprise ERP systems.
Built-in anti-virus Gateway
Built-in multiple Malware detection rules to intercept ASP or PHP backdoor viruses in real time-to prevent web management permissions.
Prevent websites from being infected with Trojans and prevent websites from becoming the source of Malware release-to avoid reputational loss and customer business loss.
Cookie Protection
Verify the Cookie content to prevent Cookie tampering, verify the Cookie content and Client IP address to prevent Cookie hijacking, and encrypt the Cookie content to prevent Cookie content Leakage
Prevent Cookie content leakage, prevent Cookie tampering, prevent Cookie hijacking, and prevent attackers from impersonating legitimate users. Verify the Cookie content and Client IP address, and encrypt the Cookie.
Keyword Filtering
Content keyword filtering prevents websites from being uploaded with reactionary, violent, pornographic, and other types of keywords, affecting social harmony.
Protocol keyword filtering allows users to customize keyword content and customize special protection functions for personalized business systems.
Rich access reports
RG-WG provides a wide range of web server access logs and reports, provides virus detection logs and reports, web attack detection and defense logs and reports, also provides device operation and load statistical charts, this not only facilitates the Administrator's O & M of web servers, but also facilitates the Administrator's O & M of webGuard itself.
Through the webGuard Access Report, the administrator can know who the website is accessed and the attack source, so as to improve the website accordingly.
Comprehensive black/white list Functions
The RG-WG can automatically add the source IP address confirmed as the attack to the blacklist, and provide automatic unblocking time, without any manual operation, greatly facilitating the Administrator's maintenance and management.
RG-WG can customize website management page access IP, prevent non-website administrator access website management page, thus preventing attackers directly modify the website page.
Easy deployment
The RG-WG supports configuration-free initial operation. If the user is not a security expert, the default configuration can prevent most attacks.
Multiple built-in AttacK Defense models are used to identify and match application logic based on web interaction content to locate attacks, which are not associated with the server itself. It is easy to implement default protection for web sites. Different protection rules can be formulated based on different website protection requirements.