SSL VPN Secure Remote Access Security Services SRA Web Application Firewall (WAF)
More and more, web applications are becoming a target for criminal attacks such as SQL injection, cross-site scripting (XSS), cookie tampering, as well as credit card and Social Security Number theft. The Dell™ SonicWALL™ Web Application Firewall (WAF) Service offers a complete, affordable, out-of-box compliance solution for businesses and MSPs that is easy to manage and deploy, while protecting web applications against threats and attacks. It leverages your existing infrastructure as a licensable add-on module to the Dell SonicWALL Secure Remote Access platform.
Dell SonicWALL WAF offers a host of functionality in the following areas:
- Traffic Inspection
- Application Delivery and Performance
- Access Control
- Redundancy and Availability
Learn more from the WAF Data Sheet
Balancing compliance and performance.
Keeping up with regulatory compliance mandates and guarding against web application attacks is a constant challenge for financial, healthcare, and application service providers, as well as e-commerce businesses. Utilizing a dynamically updated signature database to detect and protect against sophisticated web-based attacks, the Web Application Firewall Service applies reverse proxy analysis of Layer 7 traffic against known signatures, denies access upon detecting web application malware, and redirects users to an explanatory error page.
The WAF Service is capable of using custom rules to protect against day-zero vulnerabilities. Additionally, administrators can use Geolocation and Botnet filtering to create and enforce policies to block connections from a specific geographic region or from systems known to be infected with malware.
Acceleration features, including content caching, compression and connection multiplexing, improve the performance of protected websites, significantly reducing transactional costs.
OWASP, HTTPS and more.
Enhanced Open Web Application Security Project (OWASP) Top 10 Vulnerability Protection addresses leading security risks based on prevalence and severity of attacks, as included in PCI DSS 6.6 and other industry standards. HTTPS inspection can block attacks embedded into SSL-encrypted packets. Dell SonicWALL’s award-winning WAF Service can protect against sophisticated attacks such as Cross-site Request Forgery (CSRF) . Information disclosure protection can block access to websites containing administrator-defined keywords or phrases, and CC/SSN protection can help in web-based Data Leak Protection (DLP) by preventing leakage of user sensitive information.
Strong authentication and authorization.
Strong authentication and authorization to any internal or external website (e.g., e-commerce websites) support compliance initiatives by preventing unauthorized access to internal and external websites. Authentication support includes token-based two-factor authentication, client certificate authentication and tokenless one-time passwords. Granular access policies can authorize access to various web servers based on hostname, subnet, IP address, port and URL Path.
Dell SonicWALL’s Web Application Firewall Service is capable of following both positive and negative security models. In addition to having a constantly updated signature database, it also supports custom rules that allow administrators the flexibility of being able to define the type of web traffic that should be allowed or restricted.
Adaptive application profiling.
Application profiling automatically suggests custom rules by intelligently learning from multiple offloaded web applications while also providing the ability to manage the generated custom rules on a per-portal basis. This makes it easy for administrators to understand the nature of the web traffic hitting their servers and to automatically create rules.
Robust and easy to manage.
A robust dashboard provides an easy-to-use web-based management interface featuring status page overview of all monitoring and blocking activities such as signature database status information and threats detected and prevented since boot-up. Automatic signature updates ensure up-to-date protection by enabling administrators to schedule automated updates for web application malware signatures. Flexible policy settings allow administrators to apply signature settings based on threat severity as well as set Exclusion list per signature.
Comprehensive tools makes logging and reporting available for auditing, compliance and reporting purposes. PCI Reporting makes it easy to generate PDF reports offering greater insight into compliance levels reached with your current WAF configuration.
Session management allows administrators to set global timeouts based on user inactivity. Anti-evasion measures normalize requests (e.g., standardizing encoded or suspect character sets or path names) prior to analysis.