SMB SSL-VPN: What features does SonicWall's Web Application Firewall support? (FAQ)
Frequently Asked Question:
What features does SonicWall's Web Application Firewall support?
- Protects against OWASP Top Ten vulnerabilities that includes protection from XSS, SQL Injection, and CSRF - Has Anti-evasive capability to catch threats within encoded and compressed input data because it normalizes the input from user before matching against signatures - Inspects SSL encrypted packets - Can provide strong authentication including Two factor authentication, One time passwords and Client-certificate authentication for Web applications - Inspects POST payload from user and response payload from Web server - Provides fine-grained access control based on various URL components like host, port and path. - Provides real-time protection with dynamic signature updates - Delivers Web applications to remote users securely by acting as an SSL Offloader
- Performs SSL hardware acceleration - Performs Content Caching for static content and SSL Session Caching - Performs GZIP compression, which significantly reduces bandwidth usage for remote users - Enables Connection Persistence and Connection Multiplexing with the backend - Supports Transfer-Chunk encoding needed to deliver large dynamic content
Note: These features optimize the data exchange between the client and the WAF even if backend Web servers do not support these features.
- Ability to configure global exclusions and exclusions based on signature, host and URL path. - Ability to enable or disable features based on severity (high, medium and low) - Built-in false positive detection system weeds out stale signatures and signatures with high false positive rate - Provides description of various threats and detailed information on prevalence, severity and remedial measures. - Ability to turn on and off auto-updates for signatures
- Reports incidence statistics - Event logging - GMS and Viewpoint Support