WAF Overview and Requirements

The SonicWall WAF Series is full-featured web application firewall that arms organizations with advanced web security tools and services to protect their data and web properties against modern,web-based threats. It applies deep packet inspection of Layer 7 web traffic against a regularly updated database of known signatures, denies access upon detecting web application threats and redirects users to an explanatory error page. In addition, the SonicWall WAF also baselines regular web application usage / behavior and identifies anomalies that may be indicative of attempts to
compromise the application, steal data and/or cause a denial-of-service.

Benefits

• Web Application Threat Management
• Interrogate the behavior and logic of web communication beyond protocol activities
• Detect and alert on anomalies in web application behavior Web Application Protection
• Protect against known and zero-day vulnerabilities with virtual patching and custom rules
• Defend against latest vulnerabilities and threats outlined by OWASP Top Ten
• Preserve web servers integrity and performance against application DoS/DDoS attacks Data Leak Prevention (DLP)
• Prevent data theft via data masking and page-blocking techniques
• Bar attackers from gaining access to users’ accounts and all accounts on web servers with precise access security controls Accelerate Application Delivery
• Enable caching, compression and other HTTP/TCP optimizations to accelerate application delivery
• Reduce workload and boost performance by offloading SSL transactions
• Perform Layer-7 load balancing to distribute the load across clustered web servers

Deployment options

SonicWall WAF can be deployed on a wide variety of virtualized and cloud platforms for various private/public cloud security use cases. The WAF Series is available for deployment on the following platforms:

1. Private Cloud:

• VMware ESXi
• Microsoft Hyper-V

2.Public Cloud:

• Amazon Web Services (AWS)
• Microsoft Azure