First, Product Overview
According to authoritative analysis of the report pointed out:
·WEB vulnerabilities accounted for more than 50% of the total number of vulnerabilities found
·7More than 75% of attacks are directed at WEB applications
·90% of WEB sites have vulnerabilities vulnerable to application attacks
·Every year, 80% of organizations suffer from attacks on WEB application securit
The above data show that with the rapid development of the Internet, WEB applications have occupied the mainstream position in network applications, however, most of the sites have different levels of security vulnerabilities. As a result, WEB applications will become the number one target of hacker attacks.
WEB application security protection system (referred to as TopWAF) is the company based on the current Internet security situation, and after years of technical accumulation, research and development of professional WEB threat protection network security products.
TopWAF is the WEB security team tailored for the "web based" server tailored industrial products, bringing together the company's long-term research on the field of web systems and WEB security. The main products from the website of system availability and reliability of the information point of view, to meet the core needs of users for the WEB threat protection, optimize the performance of WEB and WEB data analysis and other functions, is committed to all kinds of websites provide comprehensive security protection and optimization of business solutions.
Second, product function
Protection protocol type · HTTP/HTTPS Site scanning · Vulnerability scanning · Page tampering scan · Illegal information scanning WEB attack protection · SQL injection attack protection · XSS attack protection · Other HTTP protocols attack protection · DDOS attack protection · Burglar chain · Anti crawler · Malicious scanning attack protection Webpage tamper proofing · Web Prefetching · Tampering with page redirection · Tamper with page automatic recovery Website optimization · App acceleration · Server load balancing | Deployment mode · Serial / bypass Behavior audit · Access logs for more than 90 days · Illegal information filtering in real time · illegal information logging Site operation monitoring · Site fault monitoring · Visitor monitoring · Network traffic monitoring · Response time monitoring Exception event alarm · Mail alert · SMS alert · SYSLOG alarm · SNMP alarm · alert attacker page Business intelligence analysis · Web site data intelligence analysis · Web security data intelligence analysis · Web site management data intelligence analysis |
Third, product advantages
■ Site safety and Optimization - complete solution
· Check site security issues regularly, automatically generate security reports, administrators can report content and security experts advice on the site to repair;
· real-time protection of various WEB application attacks, DDOS attacks and other acts, to ensure the normal operation of the site;
· provide web tamper proofing, and even if a site is successfully attacked, it will not cause any adverse effects, and the system will prevent the flow of tampered pages;
· Cache and related algorithms mirror and manage the static content of the web site to speed up the user access and reduce the burden on the WEB server.
■ The application of WEB attack protection - Comprehensive
· TopWAF focuses on hacking attacks on Web applications and attempts to invade web servers. Safety rules for comprehensive coverage of OWASP TOP 10, such as SQL injection attacks, cross site attacks XSS attack;
· TopWAF through the realization of URL level access control, to detect the client request, if you find pictures, video and other resources information HTTP requests from other websites, to prevent hotlinking request, save bandwidth and performance due to the depletion of resource stealing links.
·The TopWAF crawler acts into search engine crawlers and scanner crawler, can shield specific search engine crawlers to save bandwidth and performance, also can shield scanner reptiles, avoid website is malicious to crawl the page.
· Detection of TopWAF can shield the Web scanner such as Acunetix Scanner and Web Vulnerability IBM AppScan, effectively prevent the attacker to replace the Web homepage, steal, destroy the site administrator password attacks using the scanner data.
■ "Real" double door website"
·Using advanced proxy protection mode, the site user will not directly access the source station server, and TopWAF will act as the website "substitute" for request response and threat filtering;
·conduct in-depth compliance checks for WEB requests, such as request header length, Cookie parameters, HTTP protocol parameters, and active defense against a variety of hacker attacks.
·Filtering the WEB server to return traffic, hide server-side information, and prevent sensitive information from leaking;
·Decrypt the HTTPS protocol, check and restore the application data, completely solve the encryption information protection problems;
■strong anti attack capability DDOS
· DDOS attack fingerprint intelligent identification, accurate positioning of attack types, and trigger different defense mechanisms, while improving efficiency, while ensuring protection accuracy;
· The intelligent recognition of abnormal traffic flow based on the new data mining DDoS attack blind detection technology can identify the abnormal traffic automatically, in real time, automatically and effectively;
· The characteristics of DDOS attack are deeply excavated. Through analyzing the network traffic, the system excavates the attack characteristics and transfers the attack characteristics to the rule execution machine for efficient execution;
· DDOS attack traffic accurate filtering, for the detection of attack traffic, the use of rules enforcement machine technology, accurate and thorough filtering of attack traffic, release normal traffic, and ensure the normal service of the site;;
■ Business intelligence analysis and monitoring - leading alarm system
· Multi angle decision support data, covering the website business, security and management three aspects, through the data of fine granularity analysis, for the website managers to provide targeted decision-making basis;
· Clear and detailed phase reports, rich in statistics, professional, intuitive display effect. TopWAF can be used as a professional website audit system;
· The application status of the site real-time monitoring, timing detection server access, the site access request, response time and application traffic, real-time monitoring, more than pre-set threshold, timely alarm;
· Website exception event alarm mechanism, support mail and SMS alerts, ensure that the event occurs for the first time to notify the administrator;
■ On site operation - "zero impact"
· supports transparent deployment patterns, plug and play, without tweaking the site topology;
· There is no need to install any software on the web server, which does not affect the normal release and update of the content of the website;
· Do not occupy server-side resources, optimize website performance, and ensure service stability;
· Provide redundancy program such as double-click, hot standby and network port Bypass, so as to avoid single point of failure;
Fourth, typical deployment
TopWAF supports a variety of deployment methods, adapt to all kinds of WEB network structure, can be deployed flexibly according to the actual network environment.
Transparent bridge deployment
Transparent mode is the most convenient way to deploy. This approach is recommended when rapid deployment of TopWAF is needed in a system that has already been delivered. When transparent mode is selected, the TopWAF works at the link layer and does not need to make any adjustments to the server and other network devices.
Reverse proxy serial deployment
For some web systems consisting of multiple WEB servers, TopWAF devices can be deployed in reverse proxy mode. By configuring the proxy port and setting the address mapping rules, you can accept and filter the client's connection request to the WEB server as the reverse proxy server of the WEB server. On the premise of ensuring the security of WEB application, the server load balancing is realized by using a variety of built-in algorithms, and the deployment diagram is as follows:
Reverse proxy bypass deployment (single arm mode)
When deployed in one arm mode, the security audit or protection of the WEB server is realized by traffic traction. At the same time, this deployment avoids unprotected traffic (non site protocol traffic) through the TopWAF to save device performance resources.