Cloud MTS
Advice
Get consultation
Cloud services
Virtual desktop
Advanced services for providing employees with secure remote access to powerful virtual desktops and corporate client resources from any device, from anywhere in the world.
Network services
We provide a set of solutions for building and optimizing network infrastructure. This will enable you to implement the required connectivity between different services with certain quality parameters  quickly and efficiently.
Data storage and backup
Reliable and stable with MTS Cloud. We provide storage of all data types and volumes. This will enable you to work with data and applications quickly and efficiently.
Equipment rent
Proprietary services that will help to improve  efficiency of your IT departments.

WAF Premium

Cloud service to ensure continuous web application
protection from cyber attacks

  • using a package of technologies and operational management
  • round-the-clock outsourcing of monitoring, responding and repulsing web application attacks
  • continuous analysis of protected web applications' profiles
  • configuration and continuous updating of filtering rules on the client's waf
bg

Multi-level protection of websites and public web resources

Business-critical web applications and websites
Public web applications with implemented business logic
B2B applications with businesses generating leads directly

What tasks does WAF Premium solve?

Neutralizes risks from the OWASP Top 10 list

Neutralizes risks from the OWASP Top 10 list

WAF Premium uses a variety of multi-level protection mechanisms: dynamic and signature analysis, configurable security rules, etc.

Suppresses botnet activity

Suppresses botnet activity

Blocks any suspicious activity based on the browser's digital characteristics, for example, by time zone, language, version, extension list.

Identifies vulnerabilities

Identifies vulnerabilities

WAF Premium uses a passive scanner to identify vulnerabilities and prevents usage of detected errors due to virtual patching.

Protects against attacks

Protects against attacks

By using the search method, WAF Premium protects against attacks and scanning directories by file names on web application servers.

Prevents the compromised data usage

Prevents the compromised data usage

WAF Premium prevents attempts to use compromised accounts by applying proprietary databases and pre-configured correlation rules.

Test drive 30 days

WAF Premium as a service is a turnkey outsourcing

Requires no maintenance by the customer, only statistics checks in a convenient personal account
Requires no staff expansion, WAF operation and customer's expert knowledge on web application attacks
No additional expenditure for computing resources - all rates include the infrastructure cost
Test drive 30 days

The tasks we undertake

Fine tuning Fine tuning
  • Configuration management and configuration changes in the protected web applications at the client's request.
  • Individual protection profile development for each web application.
  • Configuring traffic flow through WAF Premium nodes, considering peculiarities of the client's web applications.
Solution operation and maintanance Solution operation and maintanance
  • Detection of false alarms of filtering mechanisms, adjusting and updating the protection profile depending on the traffic peculiarities.
  • Blocking vulnerabilities detected in course of traffic analysis.
  • WAF Premium components scaling in the light of increasing loads on the web application.
Monitoring and incident response Monitoring and incident response
  • Definition of availability monitoring metrics and performance of WAF Premium components, their collection and storage.
  • Monitoring and incident response 24/7.
  • Reporting on detected incidents.
Server infrastructure Server infrastructure
  • Required server capacity in a fully reserved version.
  • Instant scaling of resources depending on the traffic growth.
  • Traffic balancing.
Get advice

How WAF Premium Works

How WAF Premium Works Zoom
Web traffic incoming to the protected web application passes through the WAF Premium filtering nodes.
All incoming requests are checked according to the configured security policy.
Any malicious activity is blocked without disrupting the web application operations.
Results of WAF Premium's work, including activity related to attack repulsing, analytics, details and reports, are recorded in the personal account.
Get advice

The personal account makes it possible to

Get real-time information about attacks

Get real-time information about attacks

Train WAF based on the false triggering basis

Train WAF based on the false triggering basis

Create filtering rules and virtual patches

Create filtering rules and virtual patches

Analyze statistics on abnormal activity

Analyze statistics on abnormal activity

Generate well-structured, informative and comprehensible reports in automatic or manual mode

Generate well-structured, informative and comprehensible reports in automatic or manual mode

Get access

How to connect the service

Fill in the questionnaire with mandatory information to configure the filtering nodes.
Provide the SSL certificate and the protected web application's key to the MTS cloud team.
Wait for the filtering nodes to be configured for your web application.
Get a protected WAF Premium IP address.
Run static testing and check the correct operations of your web application
Configure a DNS record for your web application.
Make sure that web traffic passes through the WAF Premium filtering nodes.
The MTS cloud team monitors the web application traffic for two weeks, analyzes false triggering, and makes changes in the protection policy, if necessary. Then, WAF Premium is switched to the blocking mode by agreement with the customer.
Get advice

Billing peculiarities

Billing is performed according to the fixed monthly payments. The service price includes the cost of infrastructure capacity for back up WAF filter nodes operations. All operations performed by MTS are also included in the WAF Premium service uniform rate:

  • The WAF software configuration
  • Operating the WAF software
  • Monitoring and responding to information security events

Rates

Rate for one application Cost Cost
100 RPS 120 000 144 000
200 RPS 136 000 164 000
300 RPS 150 000 180 000
400 RPS 162 000 195 000
500 RPS 173 000 208 000
700 RPS 182 000 219 000
800 RPS 203 000 244 000
900 RPS 213 000 256 000
1000 RPS 222 000 267 000
"Each additional application (2nd and 3rd level domain)" 49 000 59 000
Get access

Service Manager

Alexander Karpuzikov
Alexander Karpuzikov

Responsible for the project direction of MTS cloud. Implements such complex projects as HaaS, Private Cloud, SAP Hosting, including consulting and professional services. Over 10 years of experience in the cloud technologies. Has many years of experience in the telecommunications industry. Since 2018, in PAO MTS has been responsible for developing information security products of MTS cloud provider. The division manage for additional information security services for IaaS/PaaS/DPC and commercial SOC development in PAO MTS.
Author of a number of articles in specialized media and Habr, a regular participant and speaker at conferences in the Telecom and IS fields.

Advice on your project