Cloud MTS

Multi-level protection of websites and public web resources

Business-critical web applications and websites

Public web applications with implemented business logic

B2B applications with businesses generating leads directly

What tasks does WAF Premium solve?

Neutralizes risks from the OWASP Top 10 list

WAF Premium uses a variety of multi-level protection mechanisms: dynamic and signature analysis, configurable security rules, etc.

Suppresses botnet activity

Blocks any suspicious activity based on the browser's digital characteristics, for example, by time zone, language, version, extension list.

Identifies vulnerabilities

WAF Premium uses a passive scanner to identify vulnerabilities and prevents usage of detected errors due to virtual patching.

Protects against attacks

By using the search method, WAF Premium protects against attacks and scanning directories by file names on web application servers.

Prevents the compromised data usage

WAF Premium prevents attempts to use compromised accounts by applying proprietary databases and pre-configured correlation rules.

Test drive 30 days

WAF Premium as a service is a turnkey outsourcing

Requires no maintenance by the customer, only statistics checks in a convenient personal account

Requires no staff expansion, WAF operation and customer's expert knowledge on web application attacks

No additional expenditure for computing resources - all rates include the infrastructure cost

Test drive 30 days

The tasks we undertake

Fine tuning

Configuration management and configuration changes in the protected web applications at the client's request.
Individual protection profile development for each web application.
Configuring traffic flow through WAF Premium nodes, considering peculiarities of the client's web applications.

Solution operation and maintanance

Detection of false alarms of filtering mechanisms, adjusting and updating the protection profile depending on the traffic peculiarities.
Blocking vulnerabilities detected in course of traffic analysis.
WAF Premium components scaling in the light of increasing loads on the web application.

Monitoring and incident response

Definition of availability monitoring metrics and performance of WAF Premium components, their collection and storage.
Monitoring and incident response 24/7.
Reporting on detected incidents.

Server infrastructure

Required server capacity in a fully reserved version.
Instant scaling of resources depending on the traffic growth.
Traffic balancing.

Get advice

How WAF Premium Works

Zoom

Web traffic incoming to the protected web application passes through the WAF Premium filtering nodes.

All incoming requests are checked according to the configured security policy.

Any malicious activity is blocked without disrupting the web application operations.

Results of WAF Premium's work, including activity related to attack repulsing, analytics, details and reports, are recorded in the personal account.

Get advice

The personal account makes it possible to

Zoom

Get real-time information about attacks

Train WAF based on the false triggering basis

Create filtering rules and virtual patches

Analyze statistics on abnormal activity

Generate well-structured, informative and comprehensible reports in automatic or manual mode

Get access

How to connect the service

Fill in the questionnaire with mandatory information to configure the filtering nodes.

Provide the SSL certificate and the protected web application's key to the MTS cloud team.

Wait for the filtering nodes to be configured for your web application.

Get a protected WAF Premium IP address.

Run static testing and check the correct operations of your web application

Configure a DNS record for your web application.

Make sure that web traffic passes through the WAF Premium filtering nodes.

The MTS cloud team monitors the web application traffic for two weeks, analyzes false triggering, and makes changes in the protection policy, if necessary. Then, WAF Premium is switched to the blocking mode by agreement with the customer.

Get advice

Billing peculiarities

Billing is performed according to the fixed monthly payments. The service price includes the cost of infrastructure capacity for back up WAF filter nodes operations. All operations performed by MTS are also included in the WAF Premium service uniform rate:

The WAF software configuration
Operating the WAF software
Monitoring and responding to information security events

Rates

Rate for one application	Cost	Cost
100 RPS	120 000	144 000
200 RPS	136 000	164 000
300 RPS	150 000	180 000
400 RPS	162 000	195 000
500 RPS	173 000	208 000
700 RPS	182 000	219 000
800 RPS	203 000	244 000
900 RPS	213 000	256 000
1000 RPS	222 000	267 000
"Each additional application (2nd and 3rd level domain)"	49 000	59 000

Get access

Service Manager

Alexander Karpuzikov

Responsible for the project direction of MTS cloud. Implements such complex projects as HaaS, Private Cloud, SAP Hosting, including consulting and professional services. Over 10 years of experience in the cloud technologies. Has many years of experience in the telecommunications industry. Since 2018, in PAO MTS has been responsible for developing information security products of MTS cloud provider. The division manage for additional information security services for IaaS/PaaS/DPC and commercial SOC development in PAO MTS.
Author of a number of articles in specialized media and Habr, a regular participant and speaker at conferences in the Telecom and IS fields.

Advice on your project