8 800 250-10-01Connect
Services
Project solutions
Partnertship
Support
Useful
Company
Оставить заявку
Eng

Web Application Firewall (WAF)

Web Application Firewall (WAF)

WAF is a platform for protection against attacks and vulnerabilities in web applications.

Web Application Firewall (WAF)

Exploiting vulnerabilities in corporate web resources is one of the most popular ways for attackers to break into the perimeter. Valarm-based cloud firewall (WAF) reduces costs and efforts to achieve a high level of site and web application security.

Automatic system for detecting attacks and unauthorized access attempts
Perimeter and vulnerability scanner
Single personal account for all protected applications and roles
Security status and incident report builder

Why does a web application need a Firewall?

Popular environment for attacks

About 70% of web applications contain critical vulnerabilities that can be used to access sensitive data

Rapid development

The vast majority of vulnerabilities are caused by errors in the source code. In the pursuit of functionality, developers often miss solutions to security issues

Point protection

Intrusion detection systems (IPS) are not suitable for protecting web applications, and conventional firewalls are useless against application vulnerabilities

Strong web applications protection

Protection against SQL injection, XSS, XXE, RCE and other threats OWASP Top-10

Prevent brute force, account theft, and other similar attacks

Detecting attacks on application logic

Continuous machine learning ensures constant updates of protection rules

Fast scaling by increasing the number of nodes and maintaining control over data

Low percentage of false positive results and automatic detection of valid false negative results.

Detailed Analytics on detected threats

Solution cost is significantly lower in comparison with hardware solutions

Works without signatures and confirms threats in real time

Technical characteristics

Errors and vulnerabilities detection

The DAST scanner detects application-specific vulnerabilities and uses knowledge warehouse on application logic.

Surface and potential attack visualization

Use of several variants of DNS & BGP queries along with other open sources. It visualizes the surface of a potential attack. Scanning determines configuration errors and serious vulnerabilities

Recognition of popular formats

All modern web application data formats are automatically identified and decoded, including XML, JSON, WebSockets, Base64, GZIP, VIEWSTATE, PHP, Java, and others

Infrastructure

01

"Web traffic goes through filtering nodes deployed in the client's infrastructure."

02

Filter nodes block attacks and send statistics on traffic to computing cluster (Valarm cloud).

03

Every 15 minutes Valarm Cloud updates blocking rules with the help of machine learning for each of the protected applications.

04

Vulnerability Scanner checks vectors of detected attacks for the presence of relevant vulnerabilities in the application

05

When an incident is detected client is notified

Rates

Basic WAF Service

  • Detecting a protecting against attacks on web applications module
  • Local intelligence module
  • Control module
  • Cloud-based analytics module
  • Crosschecking attacks module
up to 100 RPS

Request per seconds (Number)

70 000 RUB

monthly payment (excl. VAT)

Standard WAF Service

All modules are included in the price, in addition to the basic WAF service:

  • Perimeter and vulnerability scanner modules
  • Protection against behavioral attacks module 1
  • Advanced Configuration Module 2
  • Virtual patching
up to 500 RPS

Request per seconds (Number)

110 000 RUB

monthly payment (excl. VAT)

1. Автоматизированные атаки, нацеленные на сбор информации, например Brute-force (перебор пар логин‑пароль)
2. Позволяют администратору создавать ручные правила блокировки
3. Ограничение доступа к уязвимым частям приложения до их устранения

Individual configuration of the WAF service

  • Modules сomposition at the customer's choice, for any performance

The parameters are not fixed in the standard contract, edits are made after the order placement

more than 500 RPS

Request per seconds (Number)

On request

Need expert advice on enabling the web application protection service (WAF)? Leave a request — the #CloudMTS expert will contact you shortly and answer all your questions in detail

Consultation

Video

Event

Data management in hybrid multicloud environments

1:30
Webinar

BaaS и ФЗ-152 — особенности работы в защищенном сегменте

2:05
Webinar

IaaS ФЗ-152: Всё о защите персональных данных в облаке

2:55
Services

Corporate mail #CloudMTS

4:24
Services

Что такое Публичное облако (Elastic Cloud)

Services

Project solutions

Services

Backup Commvault

Services

Backup Veeam

Services

Private Cloud

Webinar

Аттестованные Облака ФЗ-152: концепция безопасности и решения С-Терра для виртуальной среды

Webinar

Объектное S3-хранилище на базе Dell ECS

Webinar

Построение гибридного облака на практике

Webinar

Обновленная линейка Microsoft Online Services

Webinar

Как автоматизировать процессы с помощью VMware vRealize Automation

Webinar

Инструменты для анализа больших данных в облаке: детали всегда имеют значение

Webinar

Облачные ИТ-решения в большом бизнесе: мифы, правда и холодный расчет

Webinar

Обзор современных BaaS-решений для резервного копирования

Webinar

Решения для оптимизации ИТ-инфраструктуры в сфере логистики

Articles

Expert article

The Evolution of Web Application Firewall: From Firewalls to Machine Learning Cloud Security

Read the article
Expert article

Ральф Баер: пиксель, пиксель, огуречик

Read the article
Expert article

Знакомство с vRealize Automation

Read the article
Expert article

Kubernetes: open source против вендорского

Read the article
Expert article

Почему традиционные антивирусы не подходят для публичных облаков. И что делать?

Read the article

FAQ

1. Flexible cost management whenever your business grows as well as traffic volume. Simply order WAF with required performance service deployed into #CloudMTS virtual infrastructure when your website load increases.2. Cloud solution does not require assembling, installation and maintenance of expensive hardware and equipment. Any hardware becomes outdated and unusable (a need to keep spare parts arises), also one must keep in mind that equipment support period eventually comes to “End of support”.3. You have no need to hire and train specialists.

Yes, WAF will be deployed in #CloudMTS infrastructure and website hosting will remain in any place convenient for you.In this case, we are always happy to offer interesting conditions for infrastructure hosting in our IaaS.

WAF is not suitable for protection against powerful DDoS attacks on overflow of the communication channel and denial of service.A service specifically designed for protection against powerful attacks is available in our portfolio – Protection against DDoS attacks.

Yes, we will additionally set correct settings of safety rules and provide any necessary information.

Sign up to #CloudMTS news updates