Integrated Web Application Firewall & Distributed Denial of Service (DDoS) Mitigation Solution

Transcription

1 Integrated Web Application Firewall & Distributed Denial of Service (DDoS) Mitigation Solution (Layer 3/4 and Layer 7) Delivering best-in-class network and web application security to the modern enterprise

2 Web Application Firewall and DDoS Mitigation An Overview Cyber-criminals are targeting web applications from all around the world in their most upstream form, costing businesses and organizations a lot of money and a significant risk to their brand reputation. Factors such as the rapid adoption of cloud computing, continued growth of web application traffic, use of open source technologies, security vulnerabilities, complexity of web applications and an increase in the overall sophistication multi-layer attacks has led to an extremely challenging environment for an organizaiton s IT security. Recent cyber attacks on critical IT infrastructure demonstrates the urgent need for improved cybersecurity practices and measures. As the cyber threats grow, so must our abilities to neutralize them. There are numerous reasons why online resources represent a substantial risk to today s organizations. The most prominant ones are the expansion of these resources, the fact that they are being continuously targeted by today s cyber attackers and are protected by some deficient so-called application security solution. Growing web resources accoss organizations: Today s organizations are continuously relying on building and outsourcing web applications for staying ahead of the competition and to access, collect, process, and relay sensitive data to execute business logic. While these web applications are being used by an organization s external as well as internal users, the corresponding protections are needed at more than just the network perimeter to take care of their security. HaltDos Benefits HaltDos offers an unique and comprehensive web application firewall and DDoS mitigation solution which intelligently fits into an organization s security architecture and elevate the importance of selecting a full-featured solution. HaltDos WAF & DDoS Solution uses state of the art anomaly detection techniques to protect online web applications and enterprsie data centres from common and zero-day web exploits, SQL injections, cross-site scripting (XSS), CSRF, OWASP top 10 vulnerabilities and variety of DDoS attacks on the network as well as application layer that affect application availability or compromise the security of your web services. HaltDos WAF is fully-integrated with advanced DDoS protection which is capable of detecting and mitigating complex types of DDoS attacks on the network infra in real time, not just that, HaltDos solution also has an in-built features for improving the performance and reliability of websites, applications, databases and other services. HaltDos customers also get an unified monitoring when an attack occurs, including the type and size of the attack, IP origin, Attack vectors, mitigation process & access logs. It also identifies the false positives in real time and protect resources without any human intervention. Where traditional security solutionlook at individual transactions through an cumbersome operation, HaltDos Integrated WAF & DDoS solution allows deep visibility and 360 degree protection to its users with a centralized management and stunning visualization.

3 Web Application Firewall and DDoS Mitigation Key Highlights High Performance: Low latency and high mitigation capacity for very high volume and sophisticated attacks and maintains excellent user response time even when under attack. Unified Monitoring: Per-user customization of real-time dashboards and historical records of attack trends and network patterns Maintains Business Operations: Full protection against emerging network threats and maintain network performance even when under high volume network attacks. HaltDos WAF & DDoS Solution HaltDos integrated Web Application Firewall and DDoS blocks network layer & application layer DDoS and other attack vectors directed at web-facing applications as well as towards a network, while providing superior protection against data loss. It also has strong authentication and access control capabilities for restricting access to sensitive applications and data. The HaltDos Advantage HaltDos Threat Stream keeps track of emerging threats. State-of-the-art security utilizing architecture Malware protection for collaborative web applications Employs IP Reputation intelligence to defeat DDoS attacks Designed to make it easier for organizations to comply with regulations such as PCI DSS Multi-Layered Solution: HaltDos combines network behavioral analysis (NBA), heuristic and reputation techniques to detect bot traffic from legitimate user traffic. CC EAL2+ Certified Comprehensive Network & Application Security OWASP Top 10 Attacks Layer 3/4 and Layer 7 DDoS attacks HaltDos Data Loss Prevention Credit Card Numbers Social Security Numbers Custom Patterns Internet Inbound Inspection Outbound Inspection Server PRoactive Defense Application Cloaking Geo-IP Control

4 Features DDoS Protection Web Application Firewall and DDoS Mitigation DDoS Detection and Mitigation in single box Anomaly based DDoS detection Bidirectional DDoS protection Zero-day attack protection Multiple protection profiles for different services (HTTP, SMTP, etc.) Network as well as Application layer protection Low & Slow DDoS attack protection Supports custom signature definitions Blacklisting & Whitelisting Aggressive Aging of state TCP connections Dark IP protection Rate Limiting protection Deep packet inspection and RFC verification for IP, UDP, DNS and HTTP Anomaly based adaptive zero-day protection, Flood protection for IP, TCP, UDP, UDP (with ICMP Back Scattering), ICMP, DNS, SNMP, NTP, DNS Query, IP Fragmentation and Zombie connection flood Adaptive behavior based web server traffic monitoring, detection and preventing known and zero-day HTTP DDoS attacks, HTTP GET/POST/PUT flood, Slowloris, R.U.D.Y. protection, Random DNS subdomain Query flood, DNS / NTP / SNMP Amplification protection Daily updates of active botnets, IP reputation, Geo IP tracking and attack signatures Hardware and Software Bypass Low Latency High throughput up to 10Gbps without hardware upgrade Multiple deployment modes: Inline and Offline Regular attack signature updates Periodic IP reputation, TOR IP updates Reconnaissance and IP Lookup for troubleshooting Support for unlimited users Configurable through GUI and CLI Notification via and GUI User group based privileges and access control AAA support with RADIUS and TACACS+ Periodic backup and restoration capabilities In-built Dashboards. Support for custom dashboards Log Management with detailed logging. Audit logs, change log and syslog support Supports external SSL/TLS decryption Periodic Reporting (PDF/HTML) via Support for VLAN and GRE tunneling protocols High Availability Support External SAN storage RFC compliance verification for IPv4, IPv6, TCP, UDP, ICMP, DNS, HTTP, SSL

5 Features Web Application Firewall Web Application Firewall and DDoS Mitigation Deployment Options Reverse Proxy True Transparent Proxy Offline Sniffing Application Security Automatic profiling (white list) Web server and application signatures (black list) IP Reputation IP Geolocation HTTP RFC compliance Native support for HTTP/2 Application Attack Protection OWASP Top 10 Cross Site Scripting SQL Injection Cross Site Request Forgery Session Hijacking Built-in Vulnerability Scanner Third-party scanner integration (virtual patching) File upload scanning with AV Web Security Web services signatures XML and JSON protocol conformance Malware detection Virtual patching Protocol validation Brute force protection Cookie signing and encryption Threat scoring and weighting Syntax-based SQLi detection HTTP Header Security Custom error message and error code handling Operating system intrusion signatures Known threat and zero-day attack protection L4 Stateful Network Firewall DoS prevention Data leak prevention Web Defacement Protection Application Delivery Layer 7 server load balancing URL Rewriting Content Routing HTTPS/SSL Offloading Caching and Compression Management and Reporting Web user interface Command line interface Central management for multiple devices Active/Active HA Clustering REST API Centralized logging and reporting User/device tracking Real-time dashboards Bot dashboard Geo IP Analytics SNMP, Syslog and Logging/Monitoring Administrative Domains with full RBAC Other IPv6 Ready HTTP/2 to HTTP 1.1 translation HSM Integration Attachment scanning for ActiveSync and OWA applications High Availability with Config-sync for syncing across multiple active appliances Auto setup and default configuration settings for simplified deployment OpenStack support for VMs Predefined security policies for Drupal and Wordpress applications WebSockets support

6 Web Application Firewall and DDoS Mitigation Conclusion This is an undeniable fact that the cyber-attacks are growing with new introductions of emerging and more advanced security threats, and to fight against them, ordinary network firewalls fail to provide an adequate protection for the handful of web applications that an average organization deems important. To thoroughly protect their organization s diversity of internet-facing web applications, security teams needed to implement a fully managed solution that provides a comprehensive security to these web applications against the network layer attacks as well as application-layer attacks. This resulted in WAF integrating with other solutions as advanced Distributed Denial of Service (DDoS) protection with load balancing capabilities. A full-featured integrated DDoS mitigation and WAF such as HaltDos deliver a degree of threat protection that uses state of the art anomaly detection techniques to block network as well as application layer attacks with zero false positives and also provides a fine-grained configuration and application server level monitoring that provides full spectrum visibility with no single point of failure. Office Address E-52, Sector - 3, Noida, Uttar Pradesh Ph: Fax: info@ About HaltDos haltdos is an AI-driven web application and network security solution that secures online businesses against today's cyber threats. It offers comprehensive yet affordable Web Application Firewall & DDoS mitigation platform which allows business to secure their complex networks with zero-management. haltdos customers gain full-spectrum visibility of their network with high-end WAF & Anti-DDoS solution which is capable of handling complex cyberattacks with zero false positives. haltdos solutions are in use globally. To Learn more visit at www. Copyright 2018 Halt Dos.com Pvt. Ltd. All rights reserved. HaltDos disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. HaltDos reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.