WAF2000 / 5000 Internet Security Firewall , Web Application Firewall Appliance

WAF2000/5000 Web Application Firewall

Key characteristics

Web application protection god

User behavior anomaly detection engine to quickly identify normal behavior and provide an optimal access experience;
A number of patented technologies guarantee recognition capabilities and accurately identify various Web common attacks such as OWASP Top 10;
The original behavioral state chain detection technology effectively responds to Web-specific attacks such as chain hacking and cross-site request forgery;
Based on the IP credit dynamic blocking strategy, only high-credit IP blocks requests with attacks, and network blocking is implemented for low-credit IP.

Technical Parameters

model
WAF2210
WAF2230
WAF5220
WAF5230
Dedicated management port
2×GE (RJ45)
(1× management port, 1×HA port)
2×GE (RJ45)
(1× management port, 1×HA port)
2×GE (RJ45)
(1× management port, 1×HA port)
2×GE (RJ45)
(1× management port, 1×HA port)
Working port
4×GE (RJ45)
4×GE (RJ45)
4×GE(RJ45) 4×GE (SFP)
4×GE(RJ45) 2×10GE(SFP)
Protect more than 30 types of web attacks
The system has built-in more than 30 types of common web attack features, effectively defending against external web attacks such as SQL injection and cross-site scripting.
Anti-Web Scanner Scan
Automatically identify scanner scanning behavior and intelligently block scanning behaviors of various scanners such as Nikto, Paros proxy, WebScarab, WebInspect, Whisker, libwhisker, Burpsuite, Wikto, Pangolin, Watchfire AppScan, N-Stealth, Acunetix Web Vulnerability Scanner
Protection chain stealing behavior
Support a variety of stolen chain identification algorithms to effectively solve information theft behaviors such as single source piracy, distributed piracy, malicious collection of website data, etc., so as to ensure that the resources of the website can only be accessed through this site.
Web service auto discovery
It can automatically discover service attributes such as network IP address, service port, and access domain name, which is convenient for management personnel to configure.
Static web page tamper protection
Built-in static web page tamper protection and warning function to prevent tampering of the page from being displayed to the user and prompting tampering events
Web application acceleration
WebCache technology, static file caching technology, and dynamic request TCP connection multiplexing technology to improve website access speed
Site access audit
Statistical analysis of the access situation of the website presents information such as the trend graph of the instant visit, the webpage most concerned by the user, and the most concentrated area of ​​the visitor, which facilitates analysis of the access status of the business module of the website and provides evaluation for the value of the business function.