Bảo vệ ứng dụng Website online
Web Application Firewall tính năng trong Cyberoam UTM
Tính năng Web Application Firewall trong Cyberoam UTM sẽ bảo vệ cho những Server Web online trước các hình thức tấn công phổ biến nhất hiện nay như: SQL injection, cross-site scripting (XSS), cookie-poisoning, URL parameter tampering,... và hơn thế nữa nó còn bao gồm cả các OWASP là top 10 lỗ hổng ứng dụng Web.
Tính năng này có sẵn như là một module trong Cyberoam UTM appliances.
Cyberoam Web Application Firewall được triển khai để đánh chặn việc truy cập đến và đi vào các máy chủ web server, với một lớp bảo mật bổ sung chống lại các cuộc tấn công trước khi nó có thể tiếp cận các database ứng dụng web. Với Website Flow Director nó sẽ theo dõi và lưu lại lượng thông tin truy cập trực quan và thông minh, từ đó phân tích thông tin hợp pháp hay không để có phản ứng phù hợp dựa vào database Web nằm ngay trên thiết bị. Nó xem xét mọi yêu cầu đến và phản hồi trong dịch vụ HTTP / HTTPS / cho lớp dịch vụ Web từ đó sẽ trả lại kết quả hoặc đẩy lùi các cuộc tấn công nhắm vào các dao dịch thương mại, bằng việc dùng các máy quét mã nguồn mở tự động như Nessus, WebInspect, hoặc các cuộc tấn công thủ công bằng tay.
Cyberoam WAF Features
Positive protection model without Signature Tables
The Cyberoam Web Application Firewall enforces a positive security
model through Intuitive Website Flow Detector to automatically identify
and block all application-layer attacks without relying on signature tables
or pattern-matching techniques.
Comprehensive business logic protection
The Cyberoam WAF protects against attacks like SQL injection, crosssite
scripting (XSS), and cookie-poisoning that seek to exploit business
logic behind Web applications, ensuring they are used exactly as
intended.
HTTPS (SSL) encryption Offloading
Attackers cannot bypass the Cyberoam WAF protection measures
through an HTTPS (SSL) connection, mostly used in the financial
services, healthcare, e-commerce, and other industries that process
sensitive data. The WAF not only secures encrypted connections, but
also reduces latency of SSL traffic with its SSL offloading capabilities.
InstantWeb server hardening
The CyberoamWAF instantly shields anyWeb environment (IIS, Apache,
WebSphere®, etc.) against more than 14,000 common server misconfigurations
and an ever-expanding universe of known 3rd-party
software vulnerabilities.
Reverse proxy for incoming HTTP/HTTPS traffic
The CyberoamWAF follows a reverse proxy model for all incoming HTTP
and HTTPS traffic which provides an added level of security by
virtualizing the application infrastructure. All incoming Web application
requests from the Web client terminate at the WAF. Valid requests are
submitted to the back-end Web server, hiding the existence and
characteristics of originating servers.
URL, Cookie, and Form hardening
Application-defined URL query string parameters, cookies, and HTML
form field values (including hidden fields, radio buttons, checkboxes,
and select options) are protected by the Cyberoam WAF. Attempts to
escalate user privileges through cookie-poisoning, gain access to other
accounts through URL query string parameter tampering, and other
types of browser data manipulation are automatically identified and
blocked.
Monitoring and reporting
Cyberoam Web Application Firewall provides alerts and logs that help
organizations with information on types of attacks, source of attacks,
action taken on them, and more that help comply with the PCI DSS
requirements.
Additional Features:
- Block/alert known bad IP addresses
- Customizable user messages for blocked requests
- Rate-based connection safeguards
Feature Specifications
|
Web Application Security
- Brute Force Attacks Mitigation
- Cookie Protections Measures
- Session Attacks Mitigation
- Cryptographic URL and Parameter Protection
- Strict Request Flow Enforcement
- HTTPS (SSL) encryption offloading
- HTTP-based worm/virus protection
- Banner-grabbing protection
- Hidden field manipulation protection
- SQL injection protection
- OS command injection protection
- Cross-site scripting protection (XSS)
- Dangling pointer protection
- Stealth commanding protection
- Buffer overrun protection
- URL Hardening engine
- Form field meta data validation
- Directory traversal prevention
- Response control
- Block client
- Reset connection
- Redirect
- Custom response
- Outbound data theft protection
- Credit card numbers
- Social Security numbers
- Custom pattern matching (regex)
- Protocol limit checks
- File upload control
|
Protocol Support
- HTTP/S 0.9/1.0/1.1
- XML
Management
- Web-based configuration wizard
- Role-based Access control
- Firmware Upgrades viaWebUI
- Cyberoam Central Console (Optional)
- NTP Support
- Web 2.0 compliant UI (HTTPS)
- UI Color Styler
- Commandline interface (Serial, SSH, Telnet)- SNMP(v1, v2c, v3)
- Multi-lingual support: Chinese, Hindi, French,Korean
Reporting
- Real-time network, HTTP alerts
- Detailed activity log
- Web notification
- Full transaction log of all activity in humanreadable
format
- System log
- Web Firewall log
- Access log
- Audit log
Compliance - CE - FCC |
|
| Specifications | 50ia | 100ia | 200i | 300i | 500ia | 750ia | 1000ia | 1500ia |
| Backend servers supported | 5 | 5 | 10 | 15 | 25 | 50 | 100 | 200 |
| HTTP requests per second | 80 | 100 | 300 | 350 | 500 | 600 | 700 | 1000 |
| WAF Protected Throughput(Mbps) | 35 | 60 | 100 | 150 | 300 | 350 | 425 | 500 |
