Web Application Firewall

NSFOCUS Web Application Firewall (WAF)
The NSFOCUS Web Application Firewall (WAF) protects critical servers and web applications from web attacks, data breaches and downtime.  Providing full protection from the top 10 threats identified by the Open Web Application Security Project (OWASP) and more, the WAF uses an innovative combination of positive and negative security models as well as application profile learning to deliver advanced application layer security.  The WAF can operate as a standalone unit or in conjunction with the ADS Series for defense-in-depth security.

Features and Benefits
Prevent Theft of Critical Data
Data breaches are extremely complex and surprisingly frequent. The NSFOCUS WAF offers powerful protection against web attacks with a complete set of signatures for web vulnerabilities and the ability to detect unauthorized file uploads. WAF enforces access control policy from Layer 4 through layer 7, to prevent attackers from accessing data without proper authorization. In the later phases of an attack, WAF provides outbound data leakage detection, including illegal file download detection, web shell prevention, and filtering of sensitive information (such as credit card numbers and social security numbers).

Ensure Website Availability
The NSFOCUS WAF offers a built-in anti-DDoS module to protect against TCP flood attacks, HTTP/S GET/POST flood attacks and slow rate attacks up to 1Gbps. The WAF employs access rate thresholding, IP reputation and algorithm-based protection mechanisms.

Close the PCI DSS Compliance Gap
The NSFOCUS WAF provides compliance reports for PCI audits as well as suggestions for policy tuning and configuration in order to help ensure compliance with PCI DSS.  The cookie security feature within the WAF protects against cookie tampering and cookie poisoning in compliance with section 6.5.10 in the new PCI 3.0 standard.
For more information, please download the datasheet.