Web applications are by far the most common target for cyber criminals; by their very nature these services are revealed to the public internet and are therefore constantly exposed to potential attacks from anywhere at any time.
Web Application Firewalls (WAF) add an additional security layer to your existing Perimeter Firewalls and Intrusion Detection/Prevention Systems (IDS/IPS). Positioned in front of Web-facing services, the WAF inspects all incoming traffic and can report and/or block suspicious and malicious activity directed towards your web facing applications
WAF’s can also be a useful means of securing applications while avoiding the need for redesign or coding changes.
Protecting applications and the data they hold is more important than ever. Web Application Firewalls are deployed as part of an organisation's defence in depth strategy, protecting against the exploitation of vulnerable weak coding, legacy applications, injection attacks and Cross-site Scripting.
With TLS encryption being mandatory in today’s modern world, traditional firewalls with Intrusion Prevention cannot inspect web application traffic. Web Application Firewalls (WAF) sit in line and dynamically decrypt, inspect and prevent attacks.
The Bunker offers a number of different solutions for Web Application Firewall (WAF) deployments, including Opensource and appliance based solutions. We deploy on Dedicated or Shared multi-tenant infrastructure and deliver on Virtual or Physical appliances, available in High Availability configurations for maximum protecting and availability.
WAFs give you the peace of mind that your applications are protected against application layer attacks. You can rest safe in with the knowledge that all traffic is inspected and logged for instant alerting, and available for forensic examination as part of a Security Incident and Event Management solution.
Deployed at the application layer (Layer 7), the WAF examines every HTTP(S) request that comes through and applies a set of bespoke rules to filter out specific traffic types and patterns.
These devices can also be used as encryption termination devices, reverse proxy servers, authentication platforms and load-balancers.