Background

Web Applications Firewalls

Web applications are by far the most common target for cyber criminals; by their very nature these services are revealed to the public internet and are therefore constantly exposed to potential attacks from anywhere at any time.

Web Application Firewalls (WAF) add an additional security layer to your existing Perimeter Firewalls and Intrusion Detection/Prevention Systems (IDS/IPS). Positioned in front of Web-facing services, the WAF inspects all incoming traffic and can report and/or block suspicious and malicious activity directed towards your web facing applications

WAF’s can also be a useful means of securing applications while avoiding the need for redesign or coding changes.

Is it right for me?

Protecting applications and the data they hold is more important than ever. Web Application Firewalls are deployed as part of an organisation's defence in depth strategy, protecting against the exploitation of vulnerable weak coding, legacy applications, injection attacks and Cross-site Scripting.

With TLS encryption being mandatory in today’s modern world, traditional firewalls with Intrusion Prevention cannot inspect web application traffic. Web Application Firewalls (WAF) sit in line and dynamically decrypt, inspect and prevent attacks.

Web Application Firewalls protect businesses from some of the most common types of attacks against web-facing services

Why choose The Bunker?

The Bunker offers a number of different solutions for Web Application Firewall (WAF) deployments, including Opensource and appliance based solutions. We deploy on Dedicated or Shared multi-tenant infrastructure and deliver on Virtual or Physical appliances, available in High Availability configurations for maximum protecting and availability.

WAFs give you the peace of mind that your applications are protected against application layer attacks. You can rest safe in with the knowledge that all traffic is inspected and logged for instant alerting, and available for forensic examination as part of a Security Incident and Event Management solution.

How WAF works

Deployed at the application layer (Layer 7), the WAF examines every HTTP(S) request that comes through and applies a set of bespoke rules to filter out specific traffic types and patterns.

These devices can also be used as encryption termination devices, reverse proxy servers, authentication platforms and load-balancers.

Our Accreditations

  • ISO 27001
  • First
  • G-Cloud Accredited
  • ITIL Service Management
  • Microsoft Gold Partner
  • NHS IGSoC Approved
  • PCI DSS
  • PRINCE2
  • RIPE NCC Member
  • Tech UK
  • Veeam Gold Cloud & Service Provider Partner
  • PCI Participating organization
  • Dell EMC Gold Partner
  • Cyber Essentials Plus
  • AWS Select Consulting Partner