Cyberoam – Unified Threat Management
Web Application Firewall Subscription on Cyberoam UTM
CyberoamWeb Application Firewall follows the positive security model to secure websites and Web-based applications against attacks like SQL injection, cross-site scripting (XSS), URL parameter tampering, and more, including the OWASP Top 10 Web application vulnerabilities. It is available as a subscription module on Cyberoam UTM appliances.
Cyberoam Web Application Firewall Protection against Web-based Application Attacks
Cyberoam Web Application Firewall is deployed to intercept the traffic to and from the web servers to provide an added layer of security against attacks before they can reach the web applications. Its Intuitive Website Flow Detector intelligently “self-learns” the legitimate behavior and response of web applications. This information is used by the Web Application Firewall’s security engine to ensure the sanctity of web applications, protecting them against web application attacks. Cyberoam Web Application Firewall looks at every request and response within the HTTP/HTTPS/Web Service layers. It is effective at repelling attacks from a wide range of commercial and open-source automated vulnerability scanners (e.g. Nessus, WebInspect), as well as hand-crafted attacks.
WAF subscription available on following CR series :
50ia, 100ia, 200i, 300i, 500ia, 750ia, 1000ia, 1500ia
Cyberoam WAF Features
Positive protection model without Signature Tables
The Cyberoam Web Application Firewall enforces a positive security model through Intuitive Website Flow Detector to automatically identify and block all application-layer attacks without relying on signature tables or pattern-matching techniques.
Comprehensive business logic protection
The Cyberoam WAF protects against attacks like SQL injection, cross site scripting (XSS), and cookie-poisoning that seek to exploit business logic behind Web applications, ensuring they are used exactly as intended.
HTTPS (SSL) encryption Offloading
Attackers cannot bypass the Cyberoam WAF protection measures through an HTTPS (SSL) connection, mostly used in the financial services, healthcare, e-commerce, and other industries that process sensitive data. The WAF not only secures encrypted connections, but also reduces latency of SSL traffic with its SSL offloading capabilities.
InstantWeb server hardening
The Cyberoam WAF instantly shields any Web environment (IIS, Apache, WebSphere®, etc.) against more than 14,000 common server misconfigurations and an ever-expanding universe of known 3rd-party software vulnerabilities.
Reverse proxy for incoming HTTP/HTTPS traffic
The Cyberoam WAF follows a reverse proxy model for all incoming HTTP and HTTPS traffic which provides an added level of security by virtualizing the application infrastructure. All incoming Web application requests from the Web client terminate at the WAF. Valid requests are submitted to the back-end Web server, hiding the existence and characteristics of originating servers.
URL, Cookie, and Form hardening
Application-defined URL query string parameters, cookies, and HTML form field values (including hidden fields, radio buttons, check boxes, and select options) are protected by the Cyberoam WAF. Attempts to escalate user privileges through cookie-poisoning, gain access to other accounts through URL query string parameter tampering, and other types of browser data manipulation are automatically identified and blocked.
Monitoring and reporting
Cyberoam Web Application Firewall provides alerts and logs that help organizations with information on types of attacks, source of attacks, action taken on them, and more that help comply with the PCI DSS requirements.
Additional Features :
- Block/alert known bad IP addresses
- Customizable user messages for blocked requests
- Rate-based connection safeguards
Feature Specifications :
|Web Application Security
|| Protocol Support
|Specifications |||| Backend servers supported |||| HTTP requests per second |||| WAF Protected Throughput (Mbps)|