LBL® WAF

Smart protection

New generation firewalls (NGFW) are also unequal and are not effective in defending against specific threats which are increasingly targeted to the applications. The obvious limitations of security solutions are a clear answer to the question of why your organization needs a firewall for web applications.

Companies must not only protect their networks, applications and data, but must also protect their customers. The protection of web applications is a strategic element to allow automatic detection and stop the unknown web attacks.

LBL® WAF is the next-generation Web Application Firewall (web firewall) which protects websites and web applications from known and unknown attacks, including all application and zero-day threats.

 

Technical deepening

LBL® WAFLBL® WAF integrates a component of Web Application Firewall that helps to protect web applications from exploits that can affect the availability of applications, compromise security or consume resources.
Through the appropriate configuration / selection of security rules (personalized security policy) it is possible to define which traffic to the web applications is allowed and which to block. Therefore allowing to detect different categories of attack, from those related to intrinsic vulnerabilities of application services to more general and widespread ones such as
OWASP top 10.

LBL® WAF is able to perform deep-packet inspection of HTTP, HTTPS and XML traffic through a firewall system based both on signature and through an innovative predefined algorithm called Attack Prophecy.

Attack Prophecy completes the signature-based protection level offered by the LBL® WAF component, with a next-generation solution for detecting threats to web services and implementing the corresponding defense and protection mechanisms that exploits the latest technologies in the field of machine learning and behavioral analysis (Pattern Recognition & Machine Learning), to identify, in addition to existing attacks, new threats in an efficient and scalable way.

Thanks to the LBL® WAF solution, significantly faster response times are achieved, guaranteeing a high “customer experience” through visibility on different levels of safety.

Specs

  • OWASP Top 10 Threats
  • Virtual Patching
  • Layer 7 Attack Protection
  • SSL termination with re-encryption
  • SQL Injection
  • Broken Authentication and Session Management
  • Cross-Site Scripting (XSS)
  • Content rewrite and response control
  • Content Filtering
  • Insecure Direct Object References
  • Security Misconfiguration
  • Sensitive Data Exposure
  • Missing Function Level Access
  • Control Cross-Site Request Forgery (CSRF)
  • Using Components with Known Vulnerabilities
  • Unvalidated Redirects and Forwards
  • Phishing
  • XML security
  • Secure web-based GUI
  • SSH-based CLI access network management
  • SNMP
  • Syslog-based logging

Want to become a LBL® expert ?

Discover all LBL® products