Preventive security for your applications, protecting them from potential attacks and malicious traffic
How it works
More secure and cost-effective applications
The Web Application Firewall service allows for the inspection of requests that may be made on a website or web application, preventing malicious traffic from reaching the source application in order to safeguard sensitive information. It is a complementary service to traditional perimeter security systems (network-level firewall), providing application-layer protection (Layer 7) where a traditional firewall would be insufficient.
The Web Application Firewall service managed by Nexica offers an exceptional level of protection against potential attacks on your applications.
Web Application Firewall Benefits
Reduction of TCO.
Pay-per-use. No need for additional infrastructure.
Elimination of attacks on applications and data access.
100% managed by Nexica.
Access logging and auditing.
Easy implementation. Transparent.
Integration of acceleration services and content management.
How it works
Web Application Firewall
Injection (Code, LDAP, Command, SQL, etc.).
All the above, plus:
Benefits Apps Firewall
Our Web Application Firewall inspects traffic to/from your web applications, protecting them from potential attacks and malicious traffic. The key benefits include:
Reduced operating costs: less bandwidth consumption, fewer hardware and software requirements, fewer staff specializing in security and better platform sizing.
Reduction in the "downtime" of the protected platform and, consequently, increased ability to generate business.
Assists with compliance with PCI DSS standards.
Prevents attacks on applications not detected at network level.
More secure data access.
Security audit (extraction of accesses and post-mortem analysis of incoming connections).
Transparent to the application, easy implementation and integration.
Features Firewall Aplication
Three filtering levels
o Network-level protection: • IP Black/White List • Fail-to-Ban
o Application-layer protection: • OWASP Top10 (2010) • Flash flooding: high traffic volume in short periods. • Cookie tampering: modification of cookies (user information). • Forceful browsing: attack on resources not delimited by the application. • SQL injection: vulnerability in the code to enter database. • Cross-site scripting: modification of HTML code and headers.
o Anti-DDoS protection • Control of volume of connections per site.
Definition of client-specific filtering rules – Ad-hoc filtering
How it works
The Web Application Firewall Service is integrated online between the client making the connection and the web application and server platform. Thus, it identifies and classifies any transaction by comparing it to known patterns of malicious traffic and application-specific vulnerabilities while logging the connections made for subsequent audit exercises.
Connections identified as potentially fraudulent are intercepted by the firewall, thus preventing them from reaching the information source and vulnerable applications.