LIGHTNING Web Application Firewall



Overview

Over 70% of all attacks are at the web application level. A Web Application Firewall (WAF) provides an extra security layer to increase the protection of the web server, detecting and preventing the attacks before they reach the web server. The Lightning WAF is embedded into Lightning and is executed whenever a client request is received for a resource that is not cached.


Details

The WAF works by examining the HTTP request from the client and then filtering the request based upon an anomaly score of matching rules. HTTP requests are filtered before they are sent to the web server, using a rule configuration language. The WAF provides monitoring, logging and filtering capabilities using user-defined rules for protection against generic classes of vulnerabilities using rules compatible with OWASP rules.


AgileEdge LIGHTNING WAF configuration rules can be tailored to the customer’s needs to provide focussed security and higher performance than a generic set of rules. Typically this is achieved by starting with the full rule set and monitoring the requests to determine the threat assessment. After tailoring the rules the WAF can be switched from monitoring to detection mode to implement real-time protection.


WAF Capabilities

  • Security monitoring and access control
  • Virtual patching
  • Full HTTP traffic logging
  • Security assessment
  • Web application hardening
  • Passive security assessment
  • Simple request or regular expression based filtering
  • URL Encoding Validation
  • Auditing
  • IP Reputation
  • Null byte attack prevention
  • Server identity masking
  • Uploads memory limits

Rule Categories

  • SQL Injection (SQLi)
  • Cross Site Scripting (XSS)
  • Local File Inclusion (LFI)
  • Remote File Inclusion (RFI)
  • Remote Code Execution (RCE)
  • PHP Code Injection
  • HTTP Protocol Violations
  • HTTProxy
  • Shellshock
  • Session Fixation
  • Scanner Detection
  • Metadata/Error leakages
  • Project Honey Pot Blacklist
  • GeoIP Country Blocking

In combination with LIGHTNING's existing security features the addition of the WAF provides comprehensive protection for the web server with reduced downtime, reduced resource usage, greater client satisfaction, and less maintenance


To learn more about our products and services, and what we can do for you, please contact us at info@arahe.com.

Solutions