Today, web applications and Internet-facing public web servers are under the threat of hackers and web application level attacks. Hackers no longer launch attacks or web defacement just for the sake of fame or self-achievement. Financial gain and sensitive transactional data theft is always the main purpose.
VADS Managed Web Application Firewall (MWAF) protects websites and web applications from attackers leveraging on protocol or application vulnerabilities that instigate data theft, denial of service, or defacement of an organisation’s web site. Unlike traditional network firewalls or intrusion detection systems that simply pass HTTP, HTTPS or FTP traffic for web applications, VADS MWAF proxies this traffic and inspects it for attacks to insulate web servers from direct access by hackers.
VADS MWAF is the managed security services to protect web applications and internet-facing web servers from application level attacks such as SQL injection, cross-site scripting, cookie tampering and directory traversal attacks.
- Injection attack protection (XSS, SQL)
- Normalize Encoded Traffic
- Inspect HTTPS traffic
- Session tampering / hijacking / riding protection
- Forceful Browsing Prevention
- Data Theft protection, Cloaking
- Brute-force protection
- Web Services Projection
- Application Layer DoS Protection
- Rate Control Protection
- 24×7 device health and availability monitoring
- 24×7 security events monitoring, analysis and incident response
- 24×7 phone support / helpdesk support
- Device configuration and change management
- Firmware and security software upgrade and patch management
- Advanced hardware replacement
- Immediate protection for web applications and prevention of application level attacks
- Fully managed by VADS on web application firewall hardware & software
- Web protection using Industry proven Web Application Firewall
- Reduces management burden & drives down operation cost
- 24×7 dedicated security monitoring centre at VADS Security Operation Centre (VSOC)
- With more than 300 corporate clients & 1000 monitored security devices
- Achieved United Kingdom Accreditation Service (UKAS) for ISO/IEC27001:2005 Certification in April 2008