New Cloud Web Application Firewall

Webscale announced its Cloud Web Application Firewall (WAF), designed to address the pain many businesses face with regards to the security, availability, and performance of their critical web applications.

The market has plenty of WAF solutions that combat malicious attacks at the edge of a web application closest to the end user. So Webscale’s Cloud WAF integrates application awareness and focuses on e-commerce platforms by building out protection for both data traffic at the browser level, and the complete backend application infrastructure, in a single as-a-service solution.

Attacks at the application layer can be catastrophic, with erroneous code being deployed, site content being altered or user data, such as credit card information, being extracted through vulnerable backdoors. Webscale’s decentralized and software-defined application delivery architecture allows the data plane to reside close to the application, giving it unprecedented, real-time insight into all activity, while its control plane is able to make changes and deploy safeguards if issues are detected.

At the browser level, the Webscale Cloud WAF enables best-in-class HTTPS support with the latest TLS standards, without having to make any changes to the application infrastructure. Deploying TLS at the Webscale level ensures better offload and encryption from the application servers, enabling more efficient use of infrastructure.

Webscale’s Cloud WAF has strong blacklisting and whitelisting capabilities, to block or allow requests, sessions by IP address, or geo-location. The WAF also allows for blocking against the OWASP top 10 threats as well as any application specific or custom rulesets. With the recent roll out of its HTTP/2 support and Service Provider-grade PCI-DSS certification, Webscale also adds protection for sensitive customer information, along with the latest web technology to deliver strong security and increased performance. 

Through real-time traffic analysis, Webscale quickly detects problems, identifies solutions, and applies fixes through the flexible rules capabilities of the integrated WAF. In the event of a Distributed Denial of Service (DDoS) attack, Webscale enables Shield Mode, instantly blocking bad traffic and requesting additional verification before admitting genuine users. This keeps the website fast and available without impacting potential revenue and maintaining the brand.

“Security is a major concern for our customers, so the development and release of Webscale’s Cloud WAF has been a top priority. With its deep visibility into the underlying infrastructure, Webscale is completely application aware, enabling it to identify anomalies and issue resolutions before disruption is caused, whether they be at the browser level, or at the application backend,” said Sonal Puri, CEO of Webscale. “As a true cloud-based solution, Webscale is also able to learn across our customers, allowing for any fixes applied to address customer security issues to be immediately distributed across our entire base. That is the beauty of a SaaS platform versus an appliance.”