System-wide performance maintenance will impact support ticket submissions starting at 6pm CST on January 28th (11am AEDT on 29 January / 12am GMT on 29th January) and is projected to end at 10am CST on January 30th (3am AEDT on 31 January / 4pm GMT on 30th January). During this time, email support@advsol.com for help with urgent iMIS issues or email hosting@advsol.com for urgent assistance with hosting issues. We thank you for your patience.

What is a Web Application Firewall (WAF)?

 

As part of ASI's investment in solutions to protect our clients’ environment and data, we are implementing Cloudflare's Web Application Firewall (WAF) in our global operating region. 

What is a WAF?

A WAF is a web application firewall that filters, monitors, and blocks HTTP(S) traffic to and from a web application. A WAF is differentiated from a regular network firewall in that a WAF is able to filter the content of specific web applications while regular firewalls serve as a networking safety gate between servers and the outside world.  All incoming traffic will come in through the WAF prior to reaching the iMIS web application server/VM.  The Cloudflare WAF provides an extraordinary level of protection against most, if not all, common exploits that bad actors use to compromise/hack/deface modern web sites.

ASI’s deployment of the Cloudflare WAF in our global region provide protection against:

  • XSS Injections 
  • SQL Injection Attacks
  • Forceful Browsing
  • Protocol Violations
  • Session Tamper Attacks: Majority of these are invalid cookies or Cookie Tampered.
  • XML Violations
  • SQL Attacks
  • File Attacks
  • Auth Attacks
  • DDoS Attacks
  • Limits Violation
  • JSON Violations
  • BOT Mitigation


How will this be implemented?

In order to implement this additional level of security to all ASI hosted clients, we are requiring all clients to update their DNS to point to the WAF in their region by August 31, 2021.  Clients have or will receive notification and instructions for this change, based on region.

0 Comments

Please sign in to leave a comment.
Powered by Zendesk