What is a Web Application Firewall (WAF)?

 

As part of ASI's investment in solutions to protect our clients’ environment and data, we are implementing a suite of Barracuda Web Application Firewalls (WAF) in all of our global operating regions. 

What is a WAF?

A WAF is a web application firewall that filters, monitors, and blocks HTTP(S) traffic to and from a web application. A WAF is differentiated from a regular network firewall in that a WAF is able to filter the content of specific web applications while regular firewalls serve as a networking safety gate between servers and the outside world.  All incoming traffic will come in through the WAF prior to reaching the iMIS web application server/VM.  The Barracuda WAF provides an extraordinary level of protection against most, if not all, common exploits that bad actors use to compromise/hack/deface modern web sites.

ASI’s deployed suite of Barracuda WAFs in all global regions provide protection against:

  • XSS Injections 
  • SQL Injection Attacks
  • Forceful Browsing
  • Protocol Violations
  • Session Tamper Attacks: Majority of these are invalid cookies or Cookie Tampered.
  • XML Violations
  • SQL Attacks
  • File Attacks
  • Auth Attacks
  • DDoS Attacks
  • Limits Violation
  • JSON Violations
  • BOT Mitigation


How will this be implemented?

In order to implement this additional level of security to all ASI hosted clients, we are requiring all clients to update their DNS to point to the WAF in their region.  Clients have received notification and instructions for this change, based on region.

0 Comments

Please sign in to leave a comment.
Powered by Zendesk