Web Application Firewall

Web Application Firewall

 > Products>Network Security>Web Application Firewall
DPtech WAF3000 Web Application Firewall

The rocketing development of IT technology and network applications has spawned a growing number of Web-based applications in terms of types and quantities. A variety of attacks, such as SQL injection, cross-site scripting, and webpage Trojan, pose tremendous threats to Web applications, while raising higher requirements for the protection capabilities of Web application firewalls.
DPtech's WAF3000 Series Web Application Firewall is designed to provide comprehensive security protection for web applications. It is capable of fully protecting web applications by implementing pertinent protection policies for scanning before attacks, in-process attacks, and page tampering and information theft after attacks. In this way, it helps users address Web application threats with ease.

Product Functions Function Descriptions
Web Scanning Protection Behavior and fingerprint detection technologies are adopted to accurately detect any possible Web scanning behavior.
Web Attack Protection Effective protection against various web attacks is enabled, such as SQL injection, cross-site scripting, session hijacking, etc.
Accurate Detection of Webshell Webshell risk engine facilitates accurate detection of Webshell uploads and connections.
Hide Sensitive Data A series of protection methods for sensitive information have been put in place, including hidden server version information, server response status code masking, and leakage protection for website directories, source code, database information, and account information (bank card numbers and ID card numbers).
Geo-location-based Access Control Geo-location-based access control is activated to keep control of access at either a province in China or in a specific foreign country.
Webpage Tamper-proof It prevents webpage parameters from malicious tampering, effectively guaranteeing data security and integrity during interactions. A tamper-proof whitelist is established, based on which users can configure policies as needed and implement an organic combination of dynamic and static tamper-proof policies.
Web-layer DDoS Protection It supports denial of service attack defense (DDoS) against application-layer DDoS attacks, such as CC attacks, slow DDoS, etc.
Reinforced HTTP Protocol Reinforced HTTP Protocol is available, including non-standard protocol filtering, Cookie normalization and buffer overflow protection
Web Application Optimization Web application optimization includes server load balancing, web acceleration, and SSL offload.
Smart Mode It can monitor CPU usage, memory usage, concurrent connections, new connections and other states in real time. When the threshold is reached, an alarm is issued and the forwarding mode is trigged.
Website Self-learning Website self-learning function enables learning of website directory structure, website content, request frequency, cookies and other information, creating whitelist policies.
Automatic Site Detection Automatic site detection function supports learning the hit policy after it is generated, and automatically adding newly learned port, IP address, and URL address into the policy.
Interactions with Vulnerability Scanning Interactions with vulnerability scanning products help generate reports on Web vulnerability scanning and import them into WAF, automatically generating policies.
Graphic Management A user friendly graphical management interface, which supports Web GUI, SSH and serial console. Centralized management through UMC network management is also made possible.
Logs and Reports An independent log server is provided, on which regular automatic backups can be performed. With its built-in multi-dimensional reports, functions such as graphic inquiry, audit, statistics and retrieval of various network behavior logs on the intranet are enabled to facilitate the management in understanding and controlling the network. A number of visualized reports incorporating multiple metrics, including time, attack, and business system, are available.
High Reliability Equipped with a multiple guarantee mechanism of high reliability, it supports key component redundancy and hot-plug, application of Bypass and PFP Power Fail Safeguards, and dual-system hot standby. Truly seamless switching is thus enabled to guarantee highly stable and reliable Network Security operations.
Deployments It supports deployments in transparent mode, reverse proxy, and side by side mode.

These specifications apply only to DPtech products available on the international market.

Subscription account Service account