Web Application Firewall (WAF)

There are two main types of threats that affect website performance:

  • threats targeting website availability (DDoS)
  • threats targeting the privacy of website content (vulnerabilities)

While the first type of threats is effectively mitigated by our Qrator solution, the second type is the main concern of WAF (Web Application Firewall) using the Wallarm technology.

The source code of any serious web application may contain errors. The hackers exploit them in order to get unsanctioned access to the data belonging to the owners and visitors of the website. It is necessary not only to detect and neutralize the attacks on web application timely but also exclude the possibility of exploiting these vulnerabilities in future. Wallarn is designed to solve these task with highest efficiency.

Wallarm services

Wallarm provides the following services:

  • Notifications on detected vulnerabilities of the web application and measures for detection and blocking of malicious traffic bound to exploit these vulnerabilities.
  • Providing the customer with reports on detected problems and platform-specific recommendations for solving them. Ruby, PHP, .NET, Perl and Python applications are supported.
  • Automated monitoring of the status of detected vulnerability up to the moment of its elimination.
  • Quality control for vulnerability mitigation.

Wallarm operation

In order to neutralize attacks and vulnerabilities Wallarm uses statistical data on the protected website traffic which is obtained from the Qrator network. As a result of the analysis, Wallarm makes online updates of the rule sets used for filtering the traffic in our network.

This service requires no technical alterations on the client's side.

Wallarm does not affect the passing of legitimate traffic through thhe Qrator network.

WAF

Wallarm components

  • Proactive filter blocks most of attacks on the web application. It is able to handle large volumes of traffic. Self-teaching algorithm ensures avoidance of false-positive incidents.
  • Vulnerability detection system detects existing errors in web application security. The customer is informed on any detected vulnerabilities and is provided with not only the description of the problem but also with detailed instructions on its solution.
  • Virtual Patching system protects the application from exploits of the vulnerabilities that have been detected but not fixed yet, blocking attack and intrusion attempts in online mode and allowing uninterrupted website operation (not provided on the testing stage).

Wallarm advantages

  • Cloud solution on the Qrator network – the customer doesn't need to install any additional software or buy any hardware devices.
  • Non-signature-based statistical analysis methods:
    • no signatures means no delays in traffic processing. The system can be applied to high-performance applications (Big Data projects such as social networks, search engines etc);
    • it's possible to detect previuosly unknown attack that doesn't have their signatures contained in the knowledge base.
  • Unlike the conventional IPS/IDS, Wallarm:
    • not only detects the attacks (which can, in most of the cases, pose no threat to your website - various autohackers and scanners creating "white noise" over the Internet) but also distinguishes those ones that are really capable of puttng your website in danger;
    • finds vulnerabilities in your web application source code.

Tariffs (this service is provided only in conjunction with DDoS mitigation):

$
Common WAF Active WAF Total WAF
Common WAF
Active WAF
Total WAF
Monthly subscription fee per 1 Qrator IP (3 Mbps of traffic included) €285 €860 €2170
Additional costs for traffic (per 1Mbps) €6 €6 €6
Attack blocking by source IP by source IP by source IP + by each request
Reaction time for an attack in minutes, no more than 8 minutes 4 minutes instantly
Active vulnerability detection
Consulting on vulnerabilities and incidents
Virtual Patching

Please take notice that all the content provided on this website regarding the terms of services, technical parameters and the costs of services is for informational purposes only and is not a public offer defined by terms of Article 437 (2) of Civil Code of Russian Federation. For further information please contact HLL, LLC.

Read next: DNS Protection