Web Application Firewall

- Big Data Computing
- E-MapReduce
- Big Data Search and Analysis
- Ping An Brain
- Log Service
- Big Data Application
- Nebula BI

Web Application Firewall WAF

Web Application Firewall WAF, it is a web application firewall for enterprises to monitor and block common attacks on web sites. Support the discovery of common OWASP attacks such as SQL injection and XSS cross-site. It can reduce the risk of downtime, tampering and data theft for users, and hide the origin site to prevent direct attacks on the origin site.

Value Proposition

Second-level response, strong protection

Second-level response: Second-level fault discovery.strong protection: Machine learning rule adaptation

Save construction and operation costs

Low investment: on demand usage, cost controllable. No construction and operation cost concerns.Fast access: only need to modify the DNS resolution, take effect in about 10 minutes.

24/7 protection

Security experts are on duty 7*24 hours to protect the business system.

Use Cases

Defending CC Attacks
Prevention of Data Leakage

The self-built IDC and the cloud's proprietary network coexist. When the service bursts, the cloud traffic is migrated to the cloud to meet the demand and the disaster recovery function is realized.
Recommend to use with: Elastic Compute Service Elastic Block Storage

For the financial scenarios, VPC is used to build three-center disaster recovery in the two places to ensure the security and high availability of services on the cloud and meet the business needs. The service is deployed across the available areas to achieve live in the same city, and the peer-to-peer connection to realize the remote data backup. Disaster recovery, based on ACL, security group, CAM multi-level security protection to achieve security isolation of the business area.
Recommend to use with: Elastic Compute Service Elastic Block Storage

Success Stories

Ping An Property & Casualty Insurance

YQB.COM

Ping An Trust

Ping An Wanjia Medicare

Functionality

Web common attack protection

Supports comprehensive detection of common OWASP threats such as SQL injection, XSS cross-site scripting, file inclusion, and command execution.
Mitigating CC attacks

Control the access frequency of a single source IP, redirect and jump verification, etc. Mass request for a slow attack, abnormal response to the identification code, access to the IP, URL abnormal distribution, abnormal Referer, User-agent request are filtered by the access control.
0day patches are regularly updated

Update the latest vulnerability patches within 24 hours and update the protection rules in time.
Machine learning intelligent rules engine

The engine includes machine learning + rule double detection algorithm to identify and intercept attacks such as injection, cross-site, protocol violation, Webshell, hotlinking, component vulnerability, CSRF, and information leakage.

Tariff and Pricing