Web Application Firewall
Contact Sales

Web Application Firewall (WAF)

Web Application Firewall (WAF)

Web Application Firewall (WAF) acts as a shield for web apps and websites against multiple attacks such as SQL injection, malicious file execution, cross-site scripting, and more. Powered by Huawei's machine learning technology, WAF intelligently filters out malicious traffic to safeguard data, ensure fast load times, and maintain uptime.

Web Application Firewall (WAF) acts as a shield for web apps and websites against multiple attacks such as SQL injection, malicious file execution, cross-site scripting, and more.

Product Advantages

Stop attacks and block hackers before they reach your application, server, and data

  • Maximize Uptime, Availability, and Speed

    Detect and defend against attacks, ensuring the security, uptime, functionality, and fast-loading of your web applications and websites.

    Detect and defend against attacks, ensuring the security, uptime, functionality, and fast-loading of your web applications and websites.

  • Sensitive Data Protection

    In addition to guarding databases, anonymize sensitive data, and go a step further to encrypt data in transmission by configuring TLS and cipher suite.

    In addition to guarding databases, anonymize sensitive data, and go a step further to encrypt data in transmission by configuring TLS and cipher suite.

  • Guard Against Emerging Threats 24/7

    WAF pro-actively defends against the latest zero-day vulnerabilities and exploits. Security rules can be updated and deployed anytime via the console.

    WAF pro-actively defends against the latest zero-day vulnerabilities and exploits. Security rules can be updated and deployed anytime via the console.

  • Security Certification

    As part of your cybersecurity strategy, WAF can help you comply with PCI DSS requirements to ensure safe and secure online payments.

    As part of your cybersecurity strategy, WAF can help you comply with PCI DSS requirements to ensure safe and secure online payments.

Application Scenarios

WAF guards your online apps and websites against emerging threats 24/7

Reduce Risk of Data Loss

WAF prevents hackers and bad actors that attempt to bypass application security and gain remote access to web databases.


Advantages

  • Precise Identification

    WAF precisely identifies malicious traffic to stop attacks based on pre-configured and customized rules.

  • SQL Injection and XSS Detection

    WAF detects a wide range of distortion attack patterns with 11 decoding methods to prevent bypass attempts.

Related Services

HSS
DBSS

Proactive Zero-Day Protection

WAF performs virtual patching to intercept threats that exploit known and unknown zero-day vulnerabilities in third-party software or plug-ins.


Advantages

  • Quick Response

    Configure WAF to implement improvised security policies and rules even before the third-party vendors patch their software.

  • Cost-effective

    WAF uses rules instead of patches to fix vulnerabilities, simplifying maintenance to reduce the cost of cloud security.

Related Services

HSS

Protection Against Application Layer DDoS Attacks

WAF protects your web apps and servers from sophisticated application layer DDoS attacks, ensuring business continuity. For added protection against large volumetric DDoS attacks, the Advanced Anti-DDoS (AAD) service is also recommended.


Advantages

  • Flexible Configuration

    You can configure rate limiting policies by IP address or cookie to precisely detect and prevent CC attacks.

  • Customization

    WAF enables you to easily customize response actions and the content of alarm pages.

Prevent Web Page Tampering and Defacements

WAF ensures that attackers cannot insert backdoors on your web servers or tamper with your web page content, preventing damage to your brand's credibility. 


Advantages

  • Malicious Code Detection

    Configure WAF to detect attempts to inject malicious code onto web servers.

  • Intelligent Defacement Protection

    Prevent attackers from tampering with web page content, hijacking websites, or publishing inappropriate information.

Related Services

HSS

Customers

Trusted by global enterprises in e-commerce, healthcare, hospitality, logistics, finance and more

Functions

Advanced website protection features across three editions: Standard, Professional, and Platinum

  • Comprehensive Web Attack Defense

    WAF's built-in capabilities help you precisely identify and block threats, and allow you to configure different security rules for apps and websites.

    WAF's built-in capabilities help you precisely identify and block threats, and allow you to configure different security rules for apps and websites.

  • DDoS CC Attack Guard

    Identify real users, configure rate limiting, and block fake users, to mitigate the impact of denial-of-service Challenge Collapsar (CC) attacks.

    Identify real users, configure rate limiting, and block fake users, to mitigate the impact of denial-of-service Challenge Collapsar (CC) attacks.

  • Precise identification
    Precise identification

    WAF uses semantics analysis and regex dual engines for the precise identification of good and bad traffic, significantly reducing false positives.

    WAF uses semantics analysis and regex dual engines for the precise identification of good and bad traffic, significantly reducing false positives.

  • Guard against widespread HTTP application attacks
    Guard against widespread HTTP application attacks

    Configure WAF to detect and intercept attacks, including SQL injection, XSS, file inclusion, directory traversal, sensitive file access, command/code injection, web shell uploads, and third-party vulnerability exploits.

    Configure WAF to detect and intercept attacks, including SQL injection, XSS, file inclusion, directory traversal, sensitive file access, command/code injection, web shell uploads, and third-party vulnerability exploits.

  • Fine-grained flexibility
    Fine-grained flexibility

    You can flexibly set rate limiting policies by IP address and cookie.

    You can flexibly set rate limiting policies by IP address and cookie.

  • Customization
    Customization

    You can customize the content of returned pages based on your requirements.

    You can customize the content of returned pages based on your requirements.

  • Visualized Security Monitoring

    Using WAF's user-friendly console, view real-time security information to increase your threat posture awareness.

    Using WAF's user-friendly console, view real-time security information to increase your threat posture awareness.

  • Secure Access Control

    WAF enables you to define precise parameter- and logic-based access control to fine-tune your protection.

    WAF enables you to define precise parameter- and logic-based access control to fine-tune your protection.

  • Centralized rule configuration
    Centralized rule configuration

    Easily configure, deploy, and manage multiple security rules for each attack scenario.

    Easily configure, deploy, and manage multiple security rules for each attack scenario.

  • Real-time statistics
    Real-time statistics

    Quickly get actionable insights with real-time visibility into security events, and enable security administrators to drill down into attack alerts and logs.

    Quickly get actionable insights with real-time visibility into security events, and enable security administrators to drill down into attack alerts and logs.

  • Various parameter conditions
    Various parameter conditions

    You can configure different combinations of common HTTP parameters such as IP, URL, Referer, User-Agent, and Params.

    You can configure different combinations of common HTTP parameters such as IP, URL, Referer, User-Agent, and Params.

  • Abundant logic conditions
    Abundant logic conditions

    You can block or allow traffic based on logic conditions such as "Include", "Exclude", "Equal to", "Not equal to", "Prefix is", and "Prefix is not".

    You can block or allow traffic based on logic conditions such as "Include", "Exclude", "Equal to", "Not equal to", "Prefix is", and "Prefix is not".