Product Advantages
-
Stable & Intelligent
Enables remote disaster recovery with intelligent scheduling and prioritized access; supports DNS resolution on the cloud; deploys within seconds.Enables remote disaster recovery with intelligent scheduling and prioritized access; supports DNS resolution on the cloud; deploys within seconds. -
Application-oriented
Defines your own application-specific protection rules to accurately block attacks and reduce misreports.Defines your own application-specific protection rules to accurately block attacks and reduce misreports.
-
360-degree Protection
Professional security teams provide 24/7 monitoring. With its proven comprehensive protections, WAF can defend against the latest 0-day vulnerabilities.Professional security teams provide 24/7 monitoring. With its proven comprehensive protections, WAF can defend against the latest 0-day vulnerabilities. -
Synergistic
Supports automatic upgrade on the cloud; detects potential threats and sets up multi-dimensional defense systems in collaboration with other security services.Supports automatic upgrade on the cloud; detects potential threats and sets up multi-dimensional defense systems in collaboration with other security services.
Application Scenarios
-
Data Leakage
-
0-Day Vulnerabilities
-
CC Attacks
-
Web Page Tampering
Data Leakage
Malicious visitors use such methods as SQL injection and webshells to intrude on website databases and steal service data or other sensitive information.
Advantages
Related Services
0-Day Vulnerabilities
WAF provides 360-degree protection using virtual patches against attacks that may exploit 0-day vulnerabilities in third-party frameworks or plug-ins.
Advantages
Related Services
CC Attacks
If a large number of malicious CC attacks are initiated, core resources are occupied for an extended period of time, causing slow website response or service interruption.
Advantages
Related Services
Web Page Tampering
Attackers leave backdoors on website servers or tamper with web page content, leaving your site defaced and potentially causing you losses.
Advantages
Related Services
Functions
-
Web Attack Defense
Detects and blocks common OWASP threats, including malicious scanners, IP addresses, and webshells.Detects and blocks common OWASP threats, including malicious scanners, IP addresses, and webshells. -
CC Attack Defense
Limits rate over interfaces and uses man-machine identification, mitigating impact of CC attacks (such as HTTP flood).Limits rate over interfaces and uses man-machine identification, mitigating impact of CC attacks (such as HTTP flood).
-
Complete protection
Complete protection
Detects and blocks attacks, including SQL injection, XSS, file inclusion, directory traversal, sensitive file access, command and code injections, webshells, and third-party vulnerability exploits.
Detects and blocks attacks, including SQL injection, XSS, file inclusion, directory traversal, sensitive file access, command and code injections, webshells, and third-party vulnerability exploits.
-
Precise identification
Precise identification
Uses semantics analysis & regex dual engines and supports common code restoration methods, reducing misreports and enhancing detection capabilities.Uses semantics analysis & regex dual engines and supports common code restoration methods, reducing misreports and enhancing detection capabilities.
-
Fine-grained flexibility
Fine-grained flexibility
Allows you to flexibly set rate limiting policies by IP address and cookie.Allows you to flexibly set rate limiting policies by IP address and cookie. -
Returned page customization
Returned page customization
Returned page customization
Enables you to address diversified needs with customizable content and types of returned pages.
Returned page customization
Enables you to address diversified needs with customizable content and types of returned pages.
-
Visualized Security
User-friendly GUI allows you to view attack information and event logs in real-time.User-friendly GUI allows you to view attack information and event logs in real-time. -
Access Control
Offers precise logic- and parameter-based access control policies.Offers precise logic- and parameter-based access control policies.
-
Centralized policy configuration
Centralized policy configuration
Centralized policy configuration
On-console configuration, rapid delivery, and immediate implementation of policies
Centralized policy configuration
On-console configuration, rapid delivery, and immediate implementation of policies
-
Traffic & event statistics
Traffic & event statistics
Real-time access to information, including the number and types of security events, logs, and number of requestsReal-time access to information, including the number and types of security events, logs, and number of requests
-
Variety of parameter conditions
Variety of parameter conditions
Sets conditions with combinations of common HTTP parameters such as IP, URL, Referer, User-Agent, and Params.Sets conditions with combinations of common HTTP parameters such as IP, URL, Referer, User-Agent, and Params. -
Rich set of logic conditions
Rich set of logic conditions
Rich set of logic conditions
Blocking or allowing based on logic conditions such as "Include", "Exclude", "Equal to", "Not equal to", "Prefix is", and "Prefix is not"
Rich set of logic conditions
Blocking or allowing based on logic conditions such as "Include", "Exclude", "Equal to", "Not equal to", "Prefix is", and "Prefix is not"
