Product Advantages

Product Advantages

  • Stable & Intelligent

    Enables remote disaster recovery with intelligent scheduling and prioritized access; supports DNS resolution on the cloud; deploys within seconds.
    Enables remote disaster recovery with intelligent scheduling and prioritized access; supports DNS resolution on the cloud; deploys within seconds.

  • Application-oriented

    Defines your own application-specific protection rules to accurately block attacks and reduce misreports.
    Defines your own application-specific protection rules to accurately block attacks and reduce misreports.

  • 360-degree Protection

    Professional security teams provide 24/7 monitoring. With its proven comprehensive protections, WAF can defend against the latest 0-day vulnerabilities.
    Professional security teams provide 24/7 monitoring. With its proven comprehensive protections, WAF can defend against the latest 0-day vulnerabilities.

  • Synergistic

    Supports automatic upgrade on the cloud; detects potential threats and sets up multi-dimensional defense systems in collaboration with other security services.
    Supports automatic upgrade on the cloud; detects potential threats and sets up multi-dimensional defense systems in collaboration with other security services.

Application Scenarios

  • Data Leakage

  • 0-Day Vulnerabilities

  • CC Attacks

  • Web Page Tampering

Data Leakage

Data Leakage

Malicious visitors use such methods as SQL injection and webshells to intrude on website databases and steal service data or other sensitive information.

Advantages

Precise Identification
Uses semantic analysis & regex to examine traffic from different dimensions for added precision in thwarting attackers.
Distortion Attack Detection
Seven ways to restore code with improved detection capabilities on distortion attacks to prevent bypass attempts.

Related Services

Vulnerability Scan Service

Host Security Service

Database Security Service

0-Day Vulnerabilities

0-Day Vulnerabilities

WAF provides 360-degree protection using virtual patches against attacks that may exploit 0-day vulnerabilities in third-party frameworks or plug-ins.

Advantages

Swift Response
Responses to vulnerabilities (including delivering virtual patches and updating the rule library) are taken in advance of actions from specific vendors.
Lower Cost
The virtual patches produce lower cost and less impact on services than the traditional patches.

Related Services

Vulnerability Scan Service

Host Security Service

CC Attacks

CC Attacks

If a large number of malicious CC attacks are initiated, core resources are occupied for an extended period of time, causing slow website response or service interruption.

Advantages

Flexible Configuration
Allows you to flexibly set rate limiting policies by IP address or cookie, provides highly precise CC attack detection, and ensures that services remain uninterrupted.
Customization
Configures response actions and content of returned pages to suit your particular needs.

Related Services

Advanced Anti-DDoS

Web Page Tampering

Web Page Tampering

Attackers leave backdoors on website servers or tamper with web page content, leaving your site defaced and potentially causing you losses.

Advantages

Website Malicious Code Detection
Detects malicious codes injected into the website server, helping ensure a safe visit to the site.
Protection Against Web Page Tampering
Prevents attackers from tampering with or changing web page content, or publishing indecent information that can damage the organization's reputation.

Related Services

Vulnerability Scan Service

Host Security Service

Functions

Functions

  • Web Attack Defense

    Detects and blocks common OWASP threats, including malicious scanners, IP addresses, and webshells.
    Detects and blocks common OWASP threats, including malicious scanners, IP addresses, and webshells.

  • CC Attack Defense

    Limits rate over interfaces and uses man-machine identification, mitigating impact of CC attacks (such as HTTP flood).
    Limits rate over interfaces and uses man-machine identification, mitigating impact of CC attacks (such as HTTP flood).

  • Complete protection

    Complete protection

    Detects and blocks attacks, including SQL injection, XSS, file inclusion, directory traversal, sensitive file access, command and code injections, webshells, and third-party vulnerability exploits.

    Detects and blocks attacks, including SQL injection, XSS, file inclusion, directory traversal, sensitive file access, command and code injections, webshells, and third-party vulnerability exploits.

  • Precise identification

    Precise identification

    Uses semantics analysis & regex dual engines and supports common code restoration methods, reducing misreports and enhancing detection capabilities.
    Uses semantics analysis & regex dual engines and supports common code restoration methods, reducing misreports and enhancing detection capabilities.

  • Fine-grained flexibility

    Fine-grained flexibility

    Allows you to flexibly set rate limiting policies by IP address and cookie.
    Allows you to flexibly set rate limiting policies by IP address and cookie.

  • Returned page customization

    Returned page customization

    Returned page customization

    Enables you to address diversified needs with customizable content and types of returned pages.

    Returned page customization

    Enables you to address diversified needs with customizable content and types of returned pages.

  • Visualized Security

    User-friendly GUI allows you to view attack information and event logs in real-time.
    User-friendly GUI allows you to view attack information and event logs in real-time.

  • Access Control

    Offers precise logic- and parameter-based access control policies.
    Offers precise logic- and parameter-based access control policies.

  • Centralized policy configuration

    Centralized policy configuration

    Centralized policy configuration

    On-console configuration, rapid delivery, and immediate implementation of policies

    Centralized policy configuration

    On-console configuration, rapid delivery, and immediate implementation of policies

  • Traffic & event statistics

    Traffic & event statistics

    Real-time access to information, including the number and types of security events, logs, and number of requests
    Real-time access to information, including the number and types of security events, logs, and number of requests

  • Variety of parameter conditions

    Variety of parameter conditions

    Sets conditions with combinations of common HTTP parameters such as IP, URL, Referer, User-Agent, and Params.
    Sets conditions with combinations of common HTTP parameters such as IP, URL, Referer, User-Agent, and Params.

  • Rich set of logic conditions

    Rich set of logic conditions

    Rich set of logic conditions

    Blocking or allowing based on logic conditions such as "Include", "Exclude", "Equal to", "Not equal to", "Prefix is", and "Prefix is not"

    Rich set of logic conditions

    Blocking or allowing based on logic conditions such as "Include", "Exclude", "Equal to", "Not equal to", "Prefix is", and "Prefix is not"

Usage Guides

Documentation

Documentation

Provides Scalable, On-demand Computing Resources

Learn More