Product Advantages

Product Advantages

  • Precise Threat Detection

    You can custom a wide range of protection rules and the alarm page to protect your websites with pre-configured protection rules and best practices of HUAWEI CLOUD WAF.
    You can custom a wide range of protection rules and the alarm page to protect your websites with pre-configured protection rules and best practices of HUAWEI CLOUD WAF.

  • Sensitive Data Protection

    You can anonymize your sensitive data, such as accounts and passwords, and configure the minimum TLS version and cipher suite to safeguard your service.
    You can anonymize your sensitive data, such as accounts and passwords, and configure the minimum TLS version and cipher suite to safeguard your service.

  • 360-Degree Protection

    You can count on WAF to defend against the latest zero-day vulnerabilities. Professional security teams provide you with 24/7 monitoring.
    You can count on WAF to defend against the latest zero-day vulnerabilities. Professional security teams provide you with 24/7 monitoring.

  • Security Compliance

    WAF fully complies with the PCI DSS requirements. With WAF as an integral part of your defense strategy, you can apply for and obtain PCI DSS certification.
    WAF fully complies with the PCI DSS requirements. With WAF as an integral part of your defense strategy, you can apply for and obtain PCI DSS certification.

Application Scenarios

  • Data Leakage Prevention

  • Zero-Day Protection

  • CC Attack Defense

  • Web Page Tampering Protection

Data Leakage Prevention

Data Leakage Prevention

WAF prevents malicious actors from using methods such as SQL injection and web shells to bypass application security and gain remote access to web databases.

Advantages

Precise Identification

WAF precisely identifies and thwarts attacks based on pre-configured rules and rules you customize.

Distortion Attack Detection

WAF detects a wide range of distortion attack patterns with 11 decoding methods to prevent bypass attempts.

Related Services

VSS

HSS

DBSS

Zero-Day Protection

Zero-Day Protection

WAF performs virtual patching to intercept threats that exploit known and unknown 0-day vulnerabilities in third-party frameworks or plug-ins.

Advantages

Swift Response

You can configure WAF to implement the required security policies and rules even before the third-party vendors take action.

Lower Cost
The virtual patches produce lower cost and less impact on services than the traditional patches.

Related Services

VSS

HSS

CC Attack Defense

CC Attack Defense

WAF protects your web servers from malicious Challenge Collapsar (CC), ensuring business and service continuity.

Advantages

Flexible Configuration

You can configure rate limiting policies by IP address or cookie to precisely detect and thwart CC attacks.

Customization

WAF enables you to easily customize response actions and the content of returned alarm pages according to your requirements.

Related Services

AAD

Web Page Tampering Protection

Web Page Tampering Protection

WAF ensures that attackers cannot leave backdoors on your web servers or tamper with your web page content, preventing damage to your credibility. 

Advantages

Malicious Code Detection

You can configure WAF to detect malicious code injected into web servers and ensure secure visits to web pages.

Intelligent Protection

WAF prevents attackers from tampering with web page content or publishing inappropriate information that can damage your reputation.

Related Services

VSS

HSS

Functions

Functions

  • Web Attack Defense

    Detects and blocks common OWASP threats, including malicious scanners, IP addresses, and web shells.
    Detects and blocks common OWASP threats, including malicious scanners, IP addresses, and web shells.

  • CC Attack Defense

    Performs rate-limiting on interfaces and mitigates the impact of CC attacks based on man-machine identification.
    Performs rate-limiting on interfaces and mitigates the impact of CC attacks based on man-machine identification.

  • Complete protection

    Complete protection

    Detects and blocks attacks, including SQL injection, XSS, file inclusion, directory traversal, sensitive file access, command and code injections, web shells, and third-party vulnerability exploits.

    Detects and blocks attacks, including SQL injection, XSS, file inclusion, directory traversal, sensitive file access, command and code injections, web shells, and third-party vulnerability exploits.

  • Precise identification

    Precise identification

    Uses semantics analysis & regex dual engines to enhance detection capabilities and reduce false positives. You can use multiple methods to decode.
    Uses semantics analysis & regex dual engines to enhance detection capabilities and reduce false positives. You can use multiple methods to decode.

  • Fine-grained flexibility

    Fine-grained flexibility

    You can flexibly set rate limiting policies by IP address and cookie.
    You can flexibly set rate limiting policies by IP address and cookie.

  • Customization

    Customization

    Customization

    You can customize the content of returned pages based on your requirements.

    Customization

    You can customize the content of returned pages based on your requirements.

  • Visualized Security

    Visualizes security information on a user-friendly interface in real time.
    Visualizes security information on a user-friendly interface in real time.

  • Access Control

    Offers precise logic- and parameter-based access control policies.
    Offers precise logic- and parameter-based access control policies.

  • Centralized policy configuration

    Centralized policy configuration

    Centralized policy configuration

    The intuitive console allows you to easily configure and immediately implement security policies.

    Centralized policy configuration

    The intuitive console allows you to easily configure and immediately implement security policies.

  • Real-time statistics

    Real-time statistics

    You can use real-time security information, including the number and types of security events and detailed logs, to derive insights and fine-tune policies.
    You can use real-time security information, including the number and types of security events and detailed logs, to derive insights and fine-tune policies.

  • Various parameter conditions

    Various parameter conditions

    You can configure different combinations of common HTTP parameters such as IP, URL, Referer, User-Agent, and Params.
    You can configure different combinations of common HTTP parameters such as IP, URL, Referer, User-Agent, and Params.

  • Abundant logic conditions

    Abundant logic conditions

    Abundant conditions

    You can block or allow traffic based on logic conditions such as "Include", "Exclude", "Equal to", "Not equal to", "Prefix is", and "Prefix is not".

    Abundant logic conditions

    You can block or allow traffic based on logic conditions such as "Include", "Exclude", "Equal to", "Not equal to", "Prefix is", and "Prefix is not".

Usage Guides

Documentation

Documentation

Go Cloud Festival ongoing: 78% off popular solution packages, and new user packages from $1 USD

Join Now!

Reminder

OK