What is SmartWAF™
Armorize SmartWAF™ is a host-based Web Application Firewall (WAF). This web server plug-in analyzes application layer traffic and blocks attacks targeting vulnerable web application code and configuration. A web-based management console facilitates centralized administration and monitoring for all firewall instances while CodeSecure™ integration supports dynamic policy modification based on source code analysis findings. This hot-fix capability ensures applications are protected while vulnerable code is addressed.
Download the
SmartWAF™ Brochure
SmartWAF™ Advantages Application Layer Security
- Secures the network perimeter at the Web application layer
- Web Application Firewall protection for vulnerable web sites.
- Protects against attacks that network and system security mechanisms do not detect
- Blocks 20+ attack classes and over 10,000 attack vectors
- Provides Auto-Learning and Shadow Mode capabilities to support baseline and whitelist creation
- Supports SSL and session management through network stack plug-ins
- Features security baseline update mechanisms
Host Based Deployment
- Facilitates flexible deployment as simple Web server plug-in
- Increases fault-tolerance and redundancy as there is no single point of failure or bottleneck
- Optimizes investment as security costs scale linearly with Web server infrastructure
- Supports policy creation on a page, application or server-specific basis
- Integrates with all major OS and Web server environments
- Includes installation & policy wizards that support "basic" and "expert" configuration modes
Clustering and Centralized Management
- Enables management of multiple firewall instances via a single Web interface
- Supports global policy configuration - across all instances of SmartWAF™ - as well as on a server, application or page-specific basis
- Offers centralized logging, analysis, statistics, version history and rollback support
CodeSecure™ Integration
CodeSecure™ integration ensures that protection goes beyond simple post-deployment “patching" but is instead a critical part of a holistic security model.SmartWAF™ imports CodeSecure's findings and dynamically modifies its rule set to shield specific web application vulnerabilities from exploit. This hot-fix capability buys application developers much needed time to address code level issues, while ensuring the application itself does not remain at risk.
