Edgenexus Web Application Firewall
What is a Web Application Firewall?
The Edgenexus Application Firewall is a virtual appliance (Isolated container) that protects Web applications by controlling the conversation between the application and clients. It runs at the application layer and aims to fill the security gap that traditional firewalls fail to address. It can be download via the app store here and new rules can be downloaded here.
Edgenexus Web Application Firewall Features
The Edgenexus Web Application Firewall incorporates industry leading, hardened firewall technology to provide Layer 7 application protection for web-based applications.
How does the Edgenexus Web Application Firewall work?
The Edgenexus Web Application Firewall controls the input, output and access to and from an application by inspecting the HTTP conversation between the application and clients according to a set of rules.
These rules cover common attacks such as cross-site scripting (XSS), SQL injection, session hijacking and buffer overflows which network firewalls and intrusion detection systems are often not capable of doing. The rules may be also used to enforce security policies required by PCI DSS or other security standards in order to block leakage of sensitive information like credit card numbers.
By customising the rules to your application, many attacks can be identified and blocked. The effort to perform this customisation can be significant and needs to be maintained as the application is modified. A Set of PCI DSS rules come as standard to the product and can updates (assuming a valid support contract) via the software update function of the ALB-X.