parallax background
 

Radware Web Application Firewall (WAF)

- intelligent security for web applications

 

Radware AppWall Web Application Security Solutions

Today there is a growing trend for security in organizations, which in turn face a growing threat landscape, accelerating digital transformation, and a shortage of information security professionals and their expertise.
Radware enables secure digital interactions between users and enterprise applications and APIs with its “Web Aplication Firewall”.

Largest customers worldwide

 

Recognized leader in its field

Radware Partners

REQUEST A FREE DEMO

Protection from web application vulnerabilities
Web application firewalls can be purchased now.

 

  • Protecting web applications from hacking and vulnerability exploitation

  • Full OWASP TOP 10 protection and more

  • Positive security model automatically blocks malicious activity

  • Flexible deployment options as a managed cloud server, virtual appliance, Kubernetes WAF or integrated with cloud ADC.

REQUEST A DEMO

Radware's Application Protection Solution

Comprehensive Web Application Defense


What do we need in order to effectively defend ourselves?

           

Radware provides a company with complete network and web application protection

 

Radware WAF - web application firewall

Application Protection Technology Overview

                                                                         

                                                                               On-Premise                      Cloud service

                                                                (Physical/Virtual/ Kubernetes)                          

Full comprehensive protection

                                  Protection not only against OWASP TOP-10, but also against many other attacks.

                                  Automatic generation of security policies based on machine learning.

                                Robust protection against bots, API attacks, DDoS and more.

                                  The same technology is used both in the cloud and locally.

Why WAF? Need maximum security for web applications!


A negative security model is the standard for most WAF technologies and services, which block known attacks using known signatures and rules. But this cannot provide full OWASP protection as well as zero-day protection.

What is needed is a positive security model that examines and determines which activities are legitimate traffic, blocking unauthorized access or activities that are not allowed. This unique defense against zero-day attacks and unknown vulnerabilities to provide a high level of protection and minimal false positives.

Negative security model

  • Standard for most cloud WAF services and technologies.
  • Blocks known attacks with signatures and rules.
  • Cannot protect against 0-day attacks.

Positive Security Model

  • Examines and determines what activities are normal and legitimate.
  • Blocks unauthorized access or abnormal activities.
  • Protects against 0-day attacks and exploitation of unknown vulnerabilities.
GET MORE INFORMATION

Continuous adaptation of security policies

                 

Bots are taking over the world

                   

 

What do good bots do?

What do bad bots do?

                                     

Who is the target of the attackers

                 

Bots are attacking all communication channels

                 

Difficulties in detecting bad bots

     

Limitations of traditional defenses:

  • Inaccurate bot detection

  • Lack of specialized THREAT INTELLIGENCE

 

RADWARE BOT MANAGER

       

Radware WAF Solutions Available

Our catalog features trusted Radware WAF products designed to provide robust protection against evolving web application threats. Whether you're securing enterprise environments or optimizing application delivery, these solutions offer performance and reliability tailored to your needs.

Explore the options below to learn more:

Alteon Appwall (WAF)

Alteon Appwall (WAF)

AppWall OnDemand Switch 1 XL

AppWall OnDemand Switch 1 XL

FAQ

1What is Radware WAF?
Radware WAF is an Internet application firewall designed to protect Internet applications from attack by configuring rules that allow or block cross-network requests based on certain conditions, and can monitor (count) those conditions. These conditions include IP addresses, HTTP headers and bodies, URI strings, SQL injection, and cross-site scripting.
2What types of attacks can Radware WAF protect against?
Radware WAF can protect websites from common attack methods such as SQL injection and cross-site scripting (XSS). In addition, you can create rules to block or limit the frequency of requests from certain browsers, IP addresses or containing certain request headers.
3How does Radware WAF block or allow traffic?
When the underlying service receives requests for websites, it forwards them to Radware WAF for review for compliance with the rules. If the request meets a condition set forth in the rules, Radware WAF instructs the underlying service to block or allow the request, according to the action assigned in the rules.
4What bot activity limiting capabilities are available in Radware WAF?
Radware WAF bot control gives you visibility and control over general and pervasive bot traffic directed to your applications. With the bot control feature, you can easily monitor and block pervasive bots such as scrapers, analyzers and scanners, or limit the frequency of their requests, as well as allow requests from common bots such as status monitors and search engines. The managed rule group of the bot control feature can be used alongside other managed rules for WAF or with your own WAF rules to protect your applications.
5Does Radware WAF support IPv6?
Yes, IPv6 support allows Radware WAF to handle HTTP/HTTPS requests from IPv6 and IPv4 addresses.
6Can a rule based on request frequency be used to neutralize network-level DDoS attacks?
Yes. This new type of rule was designed to protect customers from network-level DDoS attacks, brute force logon attempts, and unwanted bots.
7Can I use a rule based on request frequency to restrict access to certain parts of my web page?
Yes. Here's an example. Suppose you want to limit the number of requests to the login page. To do this, you can add the following string comparison condition to the query-frequency based rule. The query string on which filtering will be performed is “URI”. The match type is “Starts with”. The value to be matched against is “/login” (must be independent of what identifies the login page in the web request URI string). In addition, a limit on the frequency of requests should be specified, say 15,000 requests in 5 minutes. Adding this request-frequency based rule to the web ACL will limit the number of login page requests per IP address without affecting the rest of the site.
8Can certain ranges of source IP addresses be exempted from blocking by using query frequency based rules?
Yes. This can be done by setting a separate IP address match condition that allows a request for a request frequency based rule.
9How accurate is your geographic IP address allocation database?
The accuracy of IP address assignment to a country depends on the region. According to the latest data, the overall accuracy of our IP address database is 99.8%.
 

Not sure how to start improving your security?

Schedule a free test drive!
 
 

 

 

 
CONTACT US