WAF (Web Application Firewall)

Web Application Protection from Web Vulnerabilities and Attacks

By monitoring website traffic, WAF service protects web applications from different level firewalls and IPS (Intrusion Protection System) can protect. WAF service can effectively detect and respond to automated bot attacks and other HTTP/HTTPS based security threats that attempt to take advantage of website vulnerabilities.

Overview

  • Robust Detection & Response

    By monitoring HTTP, HTTPS port traffic of customer-defined IPs, WAF service monitors for hacker's attack attempts in real-time. WAF service categorizes attacks including injection, cross-site scripting (XSS) and web scans through web firewall event analysis and WAF service can effectively respond to new web attack tactics by providing various defense mechanisms necessary for web security (e,g, detect internal data leakage, unauthorized access and web forgery).

  • Reliable Web Service Operation

    WAF service supports web firewall fault management by performing web firewall signature pattern and firmware updates. WAF service can also support reliable web service operations by detecting hacking attempts such as bad bots and other new web security threats including Open Web Application Security Project (OWASP) top 10, top 8 vulnerability attacks defined by the National Intelligence Service and zero-day attacks.

  • Convenient Security Management

    Real-time monitoring on various attack events are notified to the customer to enable preemptive response to security threat. Details of detected events (IP/Port, target IP, detected time, etc.) are displayed on the dashboard.

01

04

Architecture Diagram (Enterprise)

Samsung Cloud Platform
  • Security Zone : DDoS Protection → (Secured Firewall → IPS) → WAF
  • Service Pool : VPC ( Blocking of Web Attacks → disc )
  • 24/7 Security Monitoring → Block Policy → WAF Blocking of Web Attacks
Attacker → Hacking Attacks → Samsung Cloud Platform Legitimate Service User → Samsung Cloud Platform Attacker → Hacking Attacks → Samsung Cloud Platform

Architecture Diagram (Samsung)

Samsung Cloud Platform
  • Security Zone : DDoS Protection → Secured Firewall → IPS → WAF
  • Service Pool : VPC ( Blocking of Web Attacks → disc )
  • 24/7 Security Monitoring → Block Policy → WAF Blocking of Web Attacks
Attacker → Hacking Attacks → Samsung Cloud Platform Legitimate Service User → Samsung Cloud Platform Attacker → Hacking Attacks → Samsung Cloud Platform

Key Features

  • Intrusion detection and analysis, provide monitoring information

    - 24/7 event monitoring (alert raising, monthly reports)
    - Attack categorization through web firewall event analysis (injection, XSS, file include, file upload/download, web scan, etc.)
    - Detect internal data leakage, unauthorized access and web forgery
    - Detect Apache Struts vulnerability

  • Intrusion response

    -IP blocking in the event of attempted attacks on registered URLs

  • Web firewall operation

    - Automatically update security threats collected by TI (e.g. signature pattern) and update firmware
    - Manage web application firewall failures
    - Provide blocked policy list of each customer
    - Provide detailed information about User-Agent and Referer

Pricing

    • Billing
    • Based on throughput
    • Minimum contract period : 1 year (Charged monthly)
Let’s talk

Whether you’re looking for a specific business solution or just need some questions answered, we’re here to help

Get in Touch
Share