• Secure Reverse Proxy
• Central Checkpoint
• Filtering
• API Security
• Dynamic Whitelisting
• Central Security Hub
• High Availability and Performance

• Reduce the risk of downtime, data theft and security breaches with a WAF that can scale to protect against the largest DoS and DDoS attacks.
• Ensure high performance even during attacks thanks to Akamai’s globally architecture.
• Defending against new and emerging threats with help from Akamai’s Threat Intelligence Team.
• Minimize costs of cloud security by avoiding the need for expensive dedicated hardware.

• Kona WAF provides comprehensive capabilities to protect against application-layer attacks. 
• Adaptive rate controls automatically protect against application-layer DDoS and other volumetric attacks by monitoring and controlling the rate of requests against applications.
• Application-layer controls offer pre-defined, configurable WAF rules that govern Request Limit Violations, Protocol Violations, HTTP Policy Violations and more.
• Network-layer controls automatically deflect network-layer DDoS attacks at the network edge and define and enforce IP whitelists and blacklists to restrict requests from certain IP addresses or geographical regions.
• Security monitor provides real-time visibility into security events and enables administrators to drill down into attack alerts.
• Logging features enable you to integrate WAF and event logs with security information and event management to increase your threat posture awareness.

• Application security is complicated to deploy and manage without specialized resources.
• Continuous updates to applications can lead to new vulnerabilities.
• Legacy applications were developed without secure coding practices.

• Built on a proven security platform. Enterprise-proven technology that provides comprehensive protection from all OWASP recognized security risks, DDoS attacks, and even the most advanced zero-day threats. Proactive bot defense ensures always-on protection from automated attacks, web scraping, and brute force attacks.
• Simplified application security for everyone. Remove the complexity of setting up and configuring your application security solution. Barracuda WAF-as-a-Service delivers protection for your web apps in minutes thanks to a simple 5-step setup wizard, and numerous pre-built security policy templates.
• Complete control. Unlimited rulesets. For more advanced users, Barracuda WAF-as-a-Service offers a level of control traditionally reserved only for on-premises and public cloud solutions. Fine-tune specific policies for each component of every application's security profile.
• Automated vulnerability discovery and remediation. Barracuda Vulnerability Remediation Service is built-in and provides automatic vulnerability detection and remediation which can be scheduled, ensuring ongoing protection without any administrative overhead.
• Granular visibility with detailed logs and reports. Gain rich insight into all web traffic events and users. Detailed compliance reports help you easily understand your security status at any given time by having complete visibility into all HTTP/S traffic.
• Unmetered DDoS protection included. DDoS attacks disrupt the service availability of your web apps which can have a significant impact on your business. Barracuda WAF-as-a-Service defends against the full spectrum of L3-L7 DDoS attacks ensuring the availability of your web apps.

The Barracuda Web Application Firewall blocks an ever-expanding list of sophisticated web-based intrusions and attacks that target the applications hosted on your web servers—and the sensitive or confidential data to which they have access. Constant Protection from Evolving Threats The Barracuda Web Application Firewall provides superior protection against data loss, DDoS, and all known applicationlayer attack modalities. Automatic updates provide defense against new threats as they apear. As new types of threats emerge, it will acquire new capabilities to block them. Identity and Access Management The Barracuda Web Application Firewall has strong authentication and access control capabilities that ensure security and privacy by restricting access to sensitive applications or data to authorized users. Affordable and Easy to Use Pre-built security templates and intuitive web interface provide immediate security without the need for time-consuming tuning or application learning. Integration with security vulnerability scanners and SIEM tools automates the assessment, monitoring, and mitigation process

• Injection
• Broken Authentication and Session Management
• Sensitive Data Exposure
• XML External Entities (XXE)
• Broken Access Control
• Security Misconfiguration
• Cross-Site Scripting (XSS)
• Insecure Deserialization
• Using Components with Known Vulnerabilities
• Insufficient Logging & Monitoring

• Collective intelligence to identify new threats
• Reputation-based threat protection
• Comment spam protection
• Block or challenge visitors by IP address
• Block or challenge visitors by AS number
• Block or challenge visitors by country code
• User agent blocking
• Zone lockdown
• Security level configuration

• Web Application Firewall (WAF): to protect the web applications vital to every business against external threats and to assure continuous service.
• Web Services Firewall (WSF): to protect the infrastructure, information networks and application servers against attacks while preventing denial of service and anticipating traffic overload.
• Web Access Management (WAM): to simplify Web access authentication while maintaining a high level of security, without agent deployment on the application server.

• Ensure application security and compliance
• Get comprehensive protection from advanced layer 7 attacks, OWASP Top Ten application security risks, and zero-day attacks—and enable compliance with key regulatory mandates.
• Get 24x7x365 expert service
• Receive 24x7x365 access to web application firewall (WAF) experts who build, proactively monitor, and fine-tune WAF policies against known and emerging threats.
• Deploy flexibly across hybrid environments
• Ensure consistent web application security, availability, and user experiences across traditional and cloud data centers.
• Defend with proven security effectiveness
• Leverage security efficacy with technology built on the NSS Labs–recommended F5 BIG-IP® Application Security Manager™ (ASM), based on tests that demonstrate 99.89 percent overall security effectiveness.
• Drive operational and cost efficiencies
• Remove the complexity of WAF management,
• increase the speed to deploy new policies, and
• decrease operational expenses.
• Gain attack insights and intelligence
• Access reports through the cloud-based customer portal and incorporate external intelligence for securing apps against identified threats. 

• Drive Efficiencies with a Comprehensive Web Application Firewall Service
• Receive Expert Policy Building and Monitoring
• Hybrid Policy Management and Deployment
• Defend with Proven Security Effectiveness
• Comprehensive Attack Protection
• Built-In Compliance and Reporting Capabilities
• Gain Attack Insights and Intelligence
• Comprehensive Managed Service App Protection
• Streamlined Self-Service App Protection
• The Silverline Cloud-Based Platform
• Flexible Licensing
• Add-On Threat Intelligence Services
• F5 Security Operations Center

• Proven Web Application Protection. FortiWeb protects against all the OWASP Top-10 threats, DDoS attacks and many others to defend your mission critical web-based applications
• AI-based Threat Detection. In addition to regular signature updates and many other layers of defenses, FortiWeb’s AI-based, dual-layer machine learning engines protect against zero-day attacks
• Security Fabric Integration. Integration with FortiGate firewalls and FortiSandbox deliver protection from advanced persistent threats
• Advanced Visual Analytics. FortiWeb’s visual reporting tools provide detailed analyses of attack sources, types and other elements that provide insights not available with other WAF solutions 
• False Positive Mitigation Tools. Advanced tools that minimize the day-to-day management of policies and exception lists to ensure only unwanted traffic is blocked
• Hardware-based Acceleration. FortiWeb delivers industry-leading protected WAF throughputs and blazing fast secure traffic encryption/decryption

• TCP SYN+ACK
• TCP FIN
• TCP RESET
• TCP ACK
• TCP ACK+PSH
• TCP Fragment
• UDP
• Slowloris
• Spoofing
• ICMP
• IGMP
• HTTP Flood
• Brute Force
• Connection Flood
• DNS Flood
• NXDomain
• Mixed SYN + UDP or ICMP + UDP Flood
• Ping of Death
• Smurf
• Reflected ICMP & UDP
• As well as other attacks

• Cross-Site Scripting
• SQL injection
• Slow HTTP DoS
• Cross-Site Request Forgery

• Focus on major threats. Correlation mechanisms reduce the number of alerts and highlight important incidents. Attack chain metrics simplify forensics.
• Instant Blocking. Defends against “self-inflicted” vulnerabilities in custom-built software with virtual patches that protect apps until insecure code is fixed.
• Protection against security bypass. Prevents most firewall bypass methods including HPC, HPP, and Verb Tampering.
• Behavioral analysis against robots. Automated malware protection prevents brute-force attacks, fraud, DDoS attacks, botnets, uncontrolled indexing, and data leakage.
• Evolving Security. Adapts to protect even the most dynamic applications that are constantly being refined and improved.

• Continuous Protection. Delivers continuous protection With a combination of positive and negative security, perpetual tuning and dynamic virtual patching.
• Ease of Use. Centralized management dashboards and an intuitive UI let you prioritize and respond faster and more effectively to threats.
• Multiple Deployment Options. Implement Trustwave WAF how you need it - inline or out-of-line and as a cloud service in Amazon Web Services or Microsoft Azure or as a physical or virtual appliance.
• Real-Time Threat Detection. Identify abnormal behavior, improve threat blocking and prevent outbound data leaks with bi-directional traffic analysis and behavioral profiling.
• Simplified Customization. Pre-define rules and customize scenarios to focus on the specific requirements of your applications and your business.
• Improved Performance. Take advantage of features outside of security to improve performance by load balancing traffic or identifying issues and trends in the web application environment.
• Built-in Threat Intelligence. The elite SpiderLabs team delivers ongoing application vulnerability and emerging threat information to the Trustwave WAF.
• Built-In Compliance Reporting. Includes pre-built best practice controls and reports for compliance mandates including the PCI DSS.
• Built-in Integration. Integration with Trustwave App Scanner provides customized protection for any application via virtual patching.

• WAPPLES (Appliance-type WAF product)
• WAPPLES SA (Virtual WAF optimized for cloud environment)
• Cloudbric (Cloud-based web security service)
• Cloudbric Business Edition (Web security delivered from Cloudbric or Partner infrastructure)

• Logic-analysis based COCEP™ engine protects websites against OWASP Top 10 risks
• Extremely low false positive rates through heuristic and semantic traffic analysis
• Utilizes 28 detection rules that can be fine-tuned to create robust custom security policies
• Defense from known, zero-day, and HTTP DDoS attacks
• Validity testing (Luhn: ISO/IEC7812) prevents leakage of sensitive data
• High Performance and Stability

• High processing power with in-memory computing capability
• Stable performance even with strict security policy settings enabled
• Increased bandwidth through bonding technology
• Easy to Install & Configure

• Quick setup with preconfigured security policies
• Statistics visualized on centralized dashboard
• Intuitive and easy-to-use GUI management console
• Increases efficiency in web security management

• Can be deployed in Reverse proxy, Inline, or High Availability (HA) configuration modes
• Support for EtherChannel and Multi-Segment
• Integration with SIEM (Micro Focus ArcSight, Splunk)

• Pre-inspection
• WAPPLES installation
• WAPPLES configuration
• Operation testing and demonstration
• Detection log analysis
• Analysis report
• Policy modification