No ordinary WAF.



Validation Engine

  • Cookies
  • URL query string parameters
  • HTML form fields
  • Injection
  • URLs
  • Virtual host name
  • SSL-only
  • HTTP protocol specification

Content Processing Engine

  • HTML parser
  • JavaScript interpreter
  • Adobe® Flash® parser
  • Stylesheet parser

Reporting/Alerting Engine

  • Syslog/Windows® Event Log
  • E-mail
  • Well-formed XML
  • Windows network message™ stands out among Web application firewalls for its unique ability to automatically identify allowed behavior based on the content of the website itself.

The "rules" (allowed behavior) are fed to the Validation Engine by the Content Processing Engine which are extracted from the website by the HTML parser, JavaScript interpreter, SWF parser, and stylesheet parser modules. A site-specific ruleset is dynamically created in real time. The real time nature means that as the website content changes, revised rules are automatically reflected in the Validation Engine.

Malicious traffic blocked by the Validation Engine is logged to a well-formed XML file, as well as the Linux syslog or Windows event log. Alerts in the form of e-mail, network pop-up, or HTTP POST (the body of which is an XML representation of the alert) can also be triggered.

This unorthodox approach to solving the Web application security problem makes a proactive solution that:

  1. installs quickly
  2. requires virtually no on-going administration
  3. delivers lowest total cost of ownership

A modest investment in as part of your overall PCI 6.6 compliance strategy could prove invaluable.