When it comes to web security, staying ahead of evolving threats will be a great advantage to organizations. Cyber threats evolve fast, and web application firewalls (WAFs) need to keep up. That’s why we’re excited to introduce WAF 3.5, packed with enhancements that make security stronger and management more efficient.
Mitigating Attacks Under TAP Mode: Blocking Without the Hassle
In the world of WAF deployment, there are two main categories: modes that block attacks, like inline or reverse proxy, and modes that only detect them, like bypass monitoring. Historically, if you wanted to block attacks, you had to deploy your WAF inline, which could be complex and disruptive to your network. But what if you could block attacks without being deployed inline? That’s where the new Bypass Blocking Mode comes in.
With the new Bypass Blocking Mode, WAF can now actively terminate malicious TCP connections even in bypass mode. Here’s how it works: In this mode, the WAF is connected to a switch that mirrors traffic to its bypass interface. When a security policy with a “block” action is triggered, the WAF sends RST packets to both the client and server through its bypass control interface, effectively terminating the TCP connection and blocking the attack. It brings minimal network disruption and web security at the same time.
Smart Client IP Identification: Because Knowing Who’s Who Matters
Accurate client IP identification is critical for effective security. Without it, you can’t properly enforce rate limiting, blocking, or other security rules. But in today’s complex networks—filled with proxies, load balancers, and mixed IPv4/IPv6 environments—identifying the true client IP can be a headache.
WAF 3.5 introduces enhanced X-Header parsing capabilities that are nothing short of revolutionary. It allows you to retrieve the client IP from a specific position in the X-Header, and use the X-Header IP as the client IP, even if it belongs to a different address family than the network layer IP. As a result, it provides better protection against IP-based attacks.
HSM Integration: One Platform to Rule Them All
Managing multiple WAFs across your network can be a logistical nightmare. Keeping track of firmware versions, licenses, and threat statuses is time-consuming and error-prone.
WAF 3.5 now integrates seamlessly with HSM, allowing you to view the posture and threat status of all managed WAFs from a single dashboard, manage service pools, licenses, and firmware upgrades, and perform operations like database upgrades and configuration changes across multiple devices. It helps you get a clear, unified view of your WAF infrastructure.
WAF 3.5 represents a step forward in web application security. From the innovative Bypass Blocking Mode to smart client IP identification and centralized management, these features address real-world challenges that security professionals face every day. For more details, reach out to Hillstone Networks representative.
