WEB APPLICATION FIREWALL
We offer the WAF as a dedicated application or as a service.
The Web Application Firewall systematically controls and filters all access attempts at all levels between users and services before they reach the customer application.
With Airlock WAF (included in the Airlock Gateway, a product of the Swiss software company Ergon Informatik) we offer a unique combination of protection mechanisms for web applications, including comprehensive protection against web application attacks such as the OWASP Top 10 vulnerabilities. This allows us to guarantee that the systems behind the WAF meet the requirements of ISO 27001:2022, ISAE 3000 (Type 2) and the FINMA circulars 08/7, RS 08/21 and RS 18/3.
WAF as a service by aspectra
Deployment
On-premise at the customer, on-premise in aspectra's data centres or in the public cloud - the choice is yours!
Threat intelligence
The WAF seamlessly integrates with Webroot's Threat Intelligence Service. Based on the categories and trust levels provided, rogue clients are automatically blocked and applications are further protected from misuse.
DevSecOps
A comprehensive REST API makes it easy to integrate the WAF into modern DevOps pipelines.
Swiss Product
Airlock WAF is developed in Switzerland by Ergon and operated by our own Web Security experts in Swiss data centres.
Policy Enforcement Point
In combination with an IAM, the WAF enables the central management of security policies and becomes the enforcement point allowing only filtered, authenticated and authorised access.
Application-level attack filtering
The WAF analyses traffic between users and services. Application attacks are blocked before they can access internal systems. The WAF provides comprehensive protection against the OWASP Top 10 vulnerabilities and enables centralised management of security policies.
Central hub
The WAF provides many interfaces to peripheral systems like SIEM, virus scanners, fraud prevention or HSMs. Thanks to the integrated Threat Intelligence Feed, the WAF reacts immediately to current threats on the Internet and protects systems against threats that were unknown yesterday. Additional components can be integrated via a highly available ICAP interface. Thanks to the integrated Threat Intelligence Feed, the WAF reacts immediately to current threats on the Internet and protects systems against threats that were unknown yesterday. Additional components can be integrated via a highly available ICAP interface.
Reverse Proxy functionality and High Availability
The WAF acts as a reverse proxy, enabling the virtualisation of internal services and applications to the outside world. The integrated load balancer also makes applications and services highly available. Even complex issues such as TLS security configuration and certificate management can be handled upstream at the central proxy.