Load balancing and application services used to rely on traditional (i.e. old fashioned) appliance-based web application firewalls.
That day has now passed, according to Avi Networks… a firm known for its so-called Intelligent Web Application Firewall (iWAF) technology.
Where [software] appliance based firewall technologies were (admittedly) constrained by the operational and performance limitations of the hardware upon which they say, Avi Networks says it has come forward with a software-only solution that operates as a centrally managed fabric across datacentres, private clouds and public clouds.
It is, by nature then, scale-out… as big as the web needs.
Wall of knobs
The assertion here is that traditional web application firewalls suffer what the company calls ‘wall of knobs’ complexity, that is – they present a massively complex surface of dials and switches all operating as controls for black boxes that provide little to no intelligence.
Avi’s elastic scale-out platform enables iWAF to perform at what is claimed to be 50X faster than legacy appliances, processing hundreds of Gbps of throughput and over a million transactions per second.
Also… iWAF protects web applications from common vulnerabilities identified by Open Web Application Security Project (OWASP), such as SQL Injection and Cross-Site Scripting, while providing the ability to customise the rule set for each application.
Don’t fly blind
“In the face of ever-increasing cyber threats, enterprises need to protect their most important revenue-generating assets: their web applications. We designed iWAF to be robust and secure for any application, traditional or cloud-native, under any amount of traffic,” said Guru Chahal, vice president of product at Avi Networks. “With the Avi Networks iWAF, IT teams no longer need to fly blind when writing and enforcing security policies.”
Additionally, iWAF analyses the security rules that match a particular transaction, providing this in real-time as applications and attack patterns evolve.
Based on this intelligence, one-click customisation of rules and exceptions could help reduce the problem of false-positive fatigue.
Essentially this product provides centralised management, elastic scale and closed-loop security analytics.
The Avi Networks iWAF is the latest component of the Avi Vantage Platform, which features a Smart Load Balancer and an Application Service Mesh.