Now the network *** Evolution of increasingly diverse and complex, so-called magic goes Road ridge, network protection technology strategy is getting stronger. Today we'll talk about what the main defense system WAF is, what its main function is? WAF WEB application firewall that is, the site is called application-level defense system *** English: Web Application Firewall, referred to as: WAF. Internationally recognized argument is: Web application firewall is provided by performing a series for HTTP / HTTPS security policy specifically for Web applications (commonly known as website) protection of the product.
That website defense system WAF why it? Now mainly large and small, many types of sites, but also know that these *** sites do not all do the highest level of security protection system, so if they bring their interests *** site will output . Ink security WAF tell you what to do it? Characterized by application to access the site will request all through the application layer, when *** *** will automatically identify the type, characterized in that the application layer. This time will WAF to block access to malicious request in accordance with the appropriate rules.
What is the main function of WAF is it?
1, WAF can request access control, you can proactively identify, blocking traffic ***, as now intelligent AI, can take the initiative to find a security threat to its defense. Not limited to rules and policies in the passive state to protection.
2, high flow for malicious behavior *** WEB-called CC ***, *** this is hard to find and defense. Mimic real users continue to access their request, which requires WAF identification system to identify effective access request, malicious, cleaning the filter protection. This operation may be better to avoid and mitigate the normal access requests, not manslaughter. *** vulnerability by modifying the implant site and other operations sites and directories as well as files from unauthorized destruction, will become the site for fishing, Jurisprudence and other illegal sites, as well as SQL injection, XSS cross site scripting, etc. *** It can be done timely and effective protection and recovery. Therefore, the purpose of existence WAF network defense system is to request malware filtering cleansed, reflecting the normal flow into the source station, now at high risk for H5 pages, games, APP, websites, payment and other industries, our most common is the DDOS * **, CC ***, of course, in their defense, they also are by the DNS, replace the hidden source IP, the use of WAF fingerprinting architecture, all access requests filter cleaning, normally returned to the client access requirements.
