Features and Benefits

WebApp Secure detects attackers before they have the chance to successfully establish an attack vector, and blocks them with client-level tracking that does not impact legitimate users. It works out-of-the-box, so there are no rules to write, and no signatures to update. It continually profiles attackers as they come onto the scene, and it maintains a profile of known application abusers and all of their malicious activity.

Ease-of-use deployment

• Acts as a reverse proxy with load balancing
• Available as a hardware appliance with high availability
• Available as a VMware or Amazon Machine Image
• Support for alternate ports (other than 80 and 443)

Secure management

• Updates are automatically downloaded and available within the Web UI
• Kernel is hardened, ports are locked-down, and backups are encrypted
• Monitoring is web-based
• Configuration is done through a Web UI with setup wizards or from the robust Command Line Interface
• Access control is role-based to allow for multiple administrators
• External authentication providers are supported, including LDAP and RADIUS
• Traffic for multiple applications or domains can be secured without the need for additional licenses

High Performance

• High availability for hardware version
• Higher throughput using master/slave clustering
• Low latency
• Link aggregation

Alerts, Reporting, Logging

• Alerts are sent by e-mail when specific incidents, incident patterns, or system failures occur
• SNMP traps are available for system logging
• Reports of attacker activity can be scheduled using the Web UI or retrieved on-demand
• Audit logs track changes to the system made by administrators and potential management interface break-in attempts
• Remote system logging, including a custom Device Support Module (DSM) for the Juniper STRM Series Security Threat Response Manager, is available
• RESTful API for third-party software integration is available

Abuse Recording and Analysis

• Full HTTP Capture–Captures and displays all HTTP traffic for security incidents
• Abuse Profiles–Maintain a profile of known application abusers and all of their malicious activity against the application
• Tracking and Re-identification–Enables application administrators to re-identify abusive users and to apply persistent responses, over time, and across sessions–Enhances tracking capabilities and fingerprinting of detected attackers
• Abuse Responses–Enables administrators to respond to application abuse with session-specific warnings, blocks, and additional checks; includes one-click automation of responses during configuration

Related Documentation

• WebApp Secure Overview
• Methodology
• Key Components
• Anatomy and Flow of an HTTP Request / Response