SmartWAF™ from Armorize

Real-Time Protection at the Web Application Layer

SmartWAF™ is a host-based integrated Web Application Firewall (WAF) that hardens and regulates access by detecting and blocking malicious code embedded in web application traffic. As a software plug-in on the Web Server, it is not designed to replace existing network perimeter security controls such as stateful/proxy firewalls, antivirus gateways or reverse proxies but to complement them by protecting against attacks that these technologies typically miss.

  • Identifies, classifies and blocks malicious exploits embedded in the web traffic stream that specifically target web applications
  • Integrates with both CodeSecure™ and HackAlert™, importing their findings to explicitly block web application exploits targeted at vulnerabilities identified by those processes
  • Installs as a software plug-in directly on the web server (Apache, IIS) itself or on the security gateway (Microsoft ISA, IAG)

Installing SmartWAF™ as a web server plug-in offers the following advantages:

  1. Removes the single point of failure or bottleneck often experienced with a Network WAF
  2. Optimizes investment as security costs as scale linearly with web server infrastructure
  3. Allows creation of rule sets to suit specific web applications on the server avoiding a "one-size-fits-all" rule set minimizing number and complexity of firewall rules