A web application firewall (WAF) is a security platform that helps protect web applications from a range of attacks by monitoring and filtering incoming and outgoing HTTP/HTTPS traffic between a web application and the internet. The WAF is designed to operate at the application layer and uses a set of rules to identify and block malicious traffic before it reaches the application.

One potential use case for a WAF is in the healthcare industry, where web applications are often used to manage patient data. For example, a hospital may have a web application that allows patients to access their medical records online. A WAF can be deployed in front of the web application to protect against common web application attacks.

The WAF would be configured to monitor incoming traffic to the web application, and if it detects any suspicious activity that matches the defined rules, it would block or redirect the traffic to a safe destination. The WAF can also be configured to log all activity for forensic analysis and compliance purposes.

Implementation

WAFs can be implemented by a network security appliance deployed on-premise or as a cloud-based service. The primary function of a WAF is to protect against common web application attacks. By blocking these types of attacks, WAFs can help prevent data breaches, website defacement, and other types of cyberattacks that can result in financial losses and reputational damage.

There are several requirements in the making of web application firewall:

SSL Acceleration

SSL is critical to WAF as a CPU offloading method for the heavy-duty public key encryption. For optimal performance, it is recommended to have a hardware accelerator.

DPI

Since the WAF is deployed between the enterprise server and the users, one of the major missions of the WAF is to monitor the traffic and block the malicious attempts. This requires an efficient DPI (Deep Packet Inspection) backed up by powerful hardware.

High-performance and high-throughput

As DPI and SSL are both CPU-intensive, the required hardware architecture for WAF deployments must offer dedicated processing capability to run software securities.

High-availability

WAF runs on a 24/7 basis and therefore, high-availability regarding power supply is critical to the optimization of WAF.

Scalability

Since web application services may expand as customer base grows, enterprise WAFs must be scaled up by hardware means in order to boost performance and accelerate critical applications in the simplest way.


Talk to Us
 

Solutions

Lanner network appliances are widely used as a web application firewall (WAF) to protect against attacks targeting web applications, providing a reliable and scalable hardware solution for web application security. The Lanner network appliance would be configured to run the WAF software, which would inspect incoming traffic for signs of malicious activity.

NCA-5710 is powered by Intel’s Xeon Processor Scalable Family and Intel C627 or C621 chipset, delivering dual CPU performance and networking features, including Intel QuickAssist Technology, Intel AVX-512 instructions, Intel Hyperscan and Data Plane Development Kit (DPDK). With support for up to 384GB DDR4 system memory at 2666 MHz, the NCA-5710  maximizes packet processing efficiency for network security functions and cryptography acceleration.

For optimal networking tasks, the NCA-5710 comes with dual LGA3647 CPU sockets and can be configured with either 4x GbE RJ-45 or 4x 10G SFP+ ports. The LAN expansion is made possible by way of its 4x NIC module slots that offer support for 10G/25G/40G/100G fiber/copper/bypass specifications.

Overall, using a Lanner network appliance to deploy a web application firewall provides a cost-effective and scalable solution for protecting web applications from cyber attacks. It allows organizations to mitigate the risks associated with running web applications, while also ensuring the availability and integrity of critical business data.

Featured Product


NCA-5710

1U Rackmount Network Appliance for Network Traffic Management and Virtualized Network Security

CPU 2nd Gen Intel® Xeon® Processor Scalable Family (Skylake-SP/Cascade Lake-SP)
Chipset Intel® C621/627

Read more