Airlock WAF protects mission-critical, web-based applications with modern and dynamic filters. As a central security instance within the Airlock Secure Access Hub, it analyses every http(s) request for attacks and thus blocks any attempt at data theft and manipulation. In combination with Airlock IAM and Airlock API a unique architecture for web application security exists.
Filtering of application-based attacks
Airlock WAF analyses traffic between users and services. Attempted attacks on applications are blocked
before they can reach the in-house systems. Airlock WAF provides comprehensive protection against the OWASP Top 10 vulnerabilities and enables centralised management of security policies. Thanks to these innovative security functions, you can always stay ahead of attackers.
Policy Enforcement Point
Working in conjunction with Airlock IAM, Airlock WAF serves as a policy enforcement point for security guidelines, allowing only filtered, authenticated and authorised access. This combination of access management and content filtering guarantees security, with no compromises.
Thanks to built-in dynamic reporting, decision makers have an overview of attempted attacks at all times. Operational problems such as performance bottlenecks or back-end problems are also displayed.
Interactive drill-down from the dashboards, along with the display of the log lines causing the issue, facilitate the in-depth analysis of every attempted attack. In addition, Airlock is CEF certified, which enables integration with common SIEM solutions. For Splunk there is even an in-house Airlock Splunk App available.
Reverse proxy functionality and high availability
Airlock WAF is a reverse proxy that makes it possible to virtualise in-house services and applications for external access. The integrated load balancer also ensures the high availability of applications and services.
Even complex issues such as the configuration of TLS security and certificate management can be dealt with upstream on the central proxy. Thanks to integrated Let’s Encrypt support, certificate renewals can even be completely automated.
Efficient and powerful configuration options allow full adaptability without customisation and future updates become easy. Thanks to a flexible licensing model, customer-specific requirements can be met.
Airlock WAF provides a host of interfaces with peripheral systems such as SIEM systems, virus scanners, fraud-prevention systems and HSMs. Thanks to its integrated threat intelligence feed, Airlock WAF reacts immediately to real-time threat situations on the Internet, protecting systems from new and potentially harmful hazards. Additional components can be integrated via the high-availability capable ICAP interface.
With its comprehensive REST API, Airlock WAF is easy to integrate into modern DevOps pipelines and can be supplied as hardware, virtual appliance or cloud image. Early integration of the security in application development cycles, including the new Docker- and Kubernetes-philosophies, allows Airlock WAF to offer flexible security. Attained configurations can therefore easily and efficiently be transferred between the different environments. Auto-Learning-Mechanisms support fast deployment of Airlock WAF.
Other products from
Airlock WAF - Protects applications. Securely. is assigned to following product groups:
- Application security (134)
- Banking (IT security solutions) (123)
- Cloud (computing) security (242)
- Compliance/GRC (products and services) (163)
- Data protection (products and services) (263)
- Denial of service protection (40)
- Health services (IT security solutions) (81)
- Industrial IT security (197)
- Network Access Control (NAC) (50)
- VoIP security (65)