Avi Web Application Firewall

Web application firewalls (WAFs) are intended to protect businesses from web app attacks and proactively prevent threats.
Traditional web application security solutions do not provide visibility and security insights that administrators can use to create an effective application security posture. Enterprises need real-time visibility into application traffic, user experience, security and threat landscape, and application performance to identify and protect against the most sophisticated attacks.

Avi Vantage leverages software-defined architecture and its strategic location on the network to gain real-time application insights. The built-in WAF solution provides application security and networking teams with an elastic and analytics-driven solution that scales and simplifies policy customization and administration through central management.

Avi Vantage provides a script called avi-iwaf-vpatch.py that imports DAST scanner results. The imported results are used to construct a WAF Policy that protects from the security threats found by the scanner. The technique is often called virtual patching.

Avi WAF plays an integral role in a defense-in-depth strategy that does comprehensive threat analysis, mitigates risk, provides zero-day protection against unpublished exploits and optimizes application security.

Avi WAF is built on the core design principles shown below to ensure that WAF is a simple yet comprehensive security solution.

The following table provides a comprehensive list of links to documentation for WAF in Avi Vantage: