Intelligent Web Application Firewall (WAF)
Web Application Security with Point-and-Click Simplicity and Web-Scale Performance

Complete Application Security Management

Avi Networks delivers multi-cloud application services including a Software Load Balancer, Intelligent Web Application Firewall (WAF) and Container Ingress. Avi’s WAF delivers simplified and highly scalable application security,  with visibility and security insights that help customize a comprehensive application security policy per application or tenant.

Diagram depicting Intelligent Web Application Firewall (iWAF), showing delivery of simplified and highly scalable application security.

Avi WAF offers a comprehensive set of web application security features and helps achieve compliance with GDPR, HIPAA and PCI DSS. It minimizes false positives with a positive security model, WAF learning mode and advanced application security analytics. WAF protects applications from DDoS attacks and OWASP top 10 threats with real-time app security insights and visibility.

WAF is delivered as part of the Avi Platform which provides a distributed web security fabric with central policy management, on-demand autoscaling, and built-in analytics for securing multi-cloud applications.

I believe there is no valid reason to provision a web application on the internet without a WAF. This is especially important to us since Swisslos needs to be compliant with industry regulations and certifications.

Joris Vuffray
Head of Network & System Management | Swisslos

Optimized App Security Pipeline

  • Application allow-list effectively bypasses known, trusted sources such as DAST scan output and internal IP addresses
  • Positive security with WAF learning mode efficiently models good traffic behavior with automatically programmed rules
  • Signature-based protection is based on core rule set (CRS), live feeds from Avi Pulse cloud services and application-specific frameworks

WAF diagram showing unvalidated traffic moving through accept list, positive security and signatures to become validated traffic and move to the app.

Real-Time App Security Insights

  • Real-time visibility and application security analytics includes SSL versions, ciphers, real-time DDoS attack data, and system health scores
  • Granular app security insights on traffic flows and rule matches help inform precise policies
  • One-click customization of rules and exceptions significantly reduces the problem of false-positives
 Image showing iWAF through screenshot of real-time app security insights.

Secure Web Applications
and Achieve Compliance

Security breaches are on the rise and web application attacks rank #1 according to the Verizon Data Breach Investigations in recent years. Learn how Avi WAF and a comprehensive set of app security features help achieve:

  • Point-and-click simplicity for policies with ease of use and central control
  • Elastic scale with highly performant, automatic scale-out architecture
  • Granular app security insights on traffic flows to enable precise security policies
  • Compliance with GDPR, HIPAA and PCI
Secure Web Applications

Centralized Application Security Management

  • OWASP Top 10 threats including Input protection (SQL injection, cross-site scripting (XSS), local/remote file inclusion, remote code execution, PHP code injection, path traversal, session fixation)
  • HTTP validation (limit HTTP allow method, encoding bypass detection, HTTP response splitting, HTTP parameter pollution)
  • IP protection (GeoIP blocking)
  • Data leakage protection (error message suppression, leakage of personally identifiable information such as credit card or SSN numbers)

Image depicting screenshot of centralized application security management, a component of WAF.

Multi-Cloud Security Fabric with Simplicity

  • A comprehensive application security stack includes WAF, application rate limiting, DDoS protection, SSL/TLS encryption, access control list (ACL), authentication and authorization, and L3-L7 security rules.
  • Per-app deployments and elastic autoscaling across data centers and multi-cloud environments
  • GDPR, HIPAA, and PCI compliance with a scalable and distributed application security platform
  • A distributed web application security fabric uses built-in analytics to make intelligent decisions

Image depicting WAF with a screenshot of application showing multi-cloud security fabric with simplicity

Ready to See Avi’s Intelligent Web Application
Firewall in Action?

Schedule a Demo