Intelligent Web Application Firewall (iWAF)
Web application security with point-and-click simplicity and web-scale performance

Avi Vantage delivers multi-cloud application services including a Software Load Balancer, Intelligent Web Application Firewall (iWAF) and Container Ingress. Avi’s iWAF delivers high-performance and simplifies web application security, with customized application security enforcement and security policies per application or tenant.

Avi iWAF helps achieve compliance with GDPR, HIPAA and PCI DSS with a range of web application security features. It minimizes false positives with advanced security analytics, detection and enforcement modes, and protects applications from DDoS attacks and OWASP Top 10 threats with real-time app security insights and visibility.

iWAF is delivered as part of the Avi Vantage Platform which provides a distributed web security fabric with central policy management, on-demand autoscaling, and built-in analytics for securing multi-cloud applications.

I believe there is no valid reason to provision a web application on the internet without a WAF. This is especially important to us since Swisslos needs to be compliant with industry regulations and certifications.

Joris Vuffray

Head of Network & System Management | Swisslos

Read Case Study

Centralized Application Security Management

IP protection (GeoIP blocking)
Data leakage protection (error message suppression, leakage of personally identifiable information such as credit card or SSN numbers)
Input protection (SQL injection, cross-site scripting (XSS), local/remote file inclusion, remote code execution, PHP code injection, path traversal, session fixation)
HTTP validation (limit HTTP allow method, encoding bypass detection, HTTP response splitting, HTTP parameter pollution)

Multi-Cloud Security Fabric

Security stack includes WAF, applicate rate limiting, DDoS protection, SSL/TLS, white/black list and L3-L7 security rules
Per-app deployments and elastic scaling across data centers and multi-cloud environments
GDPR, HIPAA, and PCI compliance with a scalable and distributed software application services platform
Distributed web application security fabric enforces security using built-in analytics to make intelligent decisions

Secure Web Applications
and Achieve Compliance

Security breaches are on the rise and web application attacks rank #1 according to the Verizon Data Breach Investigations in 2017 and 2018. Learn how Avi iWAF and a comprehensive set of security features help achieve:

Point-and-click simplicity for policies with central control
Elastic scale with highly performant, automatic scale-out architecture
App insights on traffic flows and rule matches to enable precise security policies
Compliance with GDPR, HIPAA and PCI

Real-Time Visibility and Security Analytics

Visualizing security details including information about SSL versions, ciphers used in transactions, real-time DDoS attack data, and system health scores
Granular security insights on traffic flows and rule matches help inform precise policies
One-click customization of rules and exceptions to significantly reduce the problem of false-positives

real-time-visibility-and-security-figure

Automation and Programmability

Automated attack blocking (scanner detection, brute force attacks)
0-day attack protection with WAF based on machine learning (Shellshock, HTTPoxy)
Application specific security (Drupal, WordPress)

Ready to See Avi in Action?

Schedule a Demo

Featured Resources

Solution Brief