Intelligent Web Application Firewall (iWAF)
Web application security with point-and-click simplicity and web-scale performance

Avi Vantage delivers multi-cloud application services including a Software Load Balancer, Intelligent Web Application Firewall (iWAF) and Container Ingress. Avi’s iWAF delivers high-performance and simplifies web application security, with customized application security enforcement and security policies per application or tenant.

Avi iWAF helps achieve compliance with GDPR, HIPAA and PCI DSS with a range of web application security features. It minimizes false positives with advanced security analytics, detection and enforcement modes, and protects applications from DDoS attacks and OWASP Top 10 threats with real-time app security insights and visibility.

iWAF is delivered as part of the Avi Vantage Platform which provides a distributed web security fabric with central policy management, on-demand autoscaling, and built-in analytics for securing multi-cloud applications.

I believe there is no valid reason to provision a web application on the internet without a WAF. This is especially important to us since Swisslos needs to be compliant with industry regulations and certifications.

Joris Vuffray
Head of Network & System Management | Swisslos

Centralized Application Security Management

  • IP protection (GeoIP blocking)
  • Data leakage protection (error message suppression, leakage of personally identifiable information such as credit card or SSN numbers)
  • Input protection (SQL injection, cross-site scripting (XSS), local/remote file inclusion, remote code execution, PHP code injection, path traversal, session fixation)
  • HTTP validation (limit HTTP allow method, encoding bypass detection, HTTP response splitting, HTTP parameter pollution)

Multi-Cloud Security Fabric

  • Security stack includes WAF, applicate rate limiting, DDoS protection, SSL/TLS, white/black list and L3-L7 security rules
  • Per-app deployments and elastic scaling across data centers and multi-cloud environments
  • GDPR, HIPAA, and PCI compliance with a scalable and distributed software application services platform
  • Distributed web application security fabric enforces security using built-in analytics to make intelligent decisions

Secure Web Applications
and Achieve Compliance

Security breaches are on the rise and web application attacks rank #1 according to the Verizon Data Breach Investigations in 2017 and 2018. Learn how Avi iWAF and a comprehensive set of security features help achieve:

  • Point-and-click simplicity for policies with central control
  • Elastic scale with highly performant, automatic scale-out architecture
  • App insights on traffic flows and rule matches to enable precise security policies
  • Compliance with GDPR, HIPAA and PCI
Secure Web Applications

Real-Time Visibility and Security Analytics

  • Visualizing security details including information about SSL versions, ciphers used in transactions, real-time DDoS attack data, and system health scores
  • Granular security insights on traffic flows and rule matches help inform precise policies
  • One-click customization of rules and exceptions to significantly reduce the problem of false-positives


Automation and Programmability

  • Automated attack blocking (scanner detection, brute force attacks)
  • 0-day attack protection with WAF based on machine learning (Shellshock, HTTPoxy)
  • Application specific security (Drupal, WordPress)

Ready to See Avi in Action?

Schedule a Demo
Virtual Summit